Mining resilience: Leveraging insurance for incident recovery
Cyberattacks, fires, floods, earthquakes, and thefts. Operating a business entails certain unpredictable risks. A single event can wreak havoc. Though mining organizations may appear unlikely targets for cyberattacks due to their physical nature, this assumption is far from accurate. As their use of, and dependence on, technology expands, so does the vulnerability of their operations, widening the potential opportunities for attack.
For example, an attacker may target the automated machinery control system within a mine, causing it to malfunction or shut down entirely. Without the machinery’s functionality, the mine’s productivity could drastically decline. This business interruption, in combination with the costs to restore technology and networks, could result in significant financial losses and/or extra expense loss.
Understanding how cyber insurance can respond to the impact of these attacks is becoming increasingly important. The complexities of the insurance programs regarding instances of ransomware and cyberattacks are unique and challenging. These insurance contracts often include several policies that address business interruption, property damage, kidnap and ransom, and crime and fidelity. In addition, in the event of a claim, there could be numerous insurers and several insurance adjusters working on one related incident.
What can cause a cyber or network security insurance claim?
While the answer is continuing to evolve, it is not yet universal. Most cyber insurance claims are the result of employee mistakes and human error. Equally, most external cyberattacks, such as distributed denial of service attacks, phishing, and ransomware/malware campaigns, are more costly to those affected. Some scenarios that include cyber crime and/or triggers for a cyber insurance claim may include the following:
> Extortion payments made by the company in the event of a ransomware attack.
> Funds transfer fraud attacks and business email compromises (BEC); a company is tricked into making a payment into an attacker-controlled account.
> Distributed denial of service attacks where a company’s servers crash due to the high volume of traffic directed to it by cyber criminals.
> Email hacks or other unauthorized actions (phishing, shoulder surfing, etc.).
> Juice jacking: compromise of devices like phones and computers that use similar data cables (charging/data transfer/USB) to install malware on the device.
> Document manipulation or destruction.
> Access to sensitive business data being shared unlawfully by a company employee.
> Sophisticated equipment breached, impacting efficiency and resulting in decreased or lost production.
> The high cost (financial and reputational) of communicating to customers that their sensitive information has been exposed.
Ransomware and cyberattack costs covered by insurance
Most insurance policies mandate adequate security standards to help prevent and even mitigate any potential damages caused by ransomware and cyberattacks. Some policies may exclude certain incurred costs depending on the insured’s business practices, the occurrence of the cyberattack, and the policy overall. Although cyber insurance policies vary, some may provide coverage for the following:
> Lost profits from a cyber attack that interrupts day-to-day operations and services.
> Regulatory fines for data breaches.
> Legal defense fees resulting from data breaches.
> Costs to hire cybersecurity professionals to determine and repair any impacts of cyber breach found in current systems.
> Credit monitoring service costs for parties impacted by a data breach or cyber attack.
> Ransoms paid to recover systems.
> Professional fees incurred to measure, document, and prepare the insurance claim.
Cyber threats are growing at an exponential rate globally, with 71% of mining participants in EY’s most recent global information security survey having seen an increase in the number of disruptive attacks over the past 12 months, and 55% are worried about their ability to manage a cyber threat. Understanding how your insurance interacts with your operations is critical to allow you to restore your business and recover what was lost.
NADIA ZED leads Canada’s mining and metals insurance claims services practice as a member of the insurance claims services team within the forensics practice at EY.
Comments