November 10, 2022

4 Cyber Incident Response Steps for Your Clients: A Broker's Guide

Cyber incidents are becoming increasingly common, and no organization is immune. Recent studies have predicted that the cost of cybercrime will top $10.5 trillion by 2025.

Many businesses globally have already been the target of attacks. However, this doesn't mean that they won’t be able to find coverage in the future.

In the event of a cyber incident, it is critical to have a coordinated and well-planned response. This is where brokers can play a vital role.

A broker with experience in cyber incident response can help clients navigate the complex landscape of post-incident claims and ensure they are able to bounce back from a potential attack.

Here are 5 ways in which a broker can help a client after an incident:

How to help a client after a cyberattack

  1. Assist their IT team
  2. Verify the facts
  3. Establish an attack timeline
  4. Focus on moving forwards

1. Meet with their IT team

Depending on the size or sector of your client, they may house an in-house IT department. If so, it's imperative to contact them in the first instance, as they will be able to paint a more in-depth picture of the company's security protocols.

Smaller clients may have chosen to leverage an MSP (Managed Service Provider) for this, so you may need to reach out to a third party when attempting to understand their level of network security.

2. Verify the facts

The simple fact is your client may not know what levels of cybersecurity they have in place across the multiple layers, systems, and applications in the business - this may be especially true of a smaller company utilizing an MSP.

But it is important that you probe them as much as possible to uncover and identify all pertinent facts. Larger international companies with subsidiaries may also have difficulties pinpointing whether MFA, EDR, or MDR safeguards have been implemented across all endpoints and networks.

3. Establish the timeline

Now that you know more about the client's cybersecurity landscape and defenses, you can start to ascertain a picture of how the latest incident occurred. To do this, there are a few key queries you'll need to make:

  • How did the breach happen?

This could be where that meeting with IT begins to pay dividends. You should be able to speak with them to find out the attack vector and whether it happened because of human error or tech, such as an obsolete application not being terminated.

  • What did the attackers take, and were backups encrypted?

Next, it's important to establish what (if anything) was taken or affected in the attack. If they've fallen victim to a Ransomware attack, then their systems will have been maliciously encrypted. However, some Ransomware variants are more aggressive than others and can even result in backup files becoming encrypted too.

  • Did they notify any affected customers?

Now you know what type of attack you're up against, you should then move quickly to establish whether customer data was breached. If so, were the appropriate steps taken to notify the affected parties?

Once you have established the answers to these questions, you can start thinking about future measures to prevent further attacks. But the first step into that safer future means analyzing what additional safeguards were implemented in the wake of the last attack.

4. Future safeguards

At this point, you should have a strong indication as to your client's current level of protection and what the risk landscape looks like in their particular field. Now you need to establish a route forward that will improve their cyber resiliency. That's where 1Fort comes in.

Our cyber insurance solution brings together best security practices and insurance to deliver market-leading protection for your clients. The affordable solution can be implemented in minutes and adapted to suit any business size. So they can start protecting their entire business, whether they are a family-run real estate firm or a multi-national conglomerate.

Final thoughts

Stats show that cyberattacks cost businesses on average $200,000, no matter the company size. These numbers could be truly devastating for your client base.

With that in mind, as a broker, you want to ensure your clients have the best possible protections in place. Talk to 1Fort today for more information about our leading service or to request a demo.