Aniket Bhardwaj

Now, beyond the money aspect, what people often miss is that it's not just about the payout. It's about readiness. And from our perspective, the best carriers and brokers work with clients to run simulations or improve their IT and security controls and really reduce the risk before anything happens. So yes, from my perspective, you absolutely need it.

Now, beyond the money aspect, what people often miss is that it's not just about the payout. It's about readiness. And from our perspective, the best carriers and brokers work with clients to run simulations or improve their IT and security controls and really reduce the risk before anything happens. So yes, from my perspective, you absolutely need it.

not because it replaces cybersecurity, but because it really reinforces that. So just like you wouldn't drive without car insurance, you shouldn't run a digital business without cyber coverage.

not because it replaces cybersecurity, but because it really reinforces that. So just like you wouldn't drive without car insurance, you shouldn't run a digital business without cyber coverage.

So incident response trends, definitely a growing economy at scale with respect to multiple incidents that are really being impacted. So from our perspective, the key trends that we really observe are really in the space of geopolitical activity. As I briefly mentioned, the whole cyber espionage efforts or state actors,

So incident response trends, definitely a growing economy at scale with respect to multiple incidents that are really being impacted. So from our perspective, the key trends that we really observe are really in the space of geopolitical activity. As I briefly mentioned, the whole cyber espionage efforts or state actors,

continuously targeting the overall organizations across the globe, which continues to be the key element when we are seeing different threat actors operating. We are also seeing a noticeable shift in both the frequency and really the complexity of incidents. So again, it's no longer just about

continuously targeting the overall organizations across the globe, which continues to be the key element when we are seeing different threat actors operating. We are also seeing a noticeable shift in both the frequency and really the complexity of incidents. So again, it's no longer just about

ransomware, you are really talking about multi-pronged attacks that blend extortion, data theft, and supply chain compromise all in one hit. So, tradactors are really more calculated. They're spending weeks inside networks and learning about different business models, or let's say, understanding vendor relationships, and then really striking with different surgical procedure, for instance.

ransomware, you are really talking about multi-pronged attacks that blend extortion, data theft, and supply chain compromise all in one hit. So, tradactors are really more calculated. They're spending weeks inside networks and learning about different business models, or let's say, understanding vendor relationships, and then really striking with different surgical procedure, for instance.

One major trend maybe I should talk about is the rise in targeted extortion without encryption in ransomware events. So in these cases, threat actors slightly exfiltrate sensitive data and skip the whole encryption phase. So no splashy ransom notes, not that it happens a lot, but still just a quiet threat to publish unless paid.

One major trend maybe I should talk about is the rise in targeted extortion without encryption in ransomware events. So in these cases, threat actors slightly exfiltrate sensitive data and skip the whole encryption phase. So no splashy ransom notes, not that it happens a lot, but still just a quiet threat to publish unless paid.

And that really changes how executives think about visibility and response because It's not about recovering systems anymore. It's really about the brand, the trust, and the overall legal exposure. The other trend maybe I should also cover is around the legal and regulatory stakes. They are again getting higher and higher.

And that really changes how executives think about visibility and response because It's not about recovering systems anymore. It's really about the brand, the trust, and the overall legal exposure. The other trend maybe I should also cover is around the legal and regulatory stakes. They are again getting higher and higher.

So every response is now a coordinated play involving outside counsel, insurance, privacy regulators, and really the law enforcement agencies. Their involvement is key to the whole response process. But ultimately the timelines are shrinking and at the same time, expectations are growing. And one more I should maybe highlight is the overall identity, which is again, becoming the new perimeter.

So every response is now a coordinated play involving outside counsel, insurance, privacy regulators, and really the law enforcement agencies. Their involvement is key to the whole response process. But ultimately the timelines are shrinking and at the same time, expectations are growing. And one more I should maybe highlight is the overall identity, which is again, becoming the new perimeter.

So we are seeing compromise after compromise that starts with meek multi-factor authentication or sale administrative accounts or overprivileged service accounts or identities. So again, it's not flashy, but that's where the real risk lives. So we used to really think of incident response as a fire drill.

So we are seeing compromise after compromise that starts with meek multi-factor authentication or sale administrative accounts or overprivileged service accounts or identities. So again, it's not flashy, but that's where the real risk lives. So we used to really think of incident response as a fire drill.

Now it's more like crisis leadership and companies that do well, they're the ones who already rehearsed the play. And maybe I'll just say this in the end, the most prepared clients are rarely the ones calling us for the first time.

Now it's more like crisis leadership and companies that do well, they're the ones who already rehearsed the play. And maybe I'll just say this in the end, the most prepared clients are rarely the ones calling us for the first time.