Issue 129 – November 2022
New Cyber Security ResourcesBy Senior Risk Manager Alex Mellor and Insurance Programs Manager Jim Thyden
The 2022-23 Cyber Liability Program renewal was challenging for many reasons. The frequency and severity of cyber incidents affecting local government agencies is a worrying and upward trend. Additionally, the public sector lags behind other industries in its cybersecurity proficiencies. Both circumstances have led to the reduced willingness of insurers to write cyber liability coverage.
Ultimately, the Authority obtained pool-wide coverage for 2022-23 through two insurers – Great American Insurance Company (GAIC) and Tokio Marine Houston Casualty Company.
All members have access to GAIC’s Eagle Eye cyber risk management platform. This platform includes the following three resources:
- Employee Insights. A shareable checklist to help employees remember and avoid the most common security errors.
- Security Scorecard. An instant scan of how hackers, vendors, and the public see your website from the outside. Note: Security Scorecard is a third-party service that requires members to create an account to access it.
- Security Roadmap. A multi-session questionnaire that compares member cybersecurity practices to the National Institute of Standards and Technology (NIST) Cybersecurity Framework. Upon completing the questionnaire, Security Roadmap provides recommendations for improvement and allows members to track progress.
To access these resources, complete the following steps:
- Open a web browser and navigate to the Eagle Eye website.
- Click “Create An Account” in the top right corner.
- Complete the policyholder registration form. (Note: You will need to request the policy number and zip code from your regional risk manager.)
- Click “Register” and follow the instructions to access Eagle Eye.
Members are strongly encouraged to take advantage of these resources as tools to improve cybersecurity practices and to increase the likelihood that the Authority will be able to obtain pool-wide cyber liability coverage in the future.
If your agency does experience a cyber incident, you should immediately call the GAIC crisis hotline at (877) 209-2009 or send them an email. GAIC will assign an incident coach – at no cost to members – to guide you through responding to the cyber incident. If additional services (i.e., forensic, restoration services) are necessary to respond to the incident, those are the responsibility of each member up to the applicable deductible.
Please contact your regional risk manager if you have any questions or would like additional information.< Back to Full Issue Print Article