How risk managers can help businesses strengthen cyber resilience
Technology and AICyberManagement LiabilityWhitepaperOctober 3, 2023
Cyber risk may be shadowy and ever-shifting, but preparing for it doesn’t have to be. Today, risk managers can and should play a key role in helping their company shape a smart cyber incident response plan. Why? The stakes are too high and the potential impact too extensive to leave the responsibility solely to the Information Technology (IT) function.
Cyber resilience today requires collaboration among Information Security (i.e.., the Chief Information Security Officer), Risk Management, Legal and others. Considerations include the potential business impact of malware, crippling supply chain attacks and stringent regulatory requirements. Cyber risk is evolving, and risk managers at many companies are being asked to bring their perspective to a highly technical discipline. In some cases, they’re being asked to lead efforts to strengthen cyber resilience without the necessary information and tools to be effective.
Seeing the need, Zurich offers insights to help risk managers assist their organizations in preparing for and responding to cyber threats. The white paper here covers the building blocks of an effective cyber incident response plan, including:
- Which aspects are most critical
- Where some plans fall short
- Why practice pays off
Managing cyber risk effectively can help deliver a clear return on investment for a business, one that the C-suite appreciates and that helps protect customers and their data.
Want to strengthen your company's cyber resilience?
Download the PDF
Zurich Cyber Resilience White Paper (3.32 MB/PDF)
This whitepaper has been prepared by Zurich North America (“Zurich”) and the opinions expressed herein are those of Zurich as of the date of writing and are subject to change without notice. The information in this publication was compiled from sources believed to be reliable for informational purposes only. All sample policies and procedures herein should serve as a guideline, which you can use to create your own policies and procedures. We trust that you will customize these samples to reflect your own operations and believe that these samples may serve as a helpful platform for this endeavor. Any and all information contained herein is not intended to constitute advice (particularly not legal advice). Accordingly, persons requiring advice should consult independent advisors when developing programs and policies. We do not guarantee the accuracy of this information or any results and further assume no liability in connection with this publication and sample policies and procedures, including any information, methods or safety suggestions contained herein. We undertake no obligation to publicly update or revise any of this information, whether to reflect new information, future developments, events or circumstances or otherwise. Moreover, Zurich reminds you that this cannot be assumed to contain every acceptable safety and compliance procedure or that additional procedures might not be appropriate under the circumstances. The subject matter of this publication is not tied to any specific insurance product nor will adopting these policies and procedures ensure coverage under any insurance policy. Nothing herein should be construed as a solicitation, offer, advice, recommendation, or any other service with regard to any type of insurance product underwritten by individual member companies of Zurich in North America, including Zurich American Insurance Company, 1299 Zurich Way, Schaumburg, IL 60196. This whitepaper may not be distributed or reproduced either in whole, or in part on other communication channels, without prior written permission of Zurich North America, 1299 Zurich Way, Schaumburg, IL 60196. Neither Zurich Insurance Group Ltd nor any of its subsidiaries accept liability for any loss arising from the use or distribution of this whitepaper.