Austria
Belgium
Estonia
Finland
France
Germany
Greece
Iceland
Ireland
Italy
Netherland
Norway
Poland
Portugal
Spain
Sweden
Switzerland
Turkey
United Kingdom
Australia
Hong Kong
New Zealand
India
Indonesia
Japan
Malaysia
Philippines
Singapore
Thailand
Brazil
Chile
Colombia
Mexico
Peru
Bahrain
Israel
Morocco
UAE
Oman
Tanzania
Turkey
Cyber Insurance Vendor Panels: A Guide to Smart Decision Making
Published
Read time
Guest article written by Anthony Hess of Asceris
First published: 12th July 2023
Navigating the complex landscape of cyber incident management can be challenging for organisations. One approach to consider is partnering with a cyber insurance response panel, which can offer numerous advantages. This article delves into the key reasons for working with an insurer's cyber response panel and potential drawbacks to be aware of, helping organisations make an informed decision about their cyber response management strategy.
Benefits of working with an Insurer's panel include:
Holistic Response Process: Insurers provide a multifaceted approach to managing cyber incidents, incorporating legal, technical, and other aspects. This strategy is especially crucial in situations involving personal or other sensitive data, where proper notification is essential to avoid fines and maintain customer trust.
Coverage Compatibility: Partnering with an insurer's response team reduces the likelihood of incurring uncovered costs, such as betterment expenses due to providers pushing to sell uncovered system upgrades, as the responders are well-versed in the insurance scope of coverage.
Pre-agreed Rates and SLAs: Insurers have pre-negotiated rates with panel vendors, offering significant cost savings compared to typical market prices for high-quality response services. In addition, with service level agreements in place a fast response is possible without a separate retainer agreement.
Active Panel Management: Insurers typically actively manage their cyber panel with a focus on continuous improvement and customer satisfaction. Subpar vendors are either corrected or replaced and insurers maintain strong relationships with cyber response and legal firms to achieve favourable outcomes for clients. This contrasts with organisations with limited incident experience who may struggle to evaluate the effectiveness of a response team.
Aligned Incentives: Insurers are highly motivated to deliver a top-quality response as effective incident management can significantly reduce the financial impact of a cyber event for both the insurer and the insured.
Support during wide scale incidents: Insurance companies often have prearranged contracts to ensure adequate support during large-scale incidents. The availability of resources to support incident containment can vary across insurers and clients which should be considered by insureds.
Pre-Breach Services: Insurers often offer low or no cost, but still very useful, pre-breach services to their insureds. This can include services such as tabletop exercises or at a minimum basic planning support. Organisations that utilise these services are undeniably in a better position to respond to an incident and should work to incorporate input from their insurer and panel providers. This can help to ensure clear communication and coordination between the organization, the insurer, and the panel vendors during an incident
Drawbacks of working with an insurer’s panel:
Onboarding: Although working with an insurer’s panel providers comes with many benefits it is important to consider that organisations with a highly qualified in-house incident response team or existing vendor relationships may experience delays when transitioning to a panel vendor. To mitigate this risk, consider choosing an insurance policy that allows the selection of preferred vendors, or use panel participation as a criterion for selecting a digital forensics and incident response (DFIR) vendor.
Working with a cyber insurance response panel offers a range of advantages, such as a holistic approach to incident management, aligned incentives, and cost-effective services. However, you must carefully consider potential drawbacks and work proactively to engage with your insurer and panel vendors during the incident response planning process
About Howden
Howden is the world’s largest independent insurance broker with specialism at our core. We are the fastest growing established broker in the London market with over 11,000 employees, of which over 400 are dedicated to financial lines in London. We deliver £21bn of premium into the insurance market and are one of largest producers of direct premium into Lloyd’s of London. Our Cyber & Technology Solutions team has over 30 specialists with a combined experience of 200+ years, acting for over 1,300 clients across a multitude of industries.
Written by
Anthony Hess
Asceris
[email protected]
+44 7909 001 455
Anthony Hess is a cyber security leader with over 25 years of experience in cyber security, cyber insurance and information technology. Before co-founding Asceris, Anthony built and led Kivu Consulting’s international presence and Post Breach Remediation service. Prior to Kivu, Anthony served for three years as the Head of Incident Response at CFC Underwriting where he created CFC’s first customer facing in-house incident response and cyber claims team. Anthony also led cyber insurance services at KPMG UK, running high performing incident response services for leading cyber insurers in the European market. Prior to KPMG, he held highly technical roles in the defence and higher education sectors.
This article has been written by Asceris and the opinions and views stated in this article are those of Asceris and not Howden Insurance Brokers Limited (“Howden”). Howden shall not (i) owe or accept any duty, responsibility or liability to you or any other person; and (ii) be liable in respect of any loss, damage or expense caused by your or any other party’s reliance on this article.