AXIS Cyber
Healthcare Case Study
THE CUSTOMER
A large healthcare provider employing >5,000 staff, processing sensitive personal data across multiple sites.
THE INCIDENT
With the healthcare sector becoming an increasingly attractive target for cyber criminals, this customer suffered a potentially crippling ransomware attack with a ransom payment demanded to regain the customer’s systems and data. The attack resulted in the customer’s systems being rendered inoperable, causing the business to close for several weeks and incurring significant income loss and cashflow pressures.
AXIS RESPONSE
Immediately after the customer alerted AXIS about the incident, the Incident Commander assembled the appropriate panel of cyber experts, including:
- Privacy counsel, to offer guidance concerning legal obligations and to explore options for stemming the cashflow pressures
- Forensic investigators, to identify the source of the attack, remove the ransomware and make the environment safe. With the experts ready, the Incident Commander convened the initial scoping call with the customer to implement a response plan
THE OUTCOME
The incident response team worked around the clock in conjunction with the customer’s management team to resolve the attack. The forensic investigators ensured the business was able to reopen by:
- Identifying the root cause of the intrusion and closing the original entry point
- Removing the ransomware
- Restoring the customer’s data from their unaffected back-ups. AXIS also provided an interim payment to the firm to assist with their cashflow risk
"Every day, we help businesses navigate the cyber threat landscape. However, when the worst happens and they experience a cyber incident, it’s our specialist cyber claims team that guides them through the recovery process."
Duncan Pease Head of Cyber Claims, International
KEY CYBER COVERAGES TO CONSIDER
- Forensic and legal expense
- Data recovery expense
- Ransomware and extortion loss
RESPONSIVE CLAIMS SERVICE
Immediate guidance is on hand to help customers navigate a cyber incident. The team works alongside existing vendors and expert providers (Legal Counsel, Digital Forensics/Incident Response, Crisis/PR), providing a seamless process, making a difficult situation easier to handle.
Claims examples may be based on actual cases, composites of actual cases or hypothetical claim scenarios and are provided for illustrative purposes only. Facts have been changed to protect the confidentiality of the parties. Whether or to what extent a particular loss is covered depends on the facts and circumstances of the loss, the terms and conditions of the policy as issued and applicable law.
This material is provided for informational purposes only and is not an offer to sell, or a solicitation to buy, any particular insurance product or service for a particular insured. It is intended for licensed insurance professionals. The services and service provider discussed in this document are suggested as risk mitigation and incident response resources. Use of AXIS Incident Commander does not constitute advice of any kind, and use of any service provider does not guarantee the performance or quality of the services provided, including the avoidance of loss, the fulfilment of any obligations under any contract or compliance with any law, rule or regulation. AXIS is not responsible for the effectiveness of a cyber risk management program and encourages each policyholder, together with advice from their professional insurance advisor, to perform its own independent evaluation of any service provider as part of its overall risk management strategy.
