Network Computing Dark Reading

Advertise

Edge Ask The Experts

9/23/2019
01:30 PM

Edge Editors
Ask the Experts

2 comments
Comment Now

50%

How Can I Ensure Cyber Insurers Will Pay My Claim?

To get the best out of your policy, do more than just sign on the dotted line.

Question: I bought cyber insurance, but I still worry. If I experience a breach or other security incident, how will the cyber insurance company be likely to weasel out of paying my claim?

Jeff Wichman, practice director, enterprise incident management at Optiv: In most cases, your cyber insurance company isn’t going to weasel out of paying a claim. My advice is to be prepared!

Your provider is going to have a specific process/requirement for engaging with them and outside resources for an incident. Follow that process, and take these steps to be better prepared:

Validate with your provider that your preferred partner is approved as either an on-panel or off-panel firm you can work with.
Update your incident response plan to include when and how to engage with your claim process. Now is the time to start building that into your documents.
Test, test, test your incident response processes using an applicable scenario-based exercise with your trusted third party. This can help you identify gaps in your efforts.

Do you have questions you'd like answered? Send them to [email protected].

Related Content:

The Edge is Dark Reading's home for features, threat data and in-depth perspectives on cybersecurity. View Full Bio

Comment |

Email This |

Print |

RSS

More Insights

Webcasts

5 Steps to Integrate SAST into the DevSecOps Pipeline

Cloud Security Threats Enterprises Need to Watch

More Webcasts

White Papers

Using AI to Power AppSec

[IT Trend Report] The Future of Cloud

More White Papers

Reports

Can You Spare 10-12 Mins to Help Us Out with a Survey on Tech Trends?

Got 7 Minutes? Dark Reading Needs Your Help With Our Survey on Incident Response

More Reports

Comments

Newest First | Oldest First | Threaded View

[close this box]

50%

mcavanaugh1,
User Rank: Strategist
10/15/2019 | 7:57:37 AM

Re: Cyber Insurance claim

To confirm, most of the claims declined and firms that are suing their insurer attempted to file a claim under a non-cyber policy. Mondelez is the case most reference however they tried to get coverage under their Property Insurance policy after refusing to purchase a Cyber policy for years. Also, the declination was under the War Exclusion.

There is a lot of misconception as to what is covered, is not coverage, how it is covered, and what needs to be done to obtain coverage. This is partly the fault of the insurance industry as each Cyber policy is different with varying coverage, underwriting, and requirements. Most long-standing insurance companies writing Cyber Insurance do not require constant updating or any sort of updating outside of what an insured puts on an application. The most important factor is to work with an agent/broker/carrier that is knowledgable in this space and up to date on the emerging risks to ensure that a policy is placed with the best carrier for the specific company. There is no "best policy" or "best carrier" in the marketplace only the best carrier for the specific insured.

Reply | Post Message | Messages List | Start a Board

50%

renglish98,
User Rank: Apprentice
9/26/2019 | 9:21:25 AM

Cyber Insurance claim

The answer is not as striaghtforward as one would think. After notPetya, several firms had to sue their insurers who refused to pay the cyber claim as they argued that it was a state-sponsored attack and exempted via a force majeur clause.

Similarly, customers need to be constantly patching and remediating vulnerabiliies to demonstrate they are performing 'due care' and not unreasonably exposing their firm to cyber risk, which could be a claim denial justification.

Reply | Post Message | Messages List | Start a Board

OVER THE EDGE

Car Hacking Hits the Streets

6 CISO New Year's Resolutions for 2020

'We Only Have Two of the Blinky Boxes Left to Go'

Source: Kyle Buchanan/ABC

What security-related videos have made you laugh? Let us know! Send them to [email protected].

The Edge Cartoon Caption Contest: Latest Winners, New Toon 'Like a Boss'

Latest Comment: Hi everyone, let me introduce our new board member John Doe, the only candidate that survived the CyberSecurity Crash Course.

Flash Poll

All Polls

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]