GDPR
GDPR is concerned with the control, regulation and protection of private, personal data. The good practices which businesses introduce as a consequence of GDPR will serve well in managing the similar risks faced in respect of sensitive corporate and commercial data.
However, no matter the good data management practices and procedures being introduced, both personal and corporate, a business will fall victim to a hack or simple human error at some time. It is at this point that you will appreciate the value of an insurer partnership which helps capture and manage the situation on your behalf. Quite simply, in most cases, a company will not know what to do when faced with system degradation or extortion.
Reputation
Capturing and effectively managing the initial incident will be key to how a business emerges from a data breach. Reputation is key to a company’s success and survival, namely:
how it manages such a crisis
how it is perceived post-loss
how successful it is in retaining clients
The insurance cover provided by a cyber policy is important, of course, but of equal importance is how an insurance company deals with the problem from the moment it first presents itself. Consequently, the choice of insurer and the effectiveness of their ‘First Response’ services is a vital consideration.
Not all insurance companies are the same!
First Response
The right ‘First Response’ team will:
supply appropriate IT, Legal and Forensic support
manage notification to the ICO
provide necessary credit/identity monitoring
provide call centre support
provide Public Relations management and support
manage communications with data subjects
manage extortion/ransom demands
Very often, this initial action will protect the business from income loss or third party data loss claims and hence, why insurers place great value on the early intervention of their ‘First Response’ services and cover these costs in full. But, as part of the much wider cyber debate, one should also give consideration to:
regulatory requirements to protect personal data
the business need to protect corporate data
the effectiveness of an insurers ‘First Response’
loss-mitigation and training services
the right level of insurance protection when security is breached and encryption occurs
Delivery of effective reputational management
The right insurance policy will cover:
First Response costs
Own repair costs
Your loss of income
Claims from affected parties for damages and costs (individuals, including employees, and corporates)
Regulatory costs and fines
Choosing the right insurer, however, is not easy. There are significant differences between them in respect of both cover and restrictions and, hence, the need to talk to the right insurance advisor who can walk you through the myriad of options. The right insurance advisor is Alan Boswell Group. For more information please contact us.
