The second in a series of case studies taking a look at the complex world of cyber claims with CFC Underwriting’s James Burns
One of the big areas where brokers are lacking knowledge of cyber is around claims, and what happens once a data breach or other cyber event has taken place.
To help address this knowledge imbalance, Insurance Times spoke to specialist cyber cover provider CFC Underwriting’s James Burns to talk through some real life examples of cyber attacks and what the proper process is for handling a claim when the worst happens.
Case Study Two: Don’t upset the hackers
Being locked out of your IT systems by a malware attack can severely damage a business, but when not handled correctly it can be truly devastating just as one MD found out.
This particular MD was the boss of a food trucking company with turnover of around £20m, and when his company was hit with a £10,000 Bitcoin ransomware attack he immediately told them he wasn’t going to pay, setting off a devastating chain of events.
The cyber criminals hit the company with a series of malware attacks, taking out payment capabilities and encrypting all of the business’ data. The hackers even managed to find the password to the company’s cloud storage and destroyed all of the backup data.
All of the company’s vital information, including delivery routes, stock order needs and customer data, was stored electronically and the business’ first response was to spend 10-11 days trying to recreate the data from memory.
Of course, this was not the best approach to responding to a cyber attack, and by the time they notified the CFC and the incident response team jumped into action most of the damage had already been done, with damage covered under the policy totalling £850,000.
Following this claim, we decided we needed to do more to encourage our policyholders to contact us first and at the earliest opportunity, so we introduced a zero excess for using our incident response team.
Ultimately, getting the incident response team into operation quicker will help drive down claims costs and provide a better service for our insureds by minimising disruption and getting the business back up and running sooner.
CFC Underwriting’s James Burns on managing a cyber claim…
A lot of businesses don’t realise how reliant on technology they are until it is too late and the effects can be devastating, especially if the response to a cyber incident is not managed effectively.
Brokers need to engage with the insurer as soon as they are notified of a claim and urge their customers to make them their first point of call.
All too often, we see businesses trying to react to a cyber breach by themselves straight away, either by trying to access backups or get their servers backup and running. If backups have failed or become infected by any malware that has attacked the rest of the system this can create further problems, and ultimately make the data unrecoverable.
By notifying the insurer as early as possible, cyber incident response teams can be activated and investigations undertaken to determine the nature of the cyber incident and identify the best plan of action to get the business back up and running as quickly and efficiently as possible.
No comments yet