CARM SUMMIT
Step 2
Review and adapt protection and detection
systems. This includes implementing
security systems and protocols, maintenance
schedules and intrusion, penetration
and detection software and keeping them
up-to-date and ensuring backups are tested
regularly. Equally important is employee
training. No CEO wants their employees to
feel they are not trusted. However, most data
breaches, ransomware attacks or accidental
money transfers are aided by human error.
In any crisis, it is critical to know how to
react and who can help. This is also true of
a cyber event or data breach. An Incident
Response Plan developed ahead of time
would identify both internal and external
resources to contact should an event
occur. The Response Team should include
a breach coach, cyber forensic specialists
and communications team. These experts
can quickly intervene and help management
make the right decisions on how best
to react to the threat. An easy way to have
access to a crisis team is through a cyber
insurance policy which provides a cyber
event and data breach response team.
Cyber insurance:
How does it work?
The purpose of cyber insurance is to protect
a corporation from the financial impact of
a cyber incident. As indicated above, the
protection should also include immediate
access to a vetted team of crisis response
professionals who are specialized in identifying
the source of cyber threats, removing
them and mitigating their impact on systems
and operations, ensuring a well-coordinated
response that helps reduce the magnitude
of the loss and protects the reputation of a
company. The post breach crisis management
services provided and paid for under
a cyber insurance policy include:
• Forensic investigation services
• Data restoration services
• Third party notification services and
call centre
• Credit monitoring services
• Public relations services
• Legal representation services
• 24/7 call centre
Various traditional insurance products
such as property, boiler and machinery
and commercial crime offer some level
of coverage for cyber events, but only a
comprehensive cyber insurance policy
will offer the full suite of coverage needed:
— Awareness,
control and
training
— Data security
and procedures
— Maintenance
breach costs, cyber extortion costs, business
income loss, digital asset replacement
expense costs, reputational harm and, at
times, even theft of funds or social engineering.
In addition, an organization may also
have exposures to liability stemming not
only from a cyber event or data breach, but
from regulatory scrutiny and simple market
presence. The cyber insurance policy also
typically includes coverage for security and
privacy liability, media liability, regulatory
proceedings and payment card industry
demands. n
To learn more about cyber insurance or
for help procuring cyber insurance, please
contact Dawn Colquhoun, CAIB at
dcoquhoun@bflcanada.ca.
What to do when a Company
is the Victim of a Cybercrime
• Set the Incident Response Plan
in action.
• Let the insurance broker know that a
cyber event has occurred. If the policy
has cyber insurance, the crisis management
team will be in contact.
• If the company does not have cyber
insurance, call BFL Canada. They can
provide a list of specialists to support
the company.
• Most importantly, take action. A
cyberattack can be a devastating event
for a company. The level of readiness
will, without a doubt, have a significant
impact on the outcome.
IDENTIFY
— Asset
management
— Business
environment
— Governance
— Risk assessment
— Risk
management
strategy
RESPOND
— Response
planning
— Analysis
— Communications
— Mitigation
— Improvement
PROTECT
DETECT
— Detection
process
— Anomalies
and events
reporting
— Continous
monitoring
BUILDING RURAL MANITOBA | 43
link
/