In several of my most recent “Cyber Tuesday” posts, I’ve discussed the importance of developing a comprehensive cyber risk mitigation strategy which includes IT security measures, well thought out incident response, business continuity documentation and cyber insurance. A recent ransomware event at the University of Calgary shifted the focus to the cyber insurance.
The ransomware caused the university to lose access to several important services such as email, Skype, and internal servers. They wound up paying $20k CDN in Bitcoin in order to get back on their feet. Other undisclosed costs likely followed, but the university’s vice president discovered two key points. 1) The ransom was not covered by the insurance and 2) their cyber insurance policy was critical in helping the university recover.
Let’s examine point 1. When purchasing any insurance having an independent risk management and insurance consultant with a working knowledge of the coverage review the form and any endorsements before the coverage is bound (purchased) can make a big difference in knowing whether the organization is covered and whether there are any gaps in existing coverage. While the coverage may seem adequate on the surface, exclusions and endorsements may alter or remove key coverage points that you would think were included. In addition, the coverage should be tailored to protect your organization’s specific exposures. Often, a generic “out of the box” form will not be sufficient when an event occurs.
On to point 2. The carriers who underwrite the cyber liability policies often offer “hotline” services to their customers during a cyber related event. They may include law and IT firms who specialize in cyber or public relations who will assist in maintaining or recovering the organization’s otherwise good reputation. The costs of engaging these firms are usually covered under the policies aggregate. Again, determining what costs and extra expenses are covered by the policy should be done before coverage is bound… not when you’re scrambling after the company’s system has been hacked.
Please contact us If you need assistance with the insurance tender, proposal review and coverage placement process to ensure that the coverage you’re purchasing is sufficient.