Cyber Insurance , Governance & Risk Management , Video
Avoiding Pitfalls in the Cyber Insurance Application ProcessPasich LLP's Tae Andrews on Tailoring Insurance Coverage to Incident Response Plans
Cyber insurance applicants should provide detailed responses that clarify the nature of their business to avoid claim denials in the event of a security incident.
See Also: SOC: Build vs. Buy - When Is It Right?
Pasich LLP Senior Managing Associate Tae Andrews urged applicants to "interrogate the interrogator" to push back on vague questions and figure out precisely what information the insurer is seeking and thereby avoid future misunderstandings. Insurance applicants should use protective language in their responses that clarifies how the question applies to their line of business and the data they have (see: Pay Attention to Fine Print on Cyber Policy War Exclusions).
"When your renewal period comes up, there's a great opportunity to tailor the coverage and make it align with your incident response plan," Andrews said. "One of the easiest things you can do is try to get your preferred vendors - your preferred forensic investigation services, defense firms, PR firms - preapproved on your policies and prevent any problems later."
In this video with Information Security Media Group, Andrews also discusses:
- How policyholders can most effectively take advantage of insurance brokers;
- The most common unnecessary disputes between customers and their carriers;
- Why policyholders should cast a wide net when sending notifications about a cyber incident.
Andrews has recovered hundreds of millions of dollars for corporate policyholders in coverage disputes with their insurance companies. He has litigated in state and federal courts, representing clients in disputes under commercial general liability, directors and officers, commercial property, professional liability/errors and omissions, builder's risk, and other types of insurance policies.