Kroll Managing Director, Brian Lapidus, responded to a Wall Street Journal article (subscription required) by Gregory Millman, in which Millman describes a strong demand for a cyber insurance policy and the potential risks involved with burgeoning and untested products and offerings:
When your reputation is on the line, having a cyber insurance policy provides the added value of the carrier having done the legwork for evaluating the vendors and partners you need for effective data breach prevention and response. From identifying lawyers to assist with a myriad of legal/regulatory challenges, to pinpointing investigators to help understand what happened and what data was compromised, and finally short-listing vendors who can help respond tactically to fulfill notification requirements and consumer remedy, this is a valuable benefit that should not be overlooked.
In Kroll’s experience, this last item is especially valuable. We have found that while organizations tend to have the best of intentions when it comes to responding to a data breach, they overlook opportunities to craft response plans that truly fit their needs. Given the vast array of scenarios that can give rise to a data security incident, breach response can’t be solved with a “one-size-fits-all” or checklist approach.
By Kroll Editorial Team