Claims expert: 4 things to avoid if you suffer a cyber incident

In the hurry to get back online, it’s tempting to immediately reach out to different vendors you believe will help resolve the incident. But since there are many nuances to consider, doing so will only slow the process down and potentially have a negative impact on your claim. What if the incident isn’t what it first seemed? Can the selected vendor offer the level of service required for your size of business? Will the cost of a vendor exceed the amount covered by your policy? 

These are hard questions to answer, which is why we’re here to help. By contacting us straight away, our expert remediators will analyse the demands of your specific case. We’ll then reach out ourselves to trusted partners we know can help bring this type of incident to resolution. 

Negotiating with threat actors is a balancing act where one false move can result in disaster. Say you try to bargain down the price of a ransom too far, and motivate the threat actor to increase the ransom even further. Or worse, what if they end up publishing sensitive data in retaliation, resulting in a PR disaster for your business.

To avoid these pitfalls, we have a global team of specialist negotiators ready to respond on your behalf. Using their extensive threat intelligence channels, knowledge of the particular ransomware group and severity of the cyber incident, our experts will act in your interest in high-pressure negotiations, giving us the best chance of settling a reasonable ransom figure.

If it was easy to restore data, cybercriminals would be out of a job. One slight error when attempting a fix can end up wiping out everything, even if your backups hadn’t originally been destroyed. That’s not all. Sometimes the entire database isn’t affected by a breach. But erasing digital artefacts means you can’t tell who has been impacted, forcing you to notify the entire database regardless and leaving you worse off. Data erasure also makes it difficult to assess the exact nature and impact of the incident, which is essential in fixing, restoring and compensating the claim.

Fortunately, we’ve built the largest in-house incident response team in market, offering deep technical expertise to restore your data, repair your computer systems and get your business back up and running. What’s more, by leaving this tricky task to us, you can focus on what matters most: your business.

When an incident occurs, businesses often have an obligation to make a public statement. But once a statement is out there, there’s no going back; the incident could turn out to be less serious than first feared, but the reputational damage would already have been done. 

It’s important to strike the right balance. Saying too much too soon can damage reputations and mislead customers, so it’s best to reveal only the necessary details until we learn more. If you want to release a statement, or have an obligation to, get in touch and we’ll provide access to the professionals you need to get the balance right, from legal advice to crisis communications.