NEW YORK — Timely action and notification are crucial to the response to any cyber incident, according to panelists speaking Thursday at the Business Insurance Risk Management Summit in New York.
“You'll want someone on-site within 12 hours investigating a breach or a malware situation,” said Richard DeNatale, a partner with Orrick, Herrington & Sutcliffe L.L.P. in San Francisco.
Contacting one's insurer is also vital, according to Ethan Harrington, director for insurance and risk management at H&R Block in Kansas City, Missouri.
“You want to make sure the insurer is notified very quickly,” said Mr. Harrington.
In addition to notifying insurers, the subject of any cyber incident should discover as quickly as possible what has been compromised.
“Investigate what systems have been affected and what data has been affected,” said Grace Crickette, Emeryville, California-based senior vice president and chief risk and compliance officer for the American Automobile Association of Northern California, Nevada, and Utah.
Another key step is to find out which policies will cover a situation.
“Identify potentially applicable coverages,” said Molly Stine, a partner with Locke Lord L.L.P. in Chicago.
In the initial stages of any incident, it may not be immediately clear which coverages may apply, said Ms Stine.
“Generally speaking, go ahead and notify (insurers) if you believe there is potentially applicable coverage,” Ms. Stine said.
Sunday, September 27