Home / International / Aon, Crawford share expertise in new cyber claims guide
22 November 2021
Aon and Crawford & Company have pooled their combined cyber experience to produce a useful guide explaining how best to maximise preparedness for a cyber claim.
The pair have published the Guide to Successfully Managing Cyber Claims as ransomware attacks continue to surge, and say control and containment are key to managing both cyber incidents and resulting claims.
It seeks to shine more light on the potential threat, help organisations mitigate the risk and understand how, if an incident should happen, they can manage their cyber insurance claim as effectively and efficiently as possible.
Crawford’s global head of Cyber Paul Handy says organisations should focus not only on risk prevention but also preparedness in the event of a cyber incident, and a key part was understanding the claims process.
“Cyber-related business interruption is a costly and potentially ruinous expense,” he said. “By engaging with a loss adjuster with full-time responsibility to support the insured through the assessment and quantification, policyholders can be much more confident in achieving their desired outcome.”
Aon Global chief claims officer Neil Harrison says cyber risk ranks as the number one current and predicted future risk globally and organisations should be ready to work in collaboration with their loss adjuster, together with their broker, insurer and other advisers to manage the claims process in the immediate crisis phase and in the recovery.
“We are committed to helping our clients make better decisions when navigating this increasingly complex risk and come through an incident with their balance sheet and, just as importantly, reputation intact,” Mr Harrison said.
Instances of ransomware attacks are increasing as cyber criminals become more adept at targeting the “economic pain points” to maximise financial returns, and Aon and Crawford recommend that organisations create a “preparedness posture”, detailing management roles post incident and what specialist support may be required, including IT, accounting and legal.
“While the model of stealing and selling Personal Identifiable Information (PII) in its own right has declined because it is getting harder to monetise – these records have little value on the dark web –an organisation facing the threat of having to disclose to clients that their valuable data was exposed, or inform regulators that millions of PII records were released, is willing to pay to prevent this from happening,” the guide says.
It advises that organisations review existing insurance policies to understand how coverage will respond in the event of an incident. Early engagement with the insurer and agreement to certain courses of action can help ensure a smoother journey to resolution in the event of a claim, it says.
The guide says threat actors have also improved the technology around ransomware, making it more difficult for organisations to restore compromised systems from back-ups, and are targeting organisations whose disruption impacts other businesses that cannot wait for the victim organisation’s backups to be restored.
“It’s not just the organisation’s own business interruption, but the potential damage caused to customers and business partners, that also raises the stakes,” it says.