We're sorry but your browser is not supported by Marsh.com

For the best experience, please upgrade to a supported browser:

X

Risk in Context

COVID-19: Next Steps For Your Cyber Insurance

Posted by Kelly Butler 14 April 2020

Organisations face increased cyber challenges as COVID-19 continues to spread, with core activities often disrupted or needing to be adapted.

As organisations respond to urgent and changing business needs, it is vital that they continue to make cybersecurity a priority. One aspect of this is understanding the pandemic’s implications for cyber insurance.

Risk professionals should work with their insurance advisors to review carefully cyber insurance policy language. They should also refresh their awareness of all incident-response services available under their policies and how to make best use of them should an incident occur.

Policy Response

With many organisations already operating in crisis mode, incident-response services are more vital than ever. You should work with your cyber insurance advisor to ensure you understand:

  • How to access your incident response coverage — do you need to call a hotline or report through your advisor?
  • Is a pre-approved panel of forensic experts available to help investigate an incident? Is your information security team aware of this benefit?
  • If you have a ransomware event, does your cyber policy include coverage for resolving it? Does your insurer provide access to a third party that can facilitate payment of a ransom quickly if required?
  • Are there policy conditions you need to comply with to ensure coverage will apply? For example, is pre-approval required before you incur forensic costs?

Renewal Preparation

Insurers across all lines of business are concerned about the pandemic’s impact on the risks they insure and the losses they may face.

From a cyber insurance perspective, organisations should expect underwriters to look at overall business resilience in more detail to gauge how organisations are grappling with the expanded attack surfaces created by remote workforces and other users.  Underwriters will also want to review how increased dependence on technology may affect organisations’ ability to respond to disruption in their own operations as well as their extended supply chains. 

Organisations should anticipate questions from insurers on some or all of the following issues:

  • Any expected financial impairment due to the pandemic that may affect investment in cybersecurity or technology.
  • Working from home policies — be prepared to explain any relaxation of usual cybersecurity and privacy policies during these unprecedented times.
  • Deployment and management of bring-your-own device versus company-owned devices, in particular mobile device management solutions.  
  • Activation and mandates for employees and other users to utilize multi-factor authentication to access the organization’s systems.
  • Methods of securing access via virtual private networks and other secure remote-access protocols, including:             
                 -   Employee/user training on the use of public and home WiFi for business communications.
                 -   Disabling of USB ports, thereby limiting the likelihood of data leakage in a home-working environment. 
                 -   Guidance provided to employees/users regarding securing connections, the sharing of confidential information to personal devices, and/or proper use, storage, and disposal of printed confidential information.
  • Any increased phishing training and/or similar cyber awareness activity.
  • Establishment of a legally reviewed policy/procedure for personal data regarding employees or customers with COVID-19.
  • Existence of a designated business continuity plan (BCP) for IT security. Is it being implemented now? And what is the effect on the organization of its critical suppliers’ and vendors’ BCPs?

The global Marsh Cyber practice is well-positioned to help you review your coverage in the context of your incident response plans, and to help you to prepare the right information in light of these changing or new requests from insurers.

For more information, email kelly.butler@marsh.com  

Kelly Butler

Kelly oversees client advisory and placement services for Cyber and Technology risk throughout the region. In addition, Kelly also serves as the senior cyber risk advisor for some of Marsh’s largest clients and sits on the Marsh global Cyber board. Kelly joined Marsh in 2016 to build Marsh’s Cyber practice and has over 21 years insurance experience gained in Australia, New Zealand and the UK, with the last 10 years spent designing Cyber and financial lines insurance programs for large corporate and publicly listed clients. Before joining broking, Kelly worked with leading global insurers in claims management handling complex Liability, Directors and Officers (D&O) and Professional Indemnity litigation. Kelly has extensive knowledge of Cyber, Technology, D&O Liability, Professional Indemnity and Crime insurances products. Kelly is an industry leader in cyber, educating insurers, clients and brokers on business risks and customising coverage to manage specific challenges across all industry verticals.