The rapid move to a remote workforce and online operations during the COVID-19 pandemic has made it difficult for companies to secure their new IT environments at a time when hackers are seeking to exploit the stresses and distractions brought by COVID-19. IT teams are also stretched thin, spending time troubleshooting connectivity challenges and other problems while bandwidth demands are challenging VPNs and other resources.
All of this puts companies at greater risk for cyber-attacks, technology failures, and business interruption, according to panelists during a recent Marsh webcast — now available for replay — part of its continuing series on the pandemic.
A cyber insurance policy may respond to many of these elevated threats and provide pre-breach loss prevention and mitigation services, explained Meredith Schnur, US cyber brokerage leader for Marsh. But coverage may not apply in some situations because of infrastructure exclusions, voluntary shutdown coverage limitations, and limitations in computer system, network, and system failure definitions.
Schnur recommended that policyholders catalog their data and assets prior to a cyber event and work with advisors to understand exactly what’s covered under cyber policies before an incident occurs, which is especially important at a time when companies are operating in crisis mode. Organizations with upcoming cyber insurance renewals should also be prepared to provide underwriters with more detail on their overall business resilience.
Aside from insurance, businesses should focus on three main areas to protect themselves against cyber risks, according to Tom Fuhrman, a managing director at Marsh Risk Consulting. These include bolstering IT infrastructure, identifying and addressing cyber operational challenges, and providing guidance to employees on how to stay as secure as possible.
The special webcast also took a close look at the pandemic’s effects on global supply chains, which have seen massive disruptions and reductions in output. Dr. Michael Lierow, global leader of Oliver Wyman’s supply chain practice, underlined the need for organizations to focus their immediate attention on creating transparency within supply chains, which can allow for agile responses while preserving liquidity.
Organizations should also look ahead, Dr. Lierow said, considering how various scenarios could affect their supply chains and identifying measures they will need to take in each instance. More broadly, businesses will need to find ways to improve their supply chain resilience.
A significant portion of the webcast was devoted to audience questions. Renata Elias, a senior consultant within Marsh Risk Consulting’s Strategic Risk Practice, stressed that now is the time for organizations to review and update their business continuity plans and formalize any procedures that have been put in place in recent weeks.
Christine Williams, managing director within Marsh’s Workers’ Compensation Center of Excellence, encouraged employers to take preventive measures that can reduce workers’ compensation claims costs, including cleaning and disinfecting workplaces regularly, communicating with employees, and promoting social distancing even after employees return to workplaces.
Daniel Kaniewski, a managing director within the public sector team at Marsh & McLennan Advantage and a former Bush and Trump administration official, said governments will remain actively engaged in protecting people even after stay-at-home orders are lifted. Businesses and people should expect governments to continue evaluating the situation and potentially reintroduce social distancing measures when outbreaks are identified.