WannaCry insurance protection

In January Protean Risk produced the 2017 Cyber & Data Insurance Guide to answer the most frequently asked questions on the rapidly evolving subject of Cyber and Data Insurance.  

Since Friday's reports suggesting that hundreds of thousands of computers in more than 150 countries have been affected by the WannaCry computer malware attack, Protean Risk thought it would be useful to highlight the features of a typical Cyber and Data insurance policy which could be critical in the event of such an attack:

1. A 24/7 ‘breach response’ helpline to help you manage the incident.
2. Insurers’ breach response services include IT forensic investigation to assess the damage and scale of breach.
3. A specialist negotiator and cover for the costs associated with ransom demands.
4. Data recovery services, should negotiations or decryption keys fail. 
5. Specialist legal counsel and public relations support.
6. Cover for the expense of notifying individuals, along with offering credit monitoring for those whose data has been stolen or compromised.

As well as considering insurance, we recommend reviewing your cyber and IT risk management and security, for example:

• Upgrade all obsolete or unsupported systems and make sure you have applied the latest security updates.
• Make sure you have recent data backups and that they are separated from your network.
• Ensure email is passed through effective content filters and that all users are made aware of best practice in respect of links etc.
• Regularly review user access permissions to data.
• Implement two-factor authentication, especially to all remote access and online services.