White House Issues Ransomware Prevention Guidance to Businesses

In a recent letter addressed to corporate executives and business leaders, the White House emphasized that
bolstering the nation’s resilience against cyberattacks is a main priority for President Joe Biden’s administration.
Specifically, as ransomware attacks continue to rise in both cost and frequency throughout the country, the
federal government is urging businesses to take this evolving cyber threat seriously.

These attacks—which entail a cybercriminal deploying malicious software to compromise a business’s network or
sensitive data and demand a large payment be made before restoring this technology or information—have
quickly become a growing concern across industry lines. In fact, the latest research provides that ransomware
attacks have increased by nearly 150% in the past year alone, with the median ransom payment demand
totaling $178,000 and the average overall loss from such an attack exceeding $1 million.

While the White House has begun working with both domestic and international partners on various strategies to
prevent ransomware attacks, the Biden administration is also encouraging businesses to play their part in
minimizing this rising cyber concern. Rather than viewing ransomware attacks as a minor cyber risk, the federal
government is instructing businesses to view these attacks as a significant exposure—one with the potential to
wreak havoc on their key operations.

As such, the Biden administration is recommending that businesses convene with their senior leadership teams
to review their ransomware exposures and implement these top cybersecurity measures:


  • Utilize the federal government’s best practices. Businesses should be sure to incorporate the best
    practices outlined in the Biden administration’s Executive Order on Improving the Nation’s Cybersecurity. This
    includes the following practices:
    o Implementing multi-factor (MFT) authentication on all workplace technology
    o Leveraging endpoint detection and response tools to identify and deter suspicious network activity
    o Encrypting sensitive data to make it less accessible to cybercriminals
    o Developing a trusted and skilled workplace cybersecurity team
  • Ensure an effective incident response plan. All businesses should have cyber incident response plans in
    place. These plans outline proper response protocols and offer steps for minimizing potential damages during
    cyberattacks. Businesses should make sure to include several ransomware attack scenarios within their
    response plans and routinely test these scenarios with their cybersecurity teams. Based on test results,
    businesses should revise their response plans accordingly.
  • Conduct frequent data backups. In addition to the federal government’s best practices, businesses should
    also prioritize securely backing up all sensitive data, images and other important files on a regular basis.
    Conducting such backups can help businesses remain operational and continue to access crucial data in the
    event that any workplace technology is compromised in a ransomware attack. Data backups should remain
    offline (not connected to key business networks) and be routinely tested.
  • Keep critical networks separated. In order to keep ransomware attacks from fully disrupting their operations, businesses should attempt to segment their various workplace networks (e.g., sales production, and corporate) from one another rather than having a unified network. Access to each network should be restricted to those who use them to conduct their job tasks. Networks should only allow internet access as needed. That way, businesses can avoid becoming completely compromised by single-network ransomware attacks and continue performing critical functions.

  • Maintain updated security software. To help safeguard workplace technology from ransomware threats,
    businesses should equip their systems and devices with adequate security software—such as antivirus
    programs, firmware protections and firewalls. Further, this software must be regularly updated to remain
    effective. That being said, businesses should also consider utilizing centralized patch management systems to
    keep security software on a consistent update schedule.
  • Review workplace cyber security protocols. Apart from testing their response plans, businesses should
    also regularly assess whether their existing workplace cybersecurity policies, procedures and software are
    sufficient in protecting against current risks—such as ransomware threats. In particular, businesses should
    consider using a third-party penetration tester to review their ransomware defense tactics and overall
    cybersecurity capabilities. Businesses should work with their trusted cybersecurity teams and IT experts to
    make workplace adjustments as needed (e.g., updating policies or purchasing new security software).

For additional risk management guidance and insurance solutions email me James Buscarini, PCA at jbuscarini@libertateins.com or call me at 813.367.7574.

Week in Rewind <<

If you haven’t noticed our focus has been heavily weighted in the area of cyber risk! Too many of our friends and clients have been impacted lately by cyber thieves. Yes, we sell insurance, but we are passionate about the benefits of insurance. We are all about Mitigating Risk and Loss Exposure!

So How Does Cyber Insurance Actually Help?

What Does It Cover?

First thing to know here is, in most cases you can design a plan to cover your business’ specific needs. As a generalization Cyber Coverage includes the following:

  • Defense and Settlement – civil proceeding or investigation
  • Regulatory fines and penalties including forensic examination
  • Re-certification services
  • Cyber extortion
  • Ransomware
  • Website media
  • Business interruption
  • Data recovery
  • Crisis management and fraud response
    • notification to breach parties
    • call center operations
    • design and implementation of website for advising breach parties
    • credit monitoring
    • public relations
    • associated legal expenses

What It Does Not Typically Covered

  • Potential future lost profits
  • Loss of value due to theft of intellectual property
  • Improvement costs to internal systems after cyber evet
    • Your other policies may be “activated” in the event of a cyber incident, but there are likely gaps in coverage for what damages are actually covered. The industry term, “Silent Cyber” refers to cyber loss exposure not covered under traditional, non-cyber insurance policies; namely the exposure is silent.

IT Risk Management

In an effort to further educate our audience we are providing links to our previously published articles on creating a better infrastructure to avoid successful attempts.

The Wall Street Journal reported that Colonial Pipeline authorized ransom payment of $4.4 million as a result of the company not being able to quantify the magnitude of the cyberattack breach to their system and the length of time to get things up and running again. Feet held to the fire for resolve and the decryption tool provided for ransom payment did not bring full restore back to Colonial. We can all feel the impact of the Colonial hack.

CNN reports that the Justice Department indicated that 2020 was the worst year for cyber attacks with ransomware demands, on average, exceeding $100,000 but as high as tens of millions of dollars. “….A key lesson here is that while technology and automation is good, we must also have the ability to efficiently operate manually as well. Attacks will happen, but how quick can you recover and restore critical services?”, Brian Harrel, former assistant secretary for infrastructure protection at the Department of Homeland Security, as reported by CNN. Having the support of insurance coverage through a Cyber policy is definitely one way to mitigate recovery exposure, should you fall victim.

NAPEO has pre-recorded webinars and information available on Cybersecurity. For non-members, follow this link to join.

Libertate Insurance Services has access to a variety of programs for Cyber Risk Coverage. Contact us, let us help you identify your Company’s Cyber Risk and find the best placement for your needs.

5 Ways Cyber Business Interruptions Differ from Traditional Interruptions


Content taken from Andrew G. Simpson’s May 2021 article in the Insurance Journal and is a reformatted post

While a typical business interruption can often be a confusing insurance situation, the picture gets even muddier when it involves cyber coverage.

According to Chris Mortifoglio, who is a Certified Public Accountant and a Certified Fraud Examiner (CFE), understanding the “nuances and differences” of a cyber insurance business interruption exposure or claim compared to a traditional one is more important now than ever.

“I will tell you that in my experience business interruption is often the most misunderstood part of property coverage. Part of that has to do with the fact that it can be very subjective. If you have 10 accounts looking at the same set of financial data, you’ll oftentimes receive 10 different calculations or estimates of what a business interruption loss might be,” said Mortifoglio, who has been dealing with business interruption exposure assessments and claims for more than a decade as the director of forensic accounting at Procor Solutions and Consulting in New York.

A cyber business interruption risk can be difficult to estimate and manage. To further the understanding of cyber BI, Mortifoglio identified five areas where cyber BI differs from traditional BI: period of measurement; period of restoration; personnel involved; geographic constraints, and reputational risk.

1. PERIOD OF MEASUREMENT

The differences between traditional and cyber business interruption begin with the period of measurement or evaluation of lost business income, a period that typically runs shorter for cyber. The timing of a cyber incident can have a major effect on the amount of a potential loss. “Traditionally, when you have a property loss, you’re usually valuing the disruption for a period of weeks or months or years as it takes time to physically repair the property damage that was occurring,” he said. In a cyber incident, the loss may last for just a few hours or a few days. This much shorter time period requires detailed or as Mortifoglio refers to it “granular” on the impact and the disruption on a company. “This means that in order to properly evaluate cyber business interruption, you need much more granular levels of data, maybe even hourly revenue data, or certainly daily sales data, as opposed to a traditional business structure loss where, in some cases, monthly profit and loss statements are enough to evaluate the impacts of the loss,” he said. The granular data is particularly important, for example, when the business operates 24 hours a day, 7 days a week making online sales. “There may be much more greater impacts, and there may be more of a need to really drill down into the disruptions that happen at different times of the day. What happened at midnight versus what happened at 8:00 am?” he explained. When comparing traditional versus cyber BI coverage, the waiting periods following an event before coverage begins are usually different as well. The waiting period for a cyber policy is often denoted in hours, whereas a traditional policy is typically for at least a few days, although it may be written as 48 hours or 72 hours, as opposed to perhaps a 12 hour waiting period for a cyber business interruption loss.

2. PERIOD OF RESTORATION

Another difference is the period of restoration. Defining the period of restoration is very important because that drives the ultimate value of a cyber business interruption loss. The period of restoration is defined as starting on the date of loss, which is the date of physical damage, and ending on the date “when the repairs should have been completed if the insured had utilized due diligence and dispatch.” That period of time is the period of time that an insurance policy will provide coverage for any loss of business income. But determining when this period starts or ends is not always easy. “When it comes to property losses, there’s usually a very clearly defined start to that business interruption period, known as the date of loss. We can define very easily what that period of indemnity is and what a potential extended period of indemnity is because it all depends on the physical damage,” he said. If a fire, earthquake or hurricane impacts an organization, it’s not hard to define when that physical damage occurred. That is the starting point for the period of restoration. However, when it comes to cyber, “there is much less certainty, not only to when a cyber event has started, but also when a cyber event ended” including when the system was repaired and there no longer is a breach. These dates are critical to figuring out the period of time that’s going to be evaluated for a cyber business interruption loss. Mortifoglio recited some questions that come up when evaluating cyber business interruption: “When did the loss start? How do we know that it started at this point in time? Was there a full disruption for an organization or just partial. For example, was it a specific system that was impacted, an email system or an accounting system that went down? And then when did this loss end?”

3. PERSONNEL INVOLVED

So in addition to requiring more and different types of data, and presenting complexities around the period of restoration, cyber business interruption also typically calls for more personnel to become involved from an organization. Mortifoglio cited a need for personnel from the risk manager and legal counsel to financial, technology and operations officers as well as others to contribute to the assessment. First and foremost is the risk manager, the “quarterback of the insurance recovery process” who is helping to manage the actual claims process once something happens, not to mention being the purchaser of the insurance on the front end. After a loss has happened, somebody from the accounting or finance department — perhaps the CFO or the controller—should be called upon to provide the financial data required to quantify any business interruption loss. In addition, it’s important to have someone from operations to assure that the full impacts of the loss are being documented and also connected to the actual financial calculation. And there’s more. “You now have to bring in more folks from your organization to help really provide the picture in the story of what happened and help to properly and accurately quantify cyber business interruption,” Mortifoglio added. This means calling in folks from the IT team to help to identify the status of the cyber incident and define the period of indemnity and the period of restoration. “That’s going to help narrow down the exact period of time that we need to evaluate from a financial perspective to quantify the loss,” he said. Also, the chief systems or technology officer may be needed to oversee data privacy and records issues that may come up in a cyber incident. The legal department may also deal with privacy issues, general legal ramifications and coverage issues, as well as interface with outside counsel brought in to help deal with a cyber breach. “The addition to these extra personnel can add to the complexity of the process,” the Procor executive said.

4. GEOGRAPHIC CONSTRAINTS

Whereas a traditional business interruption claim may be geographically constrained, the same is not always true for cyber exposure. In a traditional scenario, the property damage is contained to either a single location or region that has been hit by a widespread catastrophe. “Think of a hurricane that hit the state of Florida, and if you’re an organization that has multiple locations there, you may have multiple instances of damage. You may have multiple locations that are being impacted,” he noted. When it comes to a cyber loss, these geographic constraints do not exist and an entire organization could be impacted around the globe at the same time. “If you are an organization with a global presence and you have systems that are connecting all of your physical locations around the globe, then a cyber incident may impact you around the globe without any sort of restraints as far as geographic regions. With traditional business interruption, organizations can mitigate their risk by spreading out their operations geographically to avoid a catastrophe, really hampering the entire organization. When it comes to a cyber loss, those types of geographic constraints no longer apply,” he said. For risk mitigation purposes, Mortifoglio stressed the importance of understanding that if a global organization is running systems used by the entire workforce, all operations around the globe can be impacted immediately. “It can make it more complex because you can’t just look at a single isolated location. You have to look at the interconnectivity of your systems to see if something were to happen to them, what would the operational impacts be on your organization? And that’s what’s going to help you evaluate the potential cyber business interruption,” he said. In short, there are no geographic constraints with cyber business interruption and therefore it is harder to mitigate.

5. REPUTATIONAL RISK

Finally, cyber BI carries with it a reputational risk that traditional property business interruption does not. When there is a traditional BI loss such as a fire at a factory, customers and the general public usually do not to have any sort of reaction. Most of the time, the general public is not even aware of the fire and here is no effect on the company’s reputation. However, if a company is hacked and customer records are stolen, Mortifoglio said this can result in a “breach of trust in the public’s eye” and the reputation of an organization can be significantly harmed, often resulting in extended financial losses. In the case of a data breach, even though the system has been repaired and the breach fixed quickly, customers may be hesitant to return to do business with the organization “until they have absolute confidence that it won’t happen again. It’s hard to determine how long that might go on.” However, the forensic specialist noted, cyber business interruption policies are building in coverage to help recover any losses tied to the transitional risks, in a way that is similar to the extended period of indemnity coverage in traditional property policies. “The thought is that once a cyber incident is repaired and a breach is fixed, there may be lingering impacts due to some reputational risk” and there should be coverage there to help capture those losses, Mortifoglio said.

“The notion of implied meaning is the root of misunderstanding.”

— Eric Parslow

PEO Compass brings insight to your PEO related business through real-time reporting, application of innovative technologies, and expert opinions on the industry’s most turbulent topics.  Learn about the latest trends in healthcare, risk management, workers’ compensation, and many other topics that affect the PEO community. To register and start receiving breaking industry news, legislative updates, small business, risk management, safety, property casualty, and all things relevant to the industry of professional employment organizations (PEO) click on the link below to register for free.


The Risk with Search Engines

It’s no secret that your technology company depends on the capabilities of your computer systems to function. You should be aware that simple actions your employees take could be putting your company’s equipment and networks at risk of cyber-crime, including cyber-attacks, cyber theft and other computer security incidents. The average cost of a single cyber-attack is incalculable—cyber-attacks can directly target finances and ruin a business’ reputation. Your business is at stake, and you should do everything you can to protect yourself.


The Risks of Web Searches

As an employer, you should educate your employees about searching for certain topics on the internet due to the risk of coming across websites encrypted with viruses or malware that could be detrimental to your computer systems. Stress that the potential for cybercrime could affect employees individually as well as the business as a whole. More than 90 percent of companies surveyed by the DOJ incurred either monetary loss, system downtime loss or both because of cybercrime, so take it upon yourself to put search engine guidelines in place.


The Web’s Most Dangerous Search Terms

Common term searches conducted online one can expose your business to the risk of cyber-crime. Encourage employees to avoid following suspicious results in search engines. Any result that promises free products or materials is suspect. The least risky search terms are usually health-related topics and searches about economic news. It is essential to remember that the number of dangerous search terms is ever changing. Hackers want to impact

the highest amount of people with the least amount of effort, so they aim for popular search terms most. Ill-intentioned hackers also adapt quickly to the fast-paced nature of the internet and the public circle, so oftentimes social or celebrity events popular at a given moment climb quickly to the top of the internet’s most dangerous search terms and are a high risk for infecting your company’s computers. According to the DOJ, industries considered a part of critical infrastructure businesses account for a


Simple actions your employees take could put your company’s equipment and networks at risk of cyber-crime, including cyber-attack, cyber theft and other computer security incidents.


disproportionate amount of computer security incidents. If your company is in any of these industries, be especially careful about internet searches to ensure computer safety and protect against potentially devastating loss, both monetary and in down time:

  • Agriculture
  • Chemical and drug manufacturing
  • Computer system design
  • Finance
  • Health care
  • Internet service providers
  • Petroleum mining and manufacturing
  • Publications/broadcasting
  • Real estate
  • Telecommunications
  • Transportation and pipelines

Take Precautions to Protect Your Business


There are examples of companies and organizations around the globe that had to shut down operations to address a large-scale virus or other malware issue. These problems can affect both large and small businesses and can cost hundreds of thousands of dollars to fix. Avoid putting yourself at risk by doing the following:

  • Enact a stricter internet use policy
  • Put more strict website blockers or filters in place
  • Educate employees about the hazards that risky search engine exploration can present

Some of these solutions may cost you in the short run but lowering your risk will ultimately save your company in potential identity fraud, monetary cyber theft or informational cyber theft in the future.

Cyber Attack Nightmares Continue

While most of us were celebrating Mother’s Day on Sunday, Colonial Pipeline was attempting to assess the damage related to a cyber-attack last week. Colonial Pipeline accounts for 45% of the East Coast’s fuel (diesel and petroleum). Colonial has had to take 4 of their main pipelines offline; they are operating off of smaller lines and delivery points. Impacts from New Jersey down through Texas are expected. As a response to the cyber-attack and limitation of the company’s resources the US government issued emergency legislation to lighten the regulation on fuel transportation. Extended shutdowns are “fueling” fears over pump prices.

The 5 Key anticipated cybersecurity risks in 2021 were reported as Endpoint threats (servers, VPNs and cloud based software services), Remote workforce exposures (weakened network security of remote devices), Cloud Security (business-critical data on cloud platforms), and Shortage of security professionals or services (availability and affordability). You can check out the full article here of expected cyber threat trends for 2021.

Newer threats emerging are “multi-stage attacks like ransomware or “low and slow hacks”. Ransomware attacks gain exposure through stolen credentials and are designed with the goal of systems and data infiltration. While mutli-factor authentication (MFA) is an important security feature to mitigate ransomware attacks, it is reported that 78% of Microsoft 365 admin users don’t activate MFA.

Colonial Pipeline’s hack is reported to be a ransomware attack, ” Sources said the ransomware attack was likely to have been caused by a cyber-criminal gang called DarkSide, who infiltrated Colonial’s network and locked the data on some computers and servers, demanding a ransom on Friday.

The gang tried to take almost 100 gigabytes of data hostage, threatening to leak it onto the internet, but the FBI and other government agencies worked with private companies to respond. The cloud computing system the hackers used to collect the stolen data was taken offline on Saturday, Reuters reported.

Colonial’s data did not appear to have been transferred from that system anywhere else, potentially limiting the hackers’ leverage to extort or further embarrass the company, the news agency said.” You can read the full Colonial Pipeline article issued by BBC News here.

Mitigate Your Cyber Security Risks

1 – Identify and document asset vulnerabilities; What data are you storing?

2 – Identify and document internal and external threats; disgruntled employees, Dark Web techniques

3 – Assess your vulnerabilities; software security up to date and in place

4 – Identify potential business impacts; financial, operational, etc

5 – Identify and prioritize your risk responses; Response plan, best practices, documentation of procedures

Check out our previous articles on Cyber Risk at PEO Compass search Cyber. Libertate Insurance Services has Cyber Programs available to mitigate the loss.

Challenges or opportunities for brokers placing cyber risk

Content used to write this post was originally written by NU Property Casualty 360’s Managing Editor, Ms. Heather A. Turner

According to a Guidewire report the numbers for cybercrime in 2020, have almost doubled! In addition to an increase in attacks and breaches are the related budgetary allocations being made by small to mid-sized businesses for cyber insurance over the next 2 years. Ramping up cyber sturdy tools and in an effort to prevent cyber attacks are a necessary play in prevention for the ever evolving cyber market and being fought across the property and casualty landscape.


According to a report published by CyberCube, a data-driven cyber analytics company for the insurance industry, the growing cyber market is creating unique opportunities for brokers to set themselves apart from their competitors. By marrying their existing areas of expertise with their new found and or improved fundamental comprehension of insurable cyber risk and exposure, brokers can show and or remind buyers and prospects alike why they are indispensable.

The following list was created by CyberCube to further explore examples of challenges and opportunities brokers face in the cyber market today.

Click here to read the detail following Opportunities 1-4 written by Heather A. Turner, of NU Property Casualty 360. You must register for free account.

  • Opportunity No. 1: Brokers are trusted advisors
  • Opportunity No. 2: Brokers can add value by mapping exposure to coverages and policy terms.
  • Opportunity No. 3: Getting a “yes” from insurers.
  • Opportunity No.4: Standalone cyber is just one aspect of a well rounded insurance program.

Disruption in the Marketplace

This post utilized content from Property Casualty 360’s Heather Turner & PRNewswire.

On January 4th, 2021 PRNewswire announced Philadelphia Insurance Companies (PHLY) acquisition of the Staffing Insurance Business offered by Worldwide Specialty Programs, Inc. The transaction closed on December 31, 2020 complimenting PHLY’s broad suite of specialty services. PHLY markets and underwrites commercial property/casualty & professional liability insurance products. PHLY has an “A++” (Superior) rating by AM Best Company.

We anticipated the post-acquisition news being focused on PHLY’s delivery of industry-specific services to the temporary staffing space. Similarly, we are committed to a different industry niche, the Professional Employer Organization (PEO). We remain hopeful that PHLY will continue to support PEO, just as World-Wide has done for many years.

Entering the 2nd Quarter of 2021, uncertainty has become part of our new normal. In a recent article, Property Casualty 360 discussed fluctuation within the marketplace (4th Quarter 2020 – 1st Quarter 2021). Pre-COVID validated the firming of the marketplace. The initial impact increased underwriting scrutiny, rate increases, higher retentions, jurisdictional scrutiny and capacity reduction. As a result of COVID-19 related case uncertainty, higher than normal judgements, and developing CAT losses, there has been a continual hardening of the market. We expect rate increases, lowering capacity, limiting or transferring risk, and insurers scrutinization of risk profiles.

In conclusion, industry and marketplace changes or shifts have always been and will continue to be.  As the industry constricts, options, terms and conditions tend to constrict with it.  Your upcoming casualty lines renewal may look different, and we highly recommend staying out in front of it.

With that being said, contact Libertate Insurance Services for all your PEO-related insurance needs by emailing us here.

Data Breach Response Plan

Our business associates at Regions Bank have put together a great article on creating a Data Breach Response Plan. Q1 2019 to Q1 2020 reported a 273% increase in data breach exposing 8.4 billion records, from insurance providers to credit bureaus, 2021 is expected to report higher threats. In the last couple of weeks there has been a lot of noise surrounding cyber security, which brings to light what the projections or expectations for this upcoming year are. IBM identified that it takes companies an average of 280 days to identify and contain a breach/cyber security occurrence.

So What is a Data Breach Response Plan? In short, it is a roadmap for your company to follow should a breach occur. Similar to an Emergency Response Plan but for your data and IT platform. Top points from Regions’ article:

  • Build a Response Team; from Executive level through HR down to customer support and external vendors
  • Include and detail specifics for the following in your plan:
    • Identify breach; triggering events
    • Contain the breach
    • Notify Data Breach Team and initiate plan
    • Investigate
    • Notify internal and external relations of breach; as required by law
    • Safeguard data
    • Conclusion and review meeting; team meets to analyze breach and make adjustments to the existing plan

My personal add on this is to research and obtain a cyber security insurance policy, mitigate your cyber risk. Cyber insurance protects against damages caused by electronic threats to your computer systems or data. Cyber threats can lead to the theft, damage or misuse of sensitive information or other vital technologies and can result in downtime and recovery costs that often include specialized repairs and legal fees

Forbes’ article “The Best Cybersecurity Predictions for 2021 Roundup” gives us some insight as to what we can expect. Here are some of the highlights, click on the article link above for the full article.

  • 2020 reported cyberattacks on healthcare facilities in the U.S. affecting 17.3 million people in 436 breaches tracked by the U.S. Department of Health and Human Services (HHS) Breach portal.
  • Amid an expectation of decline to revenues in 2021, 51% of executives plan to increase cybersecurity budgets

Govtech.com has also chimed in on where we need to protect ourselves for 2021 and what is expected to be at greatest risk; high points listed below, click link above for full article (interesting and informative read):

  • Increase attacks expected on home computers and networks; scary seeing as though many of us are still working remotely
  • Dark web expected to allow criminals access to purchase more sensitive corporate information
  • App stores through mobile devices and smartphones are expected to be attacked
  • Cloud base push for storage will likely create gaps in security
  • Application Programming Interfaces (API) threat models are high targets for enterprise breaches

Here at Libertate Insurance, data is a viable part of what allows us to do what we do for our clients. We hold data security at a high level of importance to our brand. We also know that the best reaction is a planned reaction. Putting a plan in place to protect your organization and your clients is important. We offer programs for cyber security that can further protect you, should you fall victim to the latest trends in the world of scams. Please contact us to review program details and understand the benefits of obtaining a cyber security policy.