The ‘Golden Hour’ is a phrase most commonly used in the medical profession to describe the vital period of time following a traumatic or critical injury, where providing prompt medical or surgical intervention offers the highest chance of survival.
The cyber security industry has adopted this concept to describe the immediate aftermath of an impactful cyber event and the importance of prompt incident response. The ‘Golden Hour’ here refers to the short period of time (not strictly 60 minutes, but the critical hours immediately following a cyber event) where vital support and actions can limit the damage and the severity of the event. It is also where a Cyber Insurance policy can show true value.
Whilst products may appear similar on paper (with comparable phrases on terms, limits, premiums and heads of cover), the devil really is in the detail and not all options are the same. It is critically important to examine what happens when a cyber event occurs, how that cyber insurance policy will respond and, crucially, to understand what support and expertise will be provided.
A high quality product will offer an incident response provider with a 24/7/365 service and an ability to swiftly engage a collaborative crisis management team. That Golden Hour period, whilst tailored to the specific event, should focus on the following key themes:
- rapid assessment of the situation;
- agreeing incident response strategy;
- effective communication;
- mitigation of immediate threats;
- deployment of resources; and
- documentation and record keeping.
Moreover, a good cyber insurer will view high quality incident response services as mutually beneficial. Speed and quality of response can minimise the impact of the event and potentially reduce the severity of claim. Experienced insurers and incident response providers also recognise that it is much easier to stand down a comprehensive response than it is to raise an inadequate one.
The diagram below shows how a typical cyber event is managed by the MPR policy, including the all-important Golden Hour.
Download Managing a Typical Cyber Event with MPR Cyber Incident Response and Insurance
