Computer expert Elizabeth Wu recently posted four questions on LinkedIn to ask about your Cyber policy's coverage after a ransomware attack. To be sure the policy conditions have not been breached, ask these questions:
- What security controls have you put in place to reduce the risk of system compromise? (Some policies require maintenance of security as a condition of paying claims.)
- Do all portable media and computing devices need to be encrypted? (Policies may or may not cover these devices, or may exclude them if unencrypted. If your company allows employees to bring their own devices or connect them to the company's network, it is critical to check their security.)
- What about unencrypted media in the care, custody or control of third party service providers? (Check your agreements; what protection do third parties provide, and who is liable in case of a breach?)
- Could you make a claim if you were unable to detect a breach until months or years had passed? (Frequently breaches are not detected for many months. Check for how soon a breach should be reported, who must be aware of the breach, and limits on reporting after a policy expires.)
These questions must be addressed both by system administrators (with outside help if needed) and insurance managers to minimize the effect of a breach and maximize insurance recovery.