Cyber Incident Response 

⇒  Incident Response Costs 

The Insurer agrees to pay any reasonable sums necessarily incurred by the client, or on the client’s behalf, as a direct result of a cyber event first discovered by the client during the period of the policy to:

• Gain access to our 24/7 cyber incident response hotline;
• Engage with our cyber incident manager who will coordinate the initial response;
• Obtain initial advice and consultancy from the Insurer’s cyber incident manager, including threat intelligence in relation to the cyber event; 
• Obtain initial remote support and assistance from the Insurer’s cyber incident manager to respond to the cyber event.

⇒  Legal and Regulatory Costs 

We agree to pay on your behalf any reasonable sums necessarily incurred by you, or on your behalf, as a direct result of a cyber event first discovered by you during the period of the policy to:

• Obtain initial legal advice to determine your privacy breach notification obligations;
• Draft notification letters, substitute notices, website notices or e-mail notification templates; 
• Notify any appropriate government, regulatory, law enforcement, professional or statutory body.

⇒  IT Security And Forensic Costs 

The Insurer pays any reasonable sums necessarily incurred by the client, or on the client’s behalf, as a direct result of a cyber event first discovered by the client during the period of the policy to:

• Engage with an external IT security consultant to identify the source and scope of the cyber event;
• Obtain initial advice to remediate the impact of the cyber event;
• Conduct a forensic investigation of your computer systems where reasonable and necessary or as required by law or a regulatory body (including a requirement for a PCI Forensic Investigator);
• Contain and remove any malware discovered on the client’s computer systems; 
• Engage with an IT security consultant to provide expert witness testimony at any trial or hearing arising from the cyber event.

⇒  Crisis Communication Costs 

The Insurer covers any reasonable sums necessarily incurred by the client, or on the client’s  behalf, as a direct result of a cyber event first discovered by the client during the period of the policy to:

• Engage with a crisis communications consultant to obtain specific advice in direct relation to the cyber event;
• Coordinate media relations in response to the cyber event;
• Receive training for relevant spokespeople with respect to media communications in direct relation to the cyber event; 
• Formulate a crisis communications plan in order to reduce damage to your brand and reputation as a direct result of the cyber event.

⇒  Privacy Breach Management Costs 

The Insurer pays any reasonable sums necessarily incurred by the client, or on the client’s behalf, as a direct result of a cyber event first discovered during the period of the policy to:

• Print and post appropriate notices for any individual affected by the actual or suspected cyber event or send e-mail notices or issue substitute notices;
• Provide credit monitoring services, identity monitoring services, identity restoration services or identity theft insurance to affected individuals;
• Set up a call center to manage inbound and outbound calls in direct relation to the cyber event; 
• Provide translation services to manage communications with affected individuals.

⇒  Third-party Privacy Breach Management Costs 

The Insurer pays any third party any reasonable sums necessarily incurred as a direct result of a cyber event first discovered by the client during the period of the policy to:

• Print and post appropriate notices for any individual affected by the actual or suspected cyber event or send e-mail notices or issue substitute notices;
• Provide credit monitoring services, identity monitoring services, identity restoration services or identity theft insurance to affected individuals;
• Set up a call center to manage inbound and outbound calls in direct relation to the cyber event; 
• Provide translation services to manage communications with affected individuals;
• Provided that the client has contractually indemnified the third party against this cyber event that they have a legal obligation to notify affected individuals and that any costs incurred are with a provider that the Insurer has selected and approved in conjunction with the client.

⇒  Post Breach Remediation Costs 

The Insurer agrees to pay any reasonable sums necessarily incurred by the client, or on the client’s behalf, with the Insurer’s cyber incident manager for any services that will mitigate the potential of a future cyber event following a cyber event.