Blog / Beware the Fine Print When Making Cyber Insurance Claims
Don’t Let Insurers Deny Your Cyber Insurance Claims
The process for making cyber insurance claims is almost identical to making auto insurance claims, and as anyone who’s been on the receiving end of a denied auto-claim can attest, the devil is deep in the details; you can only take your car to the dealership for repairs, you can’t use after-market accessories or third-party parts (even if there are a bunch lying around and it will take your dealership six weeks to get the official brand back in stock), you can’t get it fixed in week’s when Virgo is ascending, and on and on and on. If you’re not familiar with your policy’s terms, your claim will most likely be denied.
What most organizational leaders understand academically but don’t usually don’t fully realize (and therefore fail to account for in their plans) is that regardless of marketing and advertising or how many reassurances they make that you’re their number one priority, the fact is that in the end insurers’ goals will never fully align with their clients’. So even if they could help by overlooking an irrelevant detail in a claim, they almost never will because doing so would be at odds with their goal of maximizing premiums and minimizing payouts. And just to be clear, this isn’t an attack on workers in the industry; salesmen and call-centre operators can and often do whole-heartedly believe their pitches. However, the reality is that while, yes, insurance companies would prefer their clients remain successful so they can keep paying premiums, none are going to risk their own bottom line for yours.
As a result and like it or not, the legal language of each policies’ terms of service almost always leaves insurance companies in charge of how to deal with an incident, and that’s not good news for you.
Cyber Insurance Claims and IRPs
Like auto-policies forcing you to use specific mechanics for authorized repairs or to avoid third-party parts, cyber insurance policies may want to investigate devices that have been infected with ransomware, or even have you attempt to negotiate with your attackers for decryption. Both of these options conflict with the most important thing to your organization, which is to get back up and running. Exactly what each insurance company requires you to do will vary depending on the situation, but what won’t change is the need to carefully evaluate your insurer’s process, proceed carefully, and strictly adhere to any conditions or limitations imposed on handling affected equipment and getting repairs.
That’s why it’s important to include your insurer’s requirements when developing your cybersecurity Incident Response Plan (IRP). Data breaches, ransomware attacks, and cybersecurity events in general are stressful and expensive. The last thing you want is to give your insurer an excuse to deny your claim or discontinue your coverage. Rather than developing an IRP based exclusively on your own organization’s needs, review your policy and its fine print, and consult with your insurance company, to ensure any actions dictated by them are properly integrated into it and help reduce how many claims they can get away with denying.
If you’d like help making cyber insurance claims, or reviewing your policy and working it into you IRP, contact a TRINUS IT specialist and we’ll be happy to help out with some stress-free IT.
This quote comes from Shakespeare’s Hamlet: “Give me that man that is not passion’s slave, and I will wear him in my heart’s core, in my heart of heart, as I do thee.”