We are aware that many firms will be impacted by the recent cyber attack impacting CTS cloud-services. This attack could impact your ability to serve clients, and there could be data security risks, depending on the nature of the cyber attack.
Practical steps to take now:
- Inform your Professional Indemnity insurer via your broker and cyber insurance provider (if you have one) via their panel breach counsel regarding any breaches and potential claims exposure
- Consider your legal and regulatory reporting obligations – including the ICO. If you have the benefit of a cyber policy your panel breach counsel will be your first point of contact on this
- Activate your Business Continuity Plan in respect of a service provider outage
- Don’t forget post event learning: after the dust has settled, this is a good chance to assess how accurate your assessment of the impact of a third party event has been and how effectively your risk processes have worked.