Companies not only need to get the right cyber insurance, but they must also know how to properly use it once they have it. One of the things that few truly understand is the impact that cyber insurance has on incident response planning and the incident response process.
Can you imagine how disruptive this scenario would be?
• You go through the effort of creating an incident response plan, train the incident response team on their roles and responsibilities, and practice table top exercises. You are ready to respond.
• You experience an incident and are ready to execute your plan.
• Only then do you discover that not only does your company have cyber insurance, but that insurance policy specifically dictates what cyber forensic firms you can use, what public relations firms you can use, what notification vendor you can use, and what breach counsel (aka privacy counsel or breach quarterback) you can use—and none of those "approved vendors" are the ones that you included on your external incident response team!
Unfortunately, this is a situation that we see far too often.
Fortunately, however, there are many ways to address these issues before an incident happens, as well as other issues that are just as important and impactful. The key to doing so is knowing what issues to look for, what questions to ask, and how to find the right professionals to help you get the right solutions to work with your company's needs.
Cyber insurance is critical for that by providing your company with the resources it needs to properly respond to and recover from an attack.