EPISODE · Feb 21, 2024 · 17 MIN
“Best Practices: How to Protect Your Business Against Bad Actors & Cyber Threat”
from Chattinn Cyber
Tech-related business insurance is evolving fast and Anthony Dolce, our guest on this episode of Chattinn Cyber, is a thought leader at the forefront. As head of Professional Liability & Cyber Underwriting at The Hartford, he brings 25 years of industry expertise to the myriad issues shaping policy development and recommended coverages for businesses – whether tech giants or third-party users of technology. Anthony explains the differences between Cyber and Tech Errors & Omissions (E&O) policies – as well as who needs which and in what combination. He also highlights for Host March Schein, National Co-Chair of the Cyber Center for Excellence, the confluence of factors that make tech companies such attractive targets for threat actors. You’ll learn about the most common – and damaging – cyber liabilities out there; things like network attacks, ransom ware assaults, data breaches, business interruption, data restoration costs and third-party vulnerabilities. And don’t miss our guest’s comprehensive list of best practices to control risk for companies of all kinds, whatever their core business. “Nothing’s a silver bullet, but you can help mitigate potential exposure,” says Anthony, whose Connecticut-based career began in claims before migrating to underwriting. Find out what differentiates The Hartford’s Tech E&O and Cyber insurance solutions and how their team of experts guarantee insureds the best possible outcomes when privacy breaches, data hacks or other negative events occur. (Hint: specialized expertise and preparedness are key!) Key Takeaways: Why taking a leap and moving to the business side at The Hartford was one of those pivotal choices that changed the course of Anthony’s career – and all too the good! From claims to underwriting: How Anthony made the jump and why it has shifted his focus. About the collaborative, social elements that define much of the underwriter’s process and goals. What’s a Cyber Policy? If you’re doing business of any kind on the internet, then you probably need some form of coverage. What’s a Tech E&O Policy? If you providing a tech service of some kind, then you probably need some form of coverage. At the intersection: A look at insurance policies that simultaneously cover exposures in the realms of both Cyber and Tech C&E exposure. About the evolution of Tech E&O + Cyber and coverages required in an internet economy full of data transmittal, management and risk exposures. Why large technology companies are such high-value targets for threat actors eager to double-dip by accessing downstream secondary client information. How The Hartford differentiates itself as an established carrier with a wide array of solutions for any business eventuality: Stand-alone Tech E&O coverage. Tech E&O coverage + cyber coverage. A wide variety of mix-and-match options. Specialized tech expertise to ensure optimal insurance outcomes. About potential cyber liabilities unique to technology firms: Network cyber-attacks. Ransom ware attacks. Data breaches (and related extortion). Business interruption. Data restoration costs. Professional/product exposure due to third-party contractual, regulatory or subrogation issues. Supply chain and systemic risk: A closer look at the variety of vulnerabilities passed down to companies impacted by global industry events. Recommended best practices to note: Perform regular software composition analyses. Deploy tools to track vulnerabilities. Undertake regular code reviews, including both static and dynamic scans. Implement regular in-house or third-party security and resiliency testing. Develop a solid IRP (Incident Response Plan). Ensure that your cyber insurance carrier is an integral part of your IRP. Stage incident response table-top exercises to align all stakeholders. Establish a roll-back plan to close vulnerabilities and limit negative events. Monitor your product and its resiliency. Remember: There are no silver bullets; only solid preparation maximizes risk mitigation and rapid recovery. Key Quotes: “You only get so many pivots in your career, as I tell junior folks, and so I jumped at the challenge to be on the business side (at The Hartford) and I’m happy I did.” – Anthony (01:50) “With underwriting, everyone is generally trying to get to a point where there’s agreement, a deal, a win. And that’s one of the things I really like about it.” – Anthony (02:54) “When breach and notification laws came into existence when California passed its first law around 2000, you started to have the need for a number of different coverages both for first-party and third-party.” – Anthony (05:49) “Tech companies accounted for nearly a quarter of ransom ware attacks within the last few years … and part of that is that they’re just a very attractive target by virtue of their interaction with clients and what they do.” – Anthony (08:32) “You really do need specialized tech expertise (to) get the best result for your insureds and guide them through what can sometimes be a complicated scenario with both first-party and third-party coverages, depending on what’s happened.” – Anthony (10:34) “One of the biggest areas of concern when I speak to general folks in the cyber marketplace is supply chain and systemic risk.” – Marc (12:42) “Make sure you’re making your cyber carrier an integral part of (your) IRP. Utilize their resources and their claims folks, because they’re in-house experts at what they do.” – Anthony (15:46) “For an incident response plan to be good, you need to test it and make sure that the decision-makers are in the loop.” – Anthony (16:03) “Nothing’s a silver bullet but you can help mitigate potential exposure.” -Anthony (16:50)   ABOUT OUR GUEST: An insurance professional with 25 years of experience in law and a wide variety of insurance-related positions in North America, Anthony has handled thousands of cyber and privacy matters and frequently speaks and writes on legal/insurance related issues. He has also managed teams handling a variety of lines of business including Cyber, Healthcare, Technology, Media, Employment Practices Liability, Errors & Omissions and Directors & Officers liability. Anthony is a graduate of UCONN Law School and a member of the Connecticut bar.
NOW PLAYING
“Best Practices: How to Protect Your Business Against Bad Actors & Cyber Threat”
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.