Cybersecurity Awareness

October 18, 2024

What Your Company Should Know in 2024

In today’s digitally-driven landscape, cybersecurity has become a critical aspect of safeguarding sensitive data and preserving the integrity of businesses. As organizations increasingly rely on interconnected systems and digital platforms for operations, the risks associated with cyber threats continue to escalate. From data breaches to ransomware attacks, the consequences of inadequate cybersecurity measures can be severe, leading to financial losses, reputational damage and legal liabilities. Below are a few of USI’s guidelines for preventing and responding to cybersecurity attacks.

Preventative Measures:

1. Empower the organization’s first responders. Make sure those who are on the IT team are properly trained and informed of what to do.

2. Conduct risk assessment and implement data security improvements before being asked by a regulator.

3. Talk to your IT security staff:

a. Gain an appreciation of the many challenges and risk landscapes.
b. Not many organizations can say how many records they have; what type of data is being collected, stored, shared and protected; where all the data resides; when is it purged; etc. Make sure this information is common knowledge.

During an Incident:

1. Understand your data – what it is, where it is, who has access to it and if you need it.

2. Understand contractual obligations to secure data and report security incidents.

3. Understand legal and regulatory framework applicable to organization and data.

Incident Response:

1. Invoke your breach counsel. This is done by calling the breach hotline or phone number listed on your policy. The assigned law firm’s fiduciary duty is to you the policyholder and does not provide notice to the carrier.

2. Your broker will provide written notice to the primary and excess cyber insurers via email on your behalf.

3. You will receive a telephone call from the breach counsel who will further instruct you on the next steps. This may include retaining the carrier’s panel providers – IT forensics firms, public relations experts, public relations experts and ransomware and bitcoin consultants ransomware and bitcoin consultants.

To see the full cybersecurity playbook, visit www.mheda.org/usiplaybook.

If you have questions, feel free to contact:

Dru Wilson, manufacturing vertical leader at Dru.Wilson@usi.com

Timothy J. Gotta, Esq, cyber practice leader, Tim.gotta@usi.com

Zach Allread, principal/ director of IM&E, Zach.allread@usi.com

USI ONE Advantage® is a MHEDA Member and provides a set of client-customized, actionable, measurable solutions with bottom line impact on your business through cost reduction and coverage enhancement resulting in an improved Total Cost of Risk and Employee Benefit trend advantage.