You’ve taken a rare holiday to visit relatives abroad. While you’re sipping your first cocktail of the evening your phone chimes. It’s the office back home. Your database administrator needs to notify you of a problem at your network services provider. The cause is not yet clear but the contingency plans worked well and the network is back up and running. Everything seems to be okay. You go back to your drink.
The next day you get an update. It’s now thought a hacker was involved and there’s a chance customer records were compromised. Somehow, the local TV news has the story and they’ve called your office asking for a comment. Your holiday comes to a premature end. Your IT team needs specialist help assessing exactly how the hacker got in and what data was stolen. Your operations director needs you to urgently approve a £15,000 retainer for a computer forensics specialist to help investigate the breach. He tells you that you have to do this if you’re to have any hope of maintaining PCI DSS compliance.
By mid afternoon the following day the story has broken on the news services and your receptionist is overwhelmed with calls from anxious customers and the media. A lawyer who claims to represent “concerned parties” has also been in touch. You need to ramp up your PR and hire additional resources - fast.
By the end of the week the network forensics are still ongoing but you don’t yet know the full extent of the breach. It looks like payment records may be involved. It’ll take at least another ten days and another £10,000 to ascertain the full details – money that your CFO says isn’t in your budget. Your counsel also urgently needs to know exactly what data were compromised in order to comply with breach notification legislation.
The regulator has launched a formal investigation. You and several colleagues must attend hearings. A payment card issuer’s fraud department has written to warn you that if your merchant’s database was compromised, you may be contractually liable for losses.
By the time the dust settles:
Annette B, Company Secretary, ICT
You can call us to talk more about your business on +1 646 665 7737
Specialist & Independent
La Playa's specialist Science & Tech team can help you protect your business with smart, flexible, high-performance insurance - with a friendly human UI. We understand the risks and pressures you face - and we speak your language. We’ll support you with great advice - helping you make good decisions for your business.
Advice You Can Trust
…from an expert who understands you
Tech-based business is 24/7, global and borderless, always exposing you to new risks and liabilities - often in unfamiliar places. As the law struggles to keep pace with technology, insurance can provide a real safety net if you fall foul of changing legislation.