In the face of rampant ransomware attacks, risk professionals are under increased scrutiny from all sides. In an interview with Risk Management Magazine, Partner Peter Halprin offered a critical demonstration of risk management’s value in the face of today’s top business threat. Halprin explained that it is time for board-level executives to invest in cyber-risk education and mitigation since the increasing regulatory enforcement and shareholder derivatives are serving as wake-up calls.
Halprin shared three things to focus on when communicating upward about the value of cyber insurance program. “One is that there are breach response tools that are available, and that should be integrated into our incident response plan,” he said. “There are vendors, for example, that are on panels that are pre-approved by the insurers who we can bring in and know that those costs will be covered in the immediate aftermath.”
Second, risk managers must understand the nuances of their cyber insurance policies and integrate considerations like notification timeframes and selected vendors directly into the incident response plan. Third, your board and C-suite can take some comfort in the expertise the organization can call on by virtue of having cyber insurance. “These cyber insurers are seeing thousands of claims—maybe hundreds of thousands—so they have professionals who have also seen that many claims,” he said. “Tell your board, ‘They know the players, they know what to do, we can rest assured knowing that there’s a team of experienced people that we can bring to bear and that we’re not scrambling to find resources in a very difficult time.’”
Read the full article here.