Protecting your organization against the fallout of a security incident
Author: Charles Pippert

null

The unpredictable nature of a crisis means any organization could suddenly find itself in a dangerous or unstable situation.

Many businesses will have defined action plans in place to respond to perils such as fire, storms, evacuation or medical emergency, as well as business continuity plans to activate should their building, systems or software become unusable. However, few organizations have strategic crisis management plans in place, and fewer still may have a crisis insurance and risk management program.

Which threats should you insure?

Coverage for most crisis events is generally not covered on a standard business insurance policy. Therefore, you would need to decide which of the numerous and unpredictable threats or scenarios to protect your business. So, how do you assess your organization's risk and make the appropriate choices?

Typically business owners would have to purchase individual coverage for specific perils such as terrorism, civil unrest or violent attack. In addition, there are 'unseen' threats such as extortion or blackmail, or perhaps a crisis related to your business activities like product tampering. An event can seemingly come out of nowhere, so is it possible for an organization to be prepared for anything?

'Non-damage' business interruption

Even if your business is not the direct target of a physical attack or damage, you may suffer the impact of business interruption and denial of access to your premises if you are in close proximity to a security incident. The site of a shooting, for example, can be shut down for between 8-72 hours[i] depending on its severity – potentially presenting serious operating challenges for your business if you are situated nearby.

In New York City alone, there has been a 95.4% increase in shooting incidents since 2019[ii], and increased unrest in recent months, including gun violence and property damage. Insured losses from riots in the U.S. in 2020 total more than $1 billion[iii], making it the most costly civil disorder in U.S. history. Countless businesses suffered operational disruption, and some are no doubt still processing the damage.

Taking control of recovery

In times of crisis, people look toward their organization's leadership to restore a sense of control. Business owners should have a clear and comprehensive crisis management plan to share with their people. While education is key to equipping people before and during a security incident, it will be after the event where your stakeholders will test your leadership and your recovery plan.

Recovering from a crisis event can involve managing long-lasting trauma, especially for those most affected by an incident. Issues of re-triggering events, PTSD symptoms and survivor guilt can persist long after the initial crisis response, and a long-term support model should extend for at least twelve months. Depending on the type and severity of the experienced event, this may focus on a return to work, mental health support (e.g., trauma counseling) for employees, and anticipation of litigation/legislative actions.

To help organizations prepare for, respond to and recover from a security incident, we have developed in an industry-first insurance product called Gallagher Crisis Protect. This is a unique crisis management solution that removes the challenge of trying to plan and mitigate for a wide variety of changeable security threats by including protection against 20 perils within one policy and one annual fee.

The varied range of risks detailed in the policy – including Assault, Terrorism, Civil Commotion, Kidnap, Sabotage and Extortion – means that business owners can be confident they have cover in place for almost any eventuality.

Crisis Consulting support

Gallagher Crisis Protect includes a comprehensive crisis consultancy package that helps business owners plan how to mitigate risk, offers support during an incident, and continues to provide help following the incident. The service includes 24/7 telephone access to some of the world’s leading crisis consultants, helping you build resilience and address your duty of care.

For more information contact Charles Pippert.

Author Information:

Disclaimer

The information contained herein is offered as insurance Industry guidance and provided as an overview of current market risks and available coverages and is intended for discussion purposes only. This publication is not intended to offer legal advice or client-specific risk management advice. Any description of insurance coverages is not meant to interpret specific coverages that your company may already have in place or that may be generally available. General insurance descriptions contained herein do not include complete Insurance policy definitions, terms, and/or conditions, and should not be relied on for coverage interpretation. Actual insurance policies must always be consulted for full coverage details and analysis.

Insurance brokerage and related services to be provided by Arthur J. Gallagher Risk Management Services, Inc. (License No. 0D69293) and/or its affiliate Arthur J. Gallagher & Co. Insurance Brokers of California, Inc. (License No. 0726293).

Sources

1Stats from R3 Continuum (R3 c).

2www1.nyc.gov/site/nypd/stats/crime-statistics/citywide-crime-stats.page

3https://www.iii.org/article/civil-disorders-and-insurance