“We’re in a time of emerging and evolving cybersecurity and privacy regulations and companies need to be diligent in their preparation and adherence. To mitigate a loss of service and ensure risks are assessed and appropriately protected, essential service companies will need to look beyond technology and ensure their protections are also adequately addressing employee risks since our data shows employees are ultimately the weakest link in most events. As we’ve seen in other regions with similar regulations, cyber insurance can also play a significant role in helping companies respond to a breach, mitigate damage and protect the balance sheet.”
Jamie Monck-Mason, Executive Director in Willis Tower’s Watson Cyber practice and a wording and policy expert, also commented:“While it may be easy to think of the NISD as yet another compliance burden, companies should harness it for business advantage and bolster their cyber risk strategies by: creating a cyber resilient culture so employees feel prepared for future incidents; enhancing supply chain trust and resilience by engaging third party suppliers and customers in cybersecurity processes and business continuity measures and approaching cyber risk transfer more analytically.”
“Insurance can provide improved cyber resiliency by: restoring data, software and system functionality; covering the costs of regulatory investigations; defending third party cybersecurity claims; mitigating reputational damage; as well as covering breach response costs and network business interruption losses.”
|