MPR Underwriting
MPR Underwriting
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • About
  • Team
  • Products
  • Insights
  • Resources
  • Contact
  • Linked in
  • Twitter
  • Data protection and privacy notice
  • Cookie Policy

Five reasons to act quickly
during a cyber event

  • Home
  • Insights
  • Five reasons to act quickly during a cyber event

Factsheet

Cyber

    Incident response providers have observed that a strong theme emerging, even where a cyber insurance policy in force, is poor escalation from the discovery of the cyber event to the point at which the appropriate experts are engaged. This almost always leads to the situation taking longer to resolve, introducing potential additional disruption and more costs. Hesitating with a cyber event is ill advised, and here are just five reasons why:

    1. The first few hours are vital.

    Early escalation allows the correct experts to engage quickly, triage the incident and organise a tailored action plan for the organisation. It is widely accepted that the first 48 hours following discovery is the period which ultimately dictates the eventual outcomes. So, make sure that the cyber policy not only has access to these crucial vendors, but also helps to coordinate the organisation through the process.

    2. The ICO. To notify or not to notify?

    The ICO has been (and will continue to be) very busy post GDPR implementation, yet their notification advice might not be what one might expect:

    “You need to consider the likelihood and severity of any risk to people’s rights and freedoms… if it’s unlikely then you don’t have to report it.”

    Having a cyber policy, with access to experts, will place the buyer in a much stronger position to make that initial assessment and establish any notification requirements.

    3. If the breach event does qualify for notification, then speed is of the essence.

    The organisation must

    ”notify ICO without undue delay (within 72 hours); give a description of nature of breach & number affected; provide specific categories of data subjects (gender, age etc..); and detail the likely implications of the breach and what measures have been taken to mitigate.”

    So, it becomes clear that engaging experts immediately (such as forensics, crisis response and legal services) could prove vital, particularly in relation to the mitigation of any potential fine that may be levied by the ICO.

    4. A black mark on the claims record?

    Some policyholders may hesitate because they fear it will form part of their claims experience (i.e. a call to a helpline may be taken as a circumstance or notification to the insurer). Look for a cyber policy that allows an immediate incident response scenario without incurring a claims notification.

    5. Worried about the retention/excess?

    Another potential reason for delay might be that a policyholder would opt to handle the event in house rather than incurring lawyer or vendor costs (as part of their excess/deductible), believing the matter is under control. Look for a cyber policy that has a zero deductible for the immediate incident response service, taking away that potential obstacle to the expedient handling of a cyber event.

    Download PDF

    MPR’s CIRI policy specifically has an ‘Immediate Incident Response Expenses’ definition, because we want the policyholder to act without hesitation, even if they feel they may be able to handle it themselves. To facilitate this, we deliberately apply a £0 deductible applicable to this service, and it won’t cons tit ute a notification to MPR unless the severity means that it progresses to the crisis management stage.

    Tim Jones

    Written by

    Tim Jones

    Insight

    ‘Verbal’ – one word,
    all the difference

    The same pattern sometimes appears in business. When things go wrong, frustrated parties can act irrationally and may say things that won’t necessarily be followed up on.

    Insight

    Insured Capacity –
    does it come with guarantees?

    ‘Insured capacity’ is a frequently visited subject and continues to be a central aspect in many discussions around the scope of D&O policies.

    Language Matters

    Corporate Manslaughter
    and Management Liability

    It is more than 15 years since The Corporate Manslaughter and Corporate Homicide Act 2007 (the “Act”) was introduced on 6 April 2008. The Act was an attempt to make it easier for the authorities to prosecute organisations where a corporate management failing caused a fatality.

    10th Floor
    Chancery Place
    50 Brown Street
    Manchester
    M2 2JG

    0161 241 3550
    enquiries@mprunderwriting.com

    • About
    • Team
    • Our Products
    • Insights
    • Resources
    • Contact
    • Data protection and privacy notice
    • Cookie Policy
    • Linked in
    • Twitter
    MPR are Chartered Insurance Underwriting Agents

    MPR Underwriting Limited is a company incorporated in England and Wales. Registered Address: 10th Floor, Chancery Place, 50 Brown Street, Manchester, M2 2JG. Company Number: 10529758. Authorised and regulated by the Financial Conduct Authority.

    Privacy Policy and Cookie Information

    We use a small number of cookies on this website to make the website as useful as possible. None of these cookies collect any personal information. To find out more about these cookies and how to control their use, see our Read More.

    Close