Working toward an understanding of these potential risks requires collaboration among your business teams, your information security teams, your legal teams, and then working with an experienced cyber insurance broker who understands the risks, the costs associated with those exposures, and consequently help you to assess what coverage is required.
"When a company experiences a cyber attack…those can be quite expensive. And the costs can be myriad. It can be the cost of having to hire a third party to forensically investigate and the cost of hiring outside counsel, like myself, to help navigate the notification and regulatory obligations.
It can be the cost of having to notify individuals. It could be the cost you suffer from the loss of business or business interruption…the cost of replacing hardware and software [impacted] by the incident.
And then it could be the cost of having to defend against litigation or regulatory inquiry or the imposed costs of remediation and compliance data, privacy compliance, following an incident."
—Kari Rollins, Managing Partner, Sheppard Mullin