Outcomes
Summary
"Back from the Breach" – Cyber Resilience Special Roundtable Event 17th September 2024
In today’s digital landscape, where cyber threats are constantly evolving, strong crisis management frameworks are essential. The "Back from the Breach" event, hosted by LMF in collaboration with key industry partners, focused on the importance of cyber resilience and the steps organisations can take to better prepare for and manage cyber incidents. This roundtable event brought together professionals from across the industry to discuss strategies for bolstering defences against cyber threats.
We are especially grateful to our sponsor and valued LMF Corporate Member, NCC Group, for supporting this event and providing exemplary insight into the evolving cyber threat landscape.
The Importance of Preparation and Crisis Management
A key theme of the event was the necessity of proactive preparation for handling cyber incidents. In particular, there was a focus on the insurance sector, where organisations are increasingly aware that preparation and awareness are ongoing efforts. Engaging with key stakeholders well in advance of any crisis is vital, helping to ensure that everyone is aligned and prepared when an incident occurs. This approach facilitates smoother decision-making, especially when time is of the essence during a cyber crisis.
Real-World Lessons from Cyber Incidents
Throughout the event, there was an emphasis on real-world examples of cyber incidents and how they have been managed. The discussions covered practical insights on approaching crisis management from a cyber resilience framework, with key risks such as ransomware and supply chain vulnerabilities highlighted as significant concerns for many sectors, particularly in insurance.
Participants also explored the use of desktop exercises and simulations to help teams prepare for high-pressure scenarios. These exercises allow organisations to refine their crisis response strategies and better handle the smaller, less clear-cut incidents that can sometimes prove most challenging.
Interactive Roundtable Discussions
The roundtable format fostered an open exchange of ideas, with professionals from various roles—including underwriters, brokers, and CISOs—discussing their experiences in managing cyber crises. Key questions, such as "Are incident response plans in place?" and "What is the biggest cyber resilience challenge facing your clients?", sparked meaningful discussions about preparedness and response strategies.
One challenge that was frequently discussed was the reliability of data during a cyber incident. Organisations often face difficulties in making timely decisions due to either an overwhelming amount of data or too little actionable information. Developing systems to provide reliable, actionable insights during a crisis was identified as a critical need.
The Golden Hour: Critical Decision-Making
The event also explored the importance of the "golden hour"—the critical period immediately following the detection of a cyber incident. During this time, timely and informed decision-making is crucial in mitigating potential damage. The need for clear roles and responsibilities within the crisis management team was highlighted as essential to ensuring an effective response. Having the right people in place and ensuring smooth team dynamics were seen as key factors in successful crisis management.
The Friday Phenomenon: Why Cyber Incidents Often Surface at the End of the Week
An interesting insight from the discussions was the observation that cyber incidents are frequently discovered on Fridays, particularly after public holidays. While incidents may not happen more often on Fridays, they are often noticed then due to the potential for reduced preparedness towards the end of the working week. This phenomenon prompted attendees to reconsider their readiness strategies, especially for weekends and public holidays, when teams might be less alert.
The Value of External Support and Continuous Learning
Another prominent theme was the importance of external cybersecurity support. Many attendees noted the benefits of having external experts on retainer to assist with managing cyber incidents. External partners can provide additional expertise and resources, particularly when internal teams are stretched during a crisis.
The discussions also emphasised the value of learning from every incident. Reflecting on both large and small incidents is key to improving future responses and building long-term resilience.
Networking and Collaboration Opportunities
In addition to the formal discussions, the event offered valuable opportunities for networking. Attendees enjoyed a hot-cooked breakfast while exchanging ideas and building connections with peers across the industry. Events like these provide an important platform for collaboration and sharing best practices, which have become a hallmark of LMF gatherings.
Conclusion: Building Resilience Together
The "Back from the Breach" event served as a timely reminder of the importance of cyber resilience in today’s rapidly evolving threat landscape. The event highlighted the need for preparation, continuous learning, and collaboration in building organisations capable of withstanding increasingly sophisticated cyber threats.
As LMF continues to lead discussions within the insurance sector, future events will ensure that professionals stay connected, informed, and better equipped to navigate the challenges posed by the cyber world.