Crisis manager Crawford & Company explains

Cyber criminality can take on a number of forms – but one aspect always remains constant: the criminal energy of the attackers!

The hackers’ motivation is to seriously disturb a company’s operations and to gain a financial advantage from the criminal act – with correspondingly negative consequences for the parties concerned. If this scenario occurs, the following are crucial: good preparation and professional and coordinated actions!

Attackers usually gain access to the IT systems of the parties concerned and the sensitive data stored on these systems. In the past, the main focus of the risk assessment was often on the associated data protection and regulatory aspects. These aspects must always be taken into account, as otherwise there is the potential for hefty fines from the supervisory authorities. The recent past shows that authorities are increasingly imposing these types of fines due to data breaches (e.g. in accordance with the GDPR).

Fraudulent emails and encryption Trojans

The usual attack vectors are still often email fraud or attacks with encryption Trojans (ransomware). Over the past 12 months, we have been monitoring the trend towards increasing targeted attacks that are often based on social engineering (e.g. by phishing emails) in conjunction with complex, smart and automated malware (such as e.g. Emotet which is deemed to be one of the most destructive and cost-intensive malwares).

The damage and losses resulting from cyber incidents may take on significant proportions in many cases. In addition to the regulatory aspects mentioned and data protection, the potentially significant damage to the company’s reputation and the financial losses of this company must also be taken into account.
The financial losses incurred are not restricted to the monetary expenditure for restoring data, IT forensic analysis and the evaluation of the attack, and to the costs of involving specialist lawyers and PR consultants. Financial losses that result from the temporary standstill of businesses or even entire corporate groups are increasingly playing a leading role in the risk assessment.

Crisis management with professional help in the event of damage

In addition to preventative measures for defence against and prevention of attacks, acting quickly and professionally in the event of damage or loss is usually the key to best overcoming cyber incidents and reducing the resulting damage and losses. In terms of crisis management, an external crisis manager may coordinate the management processes involved centrally together with the companies involved. With access to a carefully chosen and extensive network of external specialists as a result of framework agreements with IT forensic experts, lawyers and PR consultants, Crawford has the resources to offer active support in the event of damage or loss. Experts experienced in major damage and losses work at Crawford as crisis managers to offer support during the whole process, from the initial analysis and mitigation of the incident to the subsequent damage claims process as part of cyber insurance. This fully integrated crisis and claims management process represents a smooth and efficient solution for the entire cyber insurance claim.

GrECo best practice recommendations for mitigating the damage of a cyber incident

Florian Sättler is Head of Cyber Services, Germany/Austria and works as a Cyber Incident Manager at Crawford & Company (Deutschland) GmbH. The qualified industrial engineer started working as an expert in insurance claims for Crawford Global Technical Services (GTS) in 2014 and investigated various large national and international claims in the commercial and industrial sector. He has been an accredited Crawford GTS Cyber Incident Manager since 2017 and is responsible for crisis management/incident response in the event of cyber incidents, with a focus on Germany, Austria and Switzerland in cooperation with Crawford network partners.
Crawford & Company is the world’s largest listed and independent claims provider and has been helping policyholders and insurers with the solution-oriented processing of claims resulting from cyber criminality since 2014, using the Crawford CyberSolution. Crawford & Company has approximately 9,000 employees globally and has already processed well over 1,000 cyber claims.

Related Insights