By Tim Danna | Commercial Agent
We’re well into 2017 and are becoming comfortable with the consistent news of organizations being breached and information held hostage. We’ve also heard of organizations with lax security precautions taken. This leads to user data leaked as a consequence of poor efforts to secure client data and company networks.
One instance recently occurred, where approximately 200 of voter profiles were leaked due to poor security measures put in place. Names, addresses, birth dates, social media posts etc., were downloaded and leaked due to improper security procedures. Over 1 Terabyte (1,000 Gigabytes) of data to be more specific.
This has potentially crippling consequences to any company. Without the proper backing from a legal team, a full stand-alone cyber insurance policy, and an organized in-house Cyber Breach Response teams found breaches have soared into the millions. In some cases has permanently shut down businesses.
Now, supposing you have the appropriate set of layered securities in place. You have a trained Breach-Response Team and appropriate Cyber Policy and Legal Team backing you up. Now, what are the necessary steps to take when a breach occurs?
Step number one is to assemble your business’ Cyber Response Team. Making sure to bring everyone up to date and on the same information. Next, be sure to immediately reach out to your insurance carrier’s claims department. They will be your main point of contact and a guide in possibly dark and complex times.
In these incidences, time is of the essence. Knowing who your claims representative is ahead of time, and considering them members of your Cyber Response Team will aid in maximizing efficiency in an instance where every moment counts.
The initial conversation will mark the beginning of what is called the breach-response life-cycle. Your Claims Manager will inquire with you about the unauthorized disclosure, data theft, data ransom, or complete loss as a key activity in the forensic and legal analysis of your specific occurrence. This can include a third party approved by your carrier depending on the complexity and overall size of the loss in question.
Following this step, is the coverage letter. This letter will list the coverage you’ve purchased in great detail. The coverage letter typically provides additional information about this type of occurrence. This information is usually available to you from your broker, agent or carrier, and should be reviewed by your Response Team in preparation for a breach.
At this point, the monetary value of the breach will begin to show in the form of public relations costs, data recovery, victim/client notification, new systems and securities implemented, credit monitoring etc. These are all tasks and items that are coordinated, implemented and invoiced by your Claims Team. Be sure you keep close contact with both your in-house Response Team and carrier Claim Team. This will ensure open communication and efficacy.
Payday Lender Wonga was hit in April by a clever hacker. This individual had recently hacked their systems to steal over $3.1 million dollars from just over 9,000 of their users. The follow-up breach affected over a quarter of a million users making it one of the largest hacks this year.
A Cyber Breach is a burdensome undertaking, but with a fair amount of preparation and swift coordinated action, the pains can be made bearable and costs manageable. It’s no longer a matter of if it will happen. It’s now only a matter of time, and will you be ready when that time comes?