Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions

The Importance of Forensics in a Cyber Attack


The Importance of Forensics in a Cyber AttackOn numerous occasions, we have discussed the importance of having a strong cyber plan in place that outlines the steps to take before and after a data breach or compromise occurs, including having a robust Cyber Liability insurance policy to respond to the various costs incurred in the wake of a incident. One of these costs involves forensic investigation by a security firm to determine the extent of a breach, and where and how the breach occurs. This information will help drive a company’s decision-making when responding to an incident.

Well-crafted Cyber insurance will include coverage for forensic expenses. In some cases, depending on the insurance company, the policy will provide the security firm to conduct the forensic investigation. In other cases, the insured chooses the firm. In selecting such a firm, it’s vital that you partner with a company prepared to work with you the moment you become aware of a potential incident. This means that identifying and onboarding a security firm before an incident arises is a smart decision. By so doing, you can have your agreement and statement of work in place should an cyber incident occur, and immediately begin the forensic investigation and subsequent required notification process.

When choosing a primary security firm as part of your incident response preparedness efforts, be sure to consider the following, courtesy of Data Privacy Monitor.

  • Capability: Look at how a company conducts their investigations. Do they have tools that provide visibility to endpoints quickly, that can capture network traffic, and a good repository of current Indicators of Compromises (IOCs) to quickly look for signs of a compromise? Will they help with operational issues when doing remediation? How do they help companies with containment plans and short-term/long-term remediation recommendations? Do their tools work in your environment, and do you need individuals with specific subject-matter knowledge because you have a less-common environment?
  • Capacity: Are you comfortable the firm will have a good team available when you call? Will they actually tell you that they do not have a team ready so you can turn to your backup instead of waiting a week or two for their team to finish a different investigation? Do they offer a retainer arrangement?
  • Credibility: Will stakeholders have confidence in their findings?
  • Terms of agreement: How will they address the steps to preserve attorney-client privilege and work product, confidentiality and security of data provided to the forensic firm, limits on liability, indemnification, and appropriate scope of work and related costs?
  • Cost: Most firms charge on an hourly basis. Some have rates that vary by experience, and some are flat for all investigators. However, some will require you to pay up front for a number of “budgeted” hours, and they may not refund any unused hours (or they will manage to use all of the budgeted hours). Are there equipment charges?
  • Experience: Do they have experience responding to the types of incidents you are likely to face?

Being prepared before a cyber incident is critical for crisis and reputational management and getting ahead of the messaging while also remaining compliant with regulations. This involves having a strong incident management plan along with the right partners and the right insurance program. At Axis Insurance Services, we specialize in Cyber Liability/Privacy & Network Security insurance and can assist you with securing a policy that addresses your needs. We can review each component of the policy including coverage for the forensic investigation needed to vet a breach. Give us a call at (877) 787-5258.

Comments

comments

Blogged on: December 16, 2015 by Mike Smith
Error Omissions
Error Omissions
Submit your information below so we can contact you with a FREE quote
[All fields are required.]
Actual Annual Revenue:
Verify:
=
I have read and agreed to theTerms & Conditions
Error Omissions
Error Omissions