The unpredictable nature of a crisis means any organization could suddenly find itself in a dangerous or unstable situation.
Many businesses will have defined action plans in place to respond to perils such as fire, storms, evacuation or medical emergency, as well as business continuity plans to activate should their building, systems or software become unusable. However, few organizations have strategic crisis management plans in place, and fewer still may have a crisis insurance and risk management program.
Which threats should you insure?
Coverage for most crisis events is generally not covered on a standard business insurance policy. Therefore, you would need to decide which of the numerous and unpredictable threats or scenarios to protect your business. So, how do you assess your organization's risk and make the appropriate choices?
Typically business owners would have to purchase individual coverage for specific perils such as terrorism, civil unrest or violent attack. In addition, there are 'unseen' threats such as extortion or blackmail, or perhaps a crisis related to your business activities like product tampering. An event can seemingly come out of nowhere, so is it possible for an organization to be prepared for anything?
'Non-damage' business interruption
Even if your business is not the direct target of a physical attack or damage, you may suffer the impact of business interruption and denial of access to your premises if you are in close proximity to a security incident. The site of a shooting, for example, can be shut down for between 8-72 hours[i] depending on its severity – potentially presenting serious operating challenges for your business if you are situated nearby.
In New York City alone, there has been a 95.4% increase in shooting incidents since 2019[ii], and increased unrest in recent months, including gun violence and property damage. Insured losses from riots in the U.S. in 2020 total more than $1 billion[iii], making it the most costly civil disorder in U.S. history. Countless businesses suffered operational disruption, and some are no doubt still processing the damage.
Taking control of recovery
In times of crisis, people look toward their organization's leadership to restore a sense of control. Business owners should have a clear and comprehensive crisis management plan to share with their people. While education is key to equipping people before and during a security incident, it will be after the event where your stakeholders will test your leadership and your recovery plan.
Recovering from a crisis event can involve managing long-lasting trauma, especially for those most affected by an incident. Issues of re-triggering events, PTSD symptoms and survivor guilt can persist long after the initial crisis response, and a long-term support model should extend for at least twelve months. Depending on the type and severity of the experienced event, this may focus on a return to work, mental health support (e.g., trauma counseling) for employees, and anticipation of litigation/legislative actions.
To help organizations prepare for, respond to and recover from a security incident, we have developed in an industry-first insurance product called Gallagher Crisis Protect. This is a unique crisis management solution that removes the challenge of trying to plan and mitigate for a wide variety of changeable security threats by including protection against 20 perils within one policy and one annual fee.
The varied range of risks detailed in the policy – including Assault, Terrorism, Civil Commotion, Kidnap, Sabotage and Extortion – means that business owners can be confident they have cover in place for almost any eventuality.
Crisis Consulting support
Gallagher Crisis Protect includes a comprehensive crisis consultancy package that helps business owners plan how to mitigate risk, offers support during an incident, and continues to provide help following the incident. The service includes 24/7 telephone access to some of the world’s leading crisis consultants, helping you build resilience and address your duty of care.
For more information contact Charles Pippert.