Brokers placing cyber insurance should advise their commercial customers that it’s not enough to just have a plan to respond to computer security breaches they need to test the plan, or “red-team” it.
“An incident response plan is not fully implemented and useful until it has been tested,” Terri Mason, assistant vice president of cyber and professional liability at CNA Canada, said in an interview Thursday with Canadian Underwriter.
Brokers may not be information technology experts, but they can still advise clients to make sure they have a plan to respond to cyber security incidents, said Mason. An incident response plan provides “detailed instructions” for responding to incidents such as distributed denial of service attacks, data breaches, employee error, virus and malware outbreaks.
Continue reading the full article published by Canadian Underwriter.
Vous quittez maintenant le site Web de CNA Canada. Nous ne sommes pas responsables du contenu ou de la disponibilité des sites liés.
Les politiques de sécurité et de confidentialité de ces sites peuvent différer des politiques de CNA. Veuillez lire attentivement les politiques de protection des renseignements personnels et de sécurité des tiers.
Si vous avez des questions ou des préoccupations concernant les produits et services proposés sur les sites Web tiers liés, veuillez contacter directement le tiers.