How to Stress Test your Cyber Risk Management
Public sector organisations hold and process a vast amount of information, including personal data about individuals. Most commit significant resource to ensuring their IT network and working practices have been updated to reflect a modern business landscape. However, there remains little real understanding of the limitations their insurance programmes may have if it all goes wrong:
- General liability policies traditionally require there to be bodily injury or physical damage to property. Will there be any cover if you have lost data or transferred a virus?
- Business interruption policies do not typically trigger unless there has been a physical damage event. Increased costs you incur to manage a data breach are unlikely to be covered. Who pays to contact every person who has been affected and who pays for supporting those people once their data is being used illegally?
The unbudgeted costs emanating from a breach will inevitably impact on front line services and a public sector organisation will need to work hard to repair reputation with its customer base.
Marsh's Cyber Risk Self-Assessment Tool will help you understand:
- How relevant the consequences of a cyber-event would be to your organisation.
- Which financial losses can be covered within new cyber insurance policies.
- To what degree of complexity are cyber risk scenarios fully recognised and measured by your organisation.