This article was produced in partnership with NetDiligence
Desmond Devoy, of Insurance Business America, sat down with Mark Greisiger, president and CEO of NetDiligence, and director of product evolution Sharon Lyon, to discuss why insured companies should have a cyber breach response plan in place before an incident occurs and the part insurance companies can play in the process.
It is not a question of if a client’s business will face a cyberattack, but when.
At a time when the frequency and severity of cybercrime is on the rise, why would any organization leave its future to chance?
When plotting an office fire drill, an organization identifies fire captains, designated exits, and where everyone gathers outside for the headcount.
But who calls who when there is a ransomware attack?
“The threats are imminent. The time to prepare is now,” said Mark Greisiger, president of NetDiligence. “Organizations of all shapes and sizes need a comprehensive incident response plan (IRP) and we’re seeing many cyber insurance carriers increasingly requiring them. Organizations need to be proactive and get a plan in place to help avoid legal and regulatory liability and prevent organizational chaos when an incident occurs.”
That is why his company has developed Breach Plan Connect®, a pre-written plan that stores crucial details and instructions for their internal breach response team or risk management team to use if and when a cyber incident occurs.
“We’re on the preventative side of cybersecurity incidents. We do have a sequential step (process) for building out your response plan,” explained Greisiger. “It’s cloud-hosted and includes a mobile app, which users love. If I were to get locked out of my company network due to a ransomware attack, I can simply go into the Breach Plan Connect app and access my entire plan, including best practices to triage the incident and emergency contact info for all stakeholders involved. “
“If you write your own plan, it can be a very expensive process. You would be advised to engage with cybersecurity experts, as well as legal counsel,” said Lyon. “While Breach Plan Connect is easily customizable, it comes with best practices that are pre-vetted by legal counsel, so it saves a ton of upfront work and associated costs.”
There is also no need to set time aside for a series of meetings to hammer this plan out.
“Depending on the related information the company has on hand, the plan could theoretically be put together in an afternoon and can immediately function as a response roadmap for companies that experience an incident,” said Lyon.
The plan costs $1,800 annually and is worth the outlay when considering that ransomware and cybersecurity attacks can quite literally ruin an organization financially.
“Organizations are often reluctant to invest in cyber preparedness,” said Greisiger. “They believe it won’t happen to them or that the incident severity isn’t likely to be catastrophic. Perhaps they have an informal “plan” in place, but is it actionable or even accessible when they need it most? Does it meet certain requirements if and when regulators come knocking?”
NetDiligence has been making inroads in the insurance world for its proactive cyber incident response plan.
“We’ve partnered with many of the largest, most trusted cyber insurers in the market. Some offer a discount on Breach Plan Connect or even cover the costs for certain clients,” he said. “We’ve made it easy for those insurers to offer it as a value-add to differentiate their cyber insurance products.”
NetDiligence’s plan is also proving to be popular with insurance brokers.
“Brokers like it because it helps them qualify their clients for cyber coverage and also because they are included in the plan, so they can be involved if/when their clients suffer an incident,” director of product evolution Sharon Lyon explained.
There are misconceptions out there that relate to cyber crime and even how such crimes are covered by insurance.
“The biggest one is the belief that a data breach or cybersecurity incident will never happen. I don’t like to ‘doomsday’, but it’s hard not to think that cyber incidents aren’t practically inevitable for most organizations,” Greisiger said. “Cyber criminals may not have targeted you yet and we hope they never do, but there’s no doubt that they are, at a minimum, knocking on your neighbors’ doors.”
Another common misconception is that cyber incidents won’t result in catastrophic financial, reputational, and technological damage. “Unfortunately, they potentially can,” said Greisiger. “Some organizational leaders may also lack the proper awareness and understanding of their existing cyber coverage and how these types of incidents play out from a claims perspective.”
When speaking to cyber-insured organizations, Greisiger stresses the importance of involving their insurance company in their response to any cyberattack.
“Your incident response plan should include the necessary details to report the incident to your cyber insurer,” he said. “Responding to an incident requires certain sequential steps that need to be taken and any mistakes or oversights in the process can be costly.”
He encourages organizations to clarify exactly what their cyber policy does and does not cover as they are putting their plan together.
Lyon recalls a story from one customer about how much Breach Plan Connect helped guide their internal response team when they needed it most. “A small public entity in Colorado reported to us that they used the plan to respond to a breach event and that it helped them manage the crisis quickly and effectively,” Lyon wrote.
In recalling another customer’s feedback, Lyon writes, “The CISO (chief information security officer) of a large retailer told us that the plan has been very useful in helping educate and engage non-IT people within the organization who have a role to play in incident response. That customer hasn’t needed to activate their plan yet, but they’ll be prepared if and when they do.”
NetDiligence is now offering a 30-day free trial for Breach Plan Connect. Visit https://breachplanconnect.com/free-trial to learn more.