“Maybe Christmas, he thought, doesn’t come from a store. Maybe Christmas…perhaps…means a little bit more!” – Theodor Seuss Geisel, How the Grinch Stole Christmas

Merry Christmas!

Recently,  I was asked to explain why Cyber Insurance was necessary if offsite backups have my data protected.  It does sound like you are paying twice for protection but I assure you, Cyber Insurance is much more than a data backup.

First, lets look at how cyber criminals work. Their number one goal is to get access to your systems and data.  They get this through a variety of methods, the most common is a phishing email where an unsuspecting soul clicks a link which installs a backdoor.  Once the backdoor is available, the criminals have options.  Typically, they will encrypt the machine, rendering it useless and demand a ransom to unencrypt it.  Oddly, this is the scenario you hope for, because if they lurk in the shadows for months, gathering data, your problem just got a whole bunch worse! 

Think your data is useless to anyone but you?  Think again.  If you store social security numbers (payroll), insurance information (payroll), bank accounts (payroll), credit card info (customers/vendors), names & addresses (customers/vendors/employees) OR the golden egga spreadsheet with passwords to all of your online accounts, then you have data worth stealing.

So…you wake up one morning and discover you’ve been breached!! What do you do?  First hand knowledge says you Panic!  Then you Vomit!  Then you Pray! Then you call your Cyber Insurance Company!

The Cyber Insurance company will tell you “So Sorry, I don’t think this is covered by your policy!”  (And again, you Panic! You Vomit! You Pray!)  As a courtesy, they assign a lawyer and a forensics team to your case. 

The lawyer tells you not to worry, the insurance call center is not allowed to tell anyone their case is covered.  The forensics team swoops in and either confiscates the computers or takes images of all the infected computers.   If the criminals have been lurking in the shadows, forensics will want to examine the backups as well. 

Each scenario is different, but it is common for the Cyber Security Company to prohibit use of the computers until after the forensics team has given the “okay” .   Sometimes it takes hours, sometimes it takes days or weeks.   

You already know lawyers are expensive.  Lawyer fees look like a gift from God when compared to the fees of the forensics team!  And who gets to pay the lawyer and the forensics team?  The Cyber Insurance Company pays them!  You have Cyber Insurance, right? 

What happens next?  The Forensics team determines if any data has left the building.  If data has been extracted, they figure out who has to be notified of the leak. The Cyber Insurance Company will assist with the notifications and will offer credit monitoring and identity restoration if deemed necessary. 

If backups are corrupt, Cyber Insurance will negotiate the payment of ransoms.  They also assist with public relations expertise.  I don’t sell Cyber Insurance, but I highly recommend it.  No one pays for insurance with the intent to use it, but if calamity strikes, you will be incredibly grateful to have it.

If you need help securing your computers, give me a call.  I would be honored to assist.

 Wishing you a Very Secure & Very Merry Christmas!

For Your Holiday Enjoyment: My Favorite Christmas Play