Edge Ask The Experts

Question: I bought cyber insurance, but I still worry. If I experience a breach or other security incident, how will the cyber insurance company be likely to weasel out of paying my claim? 

Jeff Wichman, practice director, enterprise incident management at Optiv: In most cases, your cyber insurance company isn’t going to weasel out of paying a claim. My advice is to be prepared! 

Your provider is going to have a specific process/requirement for engaging with them and outside resources for an incident. Follow that process, and take these steps to be better prepared: 

• Validate with your provider that your preferred partner is approved as either an on-panel or off-panel firm you can work with.
• Update your incident response plan to include when and how to engage with your claim process. Now is the time to start building that into your documents.
• Test, test, test your incident response processes using an applicable scenario-based exercise with your trusted third party. This can help you identify gaps in your efforts.

Do you have questions you'd like answered? Send them to [email protected].

Related Content:

• Any Advice for Assessing Third-Party Risk?
• What are the First Signs of a Cloud Data Leak?
• 5 Things to Know About Cyber Insurance
• Akamai 2019 State of the Internet Report / Security: Financial Services Attack Economy

Recommended Reading: