Reliable access to the fourth emergency service
By Martin Bartholomew Cyber Claims Specialist
We all rely on three highly skilled response teams that we hope we’ll never use: the police, the ambulance service, and the fire department. Each will rush to our aid if we dial 911. Now, in the digital age, there’s a fourth essential emergency service.
Cyber risk insurers provide businesses with reliable, instant access to IT breach response specialists.
Every business should have a comprehensive cyber insurance policy that covers doomsday cyber scenarios. Policies from Miller provide lightning-fast response to get businesses back up and running the fastest way possible. Experienced breach engineers are on call 24/7 to start working as soon as a hack is discovered or a ransom demand made. Without cyber cover, these services are much more difficult and costly to obtain.
As a cyber claims manager, I’ve seen just how valuable those services can be, even when businesses have taken the essential precautions.
In one case, a component manufacturer was locked out of its systems due to a ransomware attack. They had two backup systems – both, they thought, safely offline – but the hackers managed to delete them. Worse, the criminal extortionists had exfiltrated sensitive intellectual property, and threatened to auction it to the insured’s competitors.
The attack occurred on the Friday afternoon of a long weekend. The insured informed us immediately, and we contacted the insurer and the breach response specialists. They assessed the situation and instructed various retained experts from the highest-ranked specialists in their field who (unlike the client’s in-house IT team) have handled hundreds of similar crises.
With everyone on board, it was quickly obvious that the client’s USD10m coverage limit would be insufficient to cover a sustained shut-down, since every day without trading cost more than USD2m. Business interruption losses alone would have exhausted the policy in a week. With the back-ups disabled, the ransom payment was agreed. The decryption key provided by the hackers worked, and by Tuesday the business was back up and running. Sustained failure to recover data can be disastrous for any company. Imagine a law office which loses all its current documents, calendar entries, contacts, and billing ledgers. That means, in the digital age, that as well as being temporarily unable to operate, the absence of critical business information could lead to many more, additional claims arising from the firm’s inability to act on behalf of its clients in a timely way.
In one case, a component manufacturer was locked out of its systems due to a ransomware attack. They had two backup systems – both, they thought, safely offline – but the hackers managed to delete them. Worse, the criminal extortionists had exfiltrated sensitive intellectual property, and threatened to auction it to the insured’s competitors.
The attack occurred on the Friday afternoon of a long weekend. The insured informed us immediately, and we contacted the insurer and the breach response specialists. They assessed the situation and instructed various retained experts from the highest-ranked specialists in their field who (unlike the client’s in-house IT team) have handled hundreds of similar crises.
With everyone on board, it was quickly obvious that the client’s $10 million coverage limit would be insufficient to cover a sustained shut-down, since every day without trading cost more than $2 million. Business interruption losses alone would have exhausted the policy in a week. With the back-ups disabled, the ransom payment was agreed. The decryption key provided by the hackers worked, and by Tuesday the business was back up and running.
Sustained failure to recover data can be disastrous for any company. Imagine a law office which loses all its current documents, calendar entries, contacts, and billing ledgers. That means, in the digital age, that as well as being temporarily unable to operate, the absence of critical business information could lead to many more, additional claims arising from the firm’s inability to act on behalf of its clients in a timely way.
The safest and most economic outcomes are much more likely to be achieved when emergency breach response experts are involved.
These include expert negotiators. In one recent case such specialists talked a USD10m demand down to USD6m, leaving the client with more insurance limit intact to cover business interruption and other breach-related expenses.
Even with good backups, restoration-time may be far longer and costlier than decryption. Plus, hackers increasingly threaten to release sensitive stolen data if the ransom is not met, making payment preferable. However, that’s not always the case. Breach response specialists will sometimes look at all the variables and recommend a refusal. Whatever the decision, the services of cyber emergency first responders are clearly invaluable.
In a world where every business is vulnerable to cyber extortion, every business must have unfettered access to them. The only reliable way to ensure they’re standing by to help you when you need them most is to have a stand-alone cyber insurance policy.
The experts at Miller would be delighted to arrange cover for you.
Miller Insurance Services LLP
70 Mark Lane
London
EC3R 7NQ
T +44 20 7488 2345
Miller Europe SRL
7IT Tower, 480
Avenue Louise
1050 Brussels
Belgium
T +32 2 774 4220
Miller Europe SRL
17 rue du Midi
92200 Neuilly-sur
Siene
Paris, France
T +33 1 7132 1010
Miller Europe SRL
Place du Bourg-de-
Four 4
1204 Genève
Switzerland
T +41 0 76497 2232
Miller Europe SRL
70 Mark Lane
London
EC3R 7NQ
United Kingdom
T +44 20 7488 2345
Miller Insurance Services (Singapore) Pte Ltd
10 Collyer Quay, #07-04/05
Ocean Financial Centre,
Singapore 049315,
Singapore
T +65 6349 5720
Miller Insurance Services LLP
Park Place, 1st Floor, Suite 1
55 Par-La-Ville Road
Hamilton
HM11
Bermuda