This is an automated archive.
The original was posted on /r/sysadmin by /u/Shujolnyc on 2024-01-19 13:33:43+00:00.
TL;DR: have you used your companies cyber coverage? How did it go?
We’re diving into our cyber coverage and leadership and even my boss are slowly irking into what is surely an ill advised stance - “when” something happens, not “if”, our cyber insurer will step in and take over. It’s their responsibility to lead the recovery efforts, negotiations, and to tell us what to do, etc.; it’s risk transference. We don’t need to spend more on tools and people for prevention.
I am frugal given our industry and I know we can’t do everything perfectly.
Where we end up will be a risk management exercise and I’m happy to even be having these conversations. I will get things in written and I am an avid believer of the Amazon principles of having a backbone and disagree and commit.
My questions for all of you are (which ever you can answer):
Have you engaged a cyber provider ever? If so, how did it go? What resources did they pull in? Did they take ownership? How involved was IT or Cyber? Were their disagreements between leadership and the provider on response? How did that go?