As we kick off 2014, I am starting the New Year with an interview series, which will provide an overview of the cybersecurity industry. In the final part of this three part series, I spoke with Marsh's Senior Vice President of Network Security and Privacy Practice, Matt McCabe, discussing various components of the cybersecurity market. At Marsh, Mr. McCabe is responsible for advising clients on emerging cybersecurity trends and issues and ways in which they can address their unique data and privacy needs. What's more, Mr. McCabe has more than a decade of experience in the legal and cybersecurity realms. He served as senior counsel to the U.S. House of Representatives Committee on Homeland Security, where he advised congressional representatives on federal, state, and local policy involving cybersecurity, data protection, and privacy law. Specifically, in this interview, we examine unique approaches to handling cybersecurity and the process for handling a breach once it is discovered.
How intimately involved is a broker like Marsh when one of your clients discovers a breach?
Following a data breach, the first people who a client should call are the professionals who will lead the response: counsel, forensic services, notification services, public relations firms, etc. At Marsh, we stress the necessity of having these relationships established before a breach occurs. However, we work with clients throughout the breach and after to educate them on how their coverage will respond.
Do you maintain a list of preferred security vendors, forensic analysts, security consultants, etc. for clients to use?
Marsh has long established relationships with security consultants on whom we rely to keep updated of current threats so that we can appreciate threat environments and educate our clients. We can also work with underwriters to have a client's preferred vendor pre-approved for coverage under a policy.
A lot has been made about counterfeit parts that are built containing malware -- are those kinds of new threat vectors something that can be insured against?
Implanted malware is not the only threat. Flawed software code is a leading contributor to cyber security incidents and may become more prevalent if the U.S. government or companies resort to outsourcing to the lowest bidder. Network security coverage can respond to third party losses due to the company's failure of software, which might result in spreading malware to the third party's system or releasing confidential information of the third party, as well as the first party's data loss, business interruption losses and extra expenses for restoring a network. Obviously coverage for any loss or claim would depend upon the unique facts and circumstances of the actual event.
How intimately involved is a broker like Marsh when one of your clients discovers a breach?
Following a data breach, the first people who a client should call are the professionals who will lead the response: counsel, forensic services, notification services, public relations firms, etc. At Marsh, we stress the necessity of having these relationships established before a breach occurs. However, we work with clients throughout the breach and after to educate them on how their coverage will respond.
Do you maintain a list of preferred security vendors, forensic analysts, security consultants, etc. for clients to use?
Marsh has long established relationships with security consultants on whom we rely to keep updated of current threats so that we can appreciate threat environments and educate our clients. We can also work with underwriters to have a client's preferred vendor pre-approved for coverage under a policy.
A lot has been made about counterfeit parts that are built containing malware -- are those kinds of new threat vectors something that can be insured against?
Implanted malware is not the only threat. Flawed software code is a leading contributor to cyber security incidents and may become more prevalent if the U.S. government or companies resort to outsourcing to the lowest bidder. Network security coverage can respond to third party losses due to the company's failure of software, which might result in spreading malware to the third party's system or releasing confidential information of the third party, as well as the first party's data loss, business interruption losses and extra expenses for restoring a network. Obviously coverage for any loss or claim would depend upon the unique facts and circumstances of the actual event.