Travelers Cyber Risk Video Series

(DESCRIPTION)
Text: From breach to business as usual: Travelers Cyber Risk Video Series. Logo: Travelers.

(SPEECH)
DAVID HAWKINS: Welcome to this series of short videos about the Travelers cyber claim service. In this introductory video, we will take you through what this series of short videos will cover, as well as providing details of the award-winning Travelers cyber service. My name is David Hawkins. And I am part of the claim relationship team at Travelers.

CHRIS SCOTT: And my name is Chris Scott. I'm one of the managers here at Travelers with overall oversight of the cyber claims.

(DESCRIPTION)
Text: Disclaimer. DISCLAIMER - IMPORTANT NOTE: This presentation is for general informational purposes only. It does not, and it is not intended to, provide legal, technical or other professional advice, nor does it amend, or otherwise affect, the provisions or coverages of any insurance policy issued by Travelers. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this presentation and Travelers does not warrant that adherence to, or compliance with, any recommendations, best practises, checklists, or guidelines will result in a particular outcome. Travelers does not accept or assume any responsibility or liability in contract, tort or otherwise for any consequence of you or anyone else acting, or refraining to act, in reliance on the information contained in this presentation or for any decision based on it. Copyright 2025 All rights reserved. Travelers and the Travelers Umbrella logo are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries. All other registered trademarks are the property of their respective owners. Logo: Travelers.

(SPEECH)
Before we move on, I'll just give you a few moments to read the following disclaimer. Please note that the information provided in these videos is not to be construed as legal advice.

(DESCRIPTION)
Text: Video Series. 1. Cyber Risk at Travelers - Introduction. 2. Preparing for the Worst. 3. Moment of Crisis. 4. Recovery Phase Hello and welcome! We're excited to introduce you to our comprehensive video series, designed to guide you through the journey of a cyber claim and explore how our risk management offerings can help you prepare for the unexpected. Logo: Travelers.

(SPEECH)
There are three other videos in this series, and you'll get the most out of them if you watch them in sequential order. The second video discusses what you need to do in advance, key decisions, and preparation to ensure you're in the best position possible to handle a cyber attack.

DAVID HAWKINS: Whilst we hope you never suffer a cyber incident, the third video takes you through what happens in the event you do, how we support you at every step, and who will be involved. Finally, in the fourth video, we take you through the post-incident steps that make sure you get back to business as usual as quickly as possible.

CHRIS SCOTT: We will also touch on risk management, which is central to our proposition, and how we can support you to reduce the chance you'll ever be impacted by an attack throughout this series of videos.

(DESCRIPTION)
Text: About Us: Prevention, Detection, and Mitigation. Change is constant: Emerging threats and emerging technologies mean we need to continuously innovate. Updated coverage: You'll benefit from broader wording benefits, August 2025. Industry Firsts: First initiative designed specifically to support you when you experience a breach.

An article titled Travelers Europe named 5-Star cyber insurance provider again. Text: IBUK 2024 5-star Claims Award: Winner: Travelers. Cyber Insurance Awards, Awareness Initiative of the Year Award. Highly Commended: Travelers. Logos: Linked In, Travelers.co.uk, Travelers.

(SPEECH)
DAVID HAWKINS: You have made a great choice in taking out a cyber risk policy with Travelers. And I'd like to highlight some of the achievements of the cyber team. Travelers has been recognised for two years in a row as a five-star provider of cyber insurance, which is a great achievement. Equally, the claims team has been awarded the five-star Claim award by insurance business UK for 2024, which is a testament to the great work of the claim team.

CHRIS SCOTT: Looking at the threat landscape, I think it's fair to say that it's constantly evolving. Here at Travelers, we focus on ensuring that our customers have the support they need when they need it most.

Not only do Travelers customers benefit from our financial stability, global reach, and depth of experience, but we also make enhancements to the policy wording to ensure that it develops in line with emerging threats.

Cyber incidents can certainly take their toll on those impacted by the breach. So we aim to provide industry firsts to support customers throughout this. And there'll be more on this later in the series of videos.

(DESCRIPTION)
Text: Up Next. Item 1 is crossed out. Text: 1, Cyber Risk at Travelers - Introduction. 2, Preparing for the Worst. 3, Moment of crisis, 4, Recovery Phase.

(SPEECH)
DAVID HAWKINS: That brings us to the end of this introductory video. We look forward to you joining us as we prepare you for a cyber attack. Thank you for watching.

(DESCRIPTION)
Logo: Travelers.

(DESCRIPTION)
A picture shows people sitting in a meeting room looking at a screen with two people in a webcast. A red umbrella logo. Text: Travelers .From breach to business as usual, Travelers Cyber Risk Video Series.

(SPEECH)
DAVID HAWKINS: Welcome to this series of short videos about the Travelers Cyber Claim Service. In this second video in the series, we will take you through how you can best prepare your business for a cyber incident. My name is David Hawkins and I am part of the claim relationship team at Travelers.

CHRIS SCOTT: And my name is Chris Scott. I'm one of the claim managers here at Travelers. I have overall oversight of the cyber claims.

(DESCRIPTION)
Slide Text: Disclaimer. DISCLAIMER - IMPORTANT NOTE. This presentation is for general informational purposes only. It does not, and it is not intended to, provide legal, technical or other professional advice, nor does it amend, or otherwise affect, the provisions or coverages of any insurance policy issued by Travelers. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this presentation and Travelers does not warrant that adherence to, or compliance with, any recommendations, best practises, checklists, or guidelines will result in a particular outcome. Travelers does not accept or assume any responsibility or liability in contract, tort or otherwise for any consequence of you or anyone else acting, or refraining to act, in reliance on the information contained in this presentation or for any decision based on it. Copyright 2025 All rights reserved. Travelers and the Travelers Umbrella logo are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries. All other registered trademarks are the property of their respective owners.

(SPEECH)
Before moving on, I'll just give you a few moments to read through the following disclaimer. Please note that the information provided in these videos is not to be construed as legal advice.

(DESCRIPTION)
Slide. Text: Video Series. 1. Cyber Risk at Travelers - Introduction. 2. Preparing for the Worst. 3. Moment of Crisis. 4. Recovery Phase. Hello and welcome! We're excited to introduce you to our comprehensive video series, designed to guide you through the journey of a cyber claim and explore how our risk management offerings can help you prepare for the unexpected.

(SPEECH)
DAVID HAWKINS: The purpose of this video is to give you some takeaways and considerations when you're looking to get yourself in the best position to respond quickly to a cyber incident.

(DESCRIPTION)
Slide. A graphic of a key. Text: Preparation is key. c r m [email protected] for your complimentary breach hotline stickers. A graphic of a delivery truck. A graphic of a computer screen. Text: Define your Breach Response Attendees Authority to make decisions for your company? Knowledge of your company's IT infrastructure and ability to grant access to IT forensics? In the event of absences, who will attend the Breach Response Calls? A graphic of a treasure chest. Text: Ransom Payment. Would your company consider paying a ransom? A graphic of a checklist. Text: Business Continuity Plan (B.C.P.). Where is it stored? Online and hard copy? Ensure it includes extracts of notification clauses from contracts. A graphic of a telephone. Text: Ensure you have the breach hotline contact details available offline. 0 8 0 0 5 8 7 8 3 8 8.

(SPEECH)
CHRIS SCOTT: Preparation is indeed key. There are a few things that we suggest you should do to make sure that you're ready for a potential cyber incident. This preparation will save you valuable time and, importantly, a lot of unnecessary anxiety if your systems are indeed attacked.

So working through the squares on the slide, let's start with defining your breach response attendees. The purpose of a breach response call is to formulate a resolution strategy to deal with the incident at hand. We will need someone on the call that has authority to make decisions on behalf of the organisation, as well as someone who is familiar with the IT architecture of the organisation.

In addition to the attendees from your organisation, you'll also be supported by an allocated Travelers claims professional and a breach coach. We'll talk more about their roles and the roles of the wider team of cyber experts in our next video.

DAVID HAWKINS: Often, paying a ransom is an ethical decision for companies. This is because the cyber threat actors are carrying out illegal activities, and it is a question of whether you want your business to be seen as paying these criminals. It may be that your organisation, due to its ownership structure, is unable to pay a ransom. And it's good to know this in advance so that the breach response team can be briefed appropriately in the event of an incident.

There is cover available under the Travelers Cyber Risk Policy to respond to the payment of a ransom demand, subject to the policy's terms and conditions, and any sanctions checks. We are obliged to undertake sanctions checks before making any payments in accordance with the applicable regulations. If there are no issues flagged up on those sanctions checks, the policy would provide cover for the payment of ransom demand up to the applicable limit of indemnity, subject to the policy's terms and conditions.

CHRIS SCOTT: Generally, our experience is that engaging with our team of cyber experts early in the process means that we don't necessarily need to make those payments. It's not to say that a ransom payment is off the table, the coverage is certainly there under the policy. But more often than not, we're able to work very closely with the experts and get insureds back up to business as usual without actually engaging in the payment process with the threat actors, because there is always the possibility of a double and triple extortion in the event of a payment actually being made.

DAVID HAWKINS: Next, you need to consider your business continuity plan. In the event of an attack, how are you going to operate? Is there the ability to work offline? Are there any other arrangements that need to be put in place? A key feature of both the business continuity and incident response plans is knowing who to contact, and equally, who can step in if someone is away. Is there a defined decision tree? And who are the substitutes if the decision-makers are not available?

Also, where is your organisation's business continuity plan stored? Is there an offline and an online version? If you are unable to access any of your IT systems, will you be able to access your business continuity plan? The offline version could be a paper copy or kept on a memory stick stored securely on your organisation's premises.

In addition, if you have any contracts with vendors and third parties, it's common that they have notification clauses within them. It's recommended that you include those clauses in your business continuity plan, so that they are readily available in the event of a cyber incident. Then you're not searching for all of the different contracts and clauses, which may prove very difficult if you are potentially locked out of your systems.

Lastly, but as important as the previous points, you need to know who to contact here at Travelers in the event of an incident. So at the bottom of the screen there is a telephone number. That's our breach response hotline. It's staffed on a 24/7 basis, so please make sure that it is included in your incident response plan and it is available offline. To assist with that, we have complimentary breach hotline stickers that sit quite nicely on the corner of your laptop. If you would like any of those, please email the address on screen and we'll arrange for some to be sent out to you.

(DESCRIPTION)
Slide. Graphics of an exclamation point in a circle, a telephone, and an envelope with a paper sticking out with an @ symbol. Text: The worst happens... What do you do? Call the hotline 0 8 0 0 5 8 7 8 3 8 8. Time from initial call to being on a breach call: 2 hours inside working hours; 4 hours outside working hours. Average breach call occurred within 30 minutes in 2024.

(SPEECH)
If you suffer a cyber incident, please call our breach hotline as quickly as possible. The breach hotline is manned on a 24/7 basis. During working hours, our breach call will be arranged within 2 hours of you calling the hotline and 4 hours outside of working hours. However, on average, it tends to be within 30 minutes subject to all parties who need to be on the call being available.

(DESCRIPTION)
Slide. Text: E-Risk Hub. A picture shows the Travelers E-Risk Hub page. On the left-hand side of the page are several tabs: HCL Services,Breach Coach, Security Coach, Incident Planning, Information Toolkit, News Centre, Ransomware Resources, Learning Centre, Security Training, The Experts, and Contact Us. Several pictures appear. In the first, a person types on a phone with several bubbles with images around it. Text: Assessment. In the next picture, a man holds a book and points to us. Text: Coaching. In the next picture, there is a key on a keyboard with text: Training Courses. In the next picture, a man holds out his hands around several holographic hexagons with images in them. Text: Software. In another picture, a person stands with a tablet. Text: Expert. Another picture has text: Travelers Cyber Academy. The last picture shows a finger with a light shining from its tip. Text: Claim. Below the picture of the web page are several bullets. Text: News centre with the latest cyber-related headlines. Learning centre featuring white papers, articles and upcoming webinars — by industry sector. Resources for statutory, regulatory and case law updates regarding privacy liability and notification obligations. On the left-hand side of the slide is a picture of a large circle with text: HCL Tech. There are three smaller circles on the large circle. At the top is a circle with text: Security assessment. Next to this circle is text: Cyber Security Assessment An online assessment - can be used to inform the conversation with a cyber security professional. The next circle, at the bottom right, has text: 1 hour of cyber security advice. Below this circle is text: Coach Helpline. A one-hour consultation with a cyber security professional to help improve areas of weakness or vulnerability. The third circle has text: Training videos. Next to this circle is text: Cyber Security Awareness Training Videos. Role-based training, influencing employees to protect an organisation's critical information. At the bottom of the slide is text: w w w dot e risk hub dot com slash travellers e u. Access code: detailed within your policy documentation.

(SPEECH)
CHRIS SCOTT: As cyber risk policyholders, there are additional services that you can access through our E-Risk Hub. It's an online resource that has a wide range of complimentary services and resources. Details of how to log on and the access code are included within your policy documentation.

The E-Risk Hub is a gateway to more tailored risk advice. Included in the price of your policy is the opportunity to set up a one-to-one session with a cybersecurity professional, and ideally, you'll have completed the online assessment first, as this helps inform the conversation so that you can get the most out of the session.

There are a range of digital training tools that can be rolled out to help improve your employees' vigilance and awareness of potential cyber attacks. There are also news articles and reports by the industry. We have partnered with a number of different cyber experts with a range of skills to assist you in your time of need. These cyber experts are all clearly signposted within the E-Risk Hub. We will talk more about their roles in our next video, Moment of Crisis.

(DESCRIPTION)
Slide. Text: Threat alerts - putting you on the front foot. A graphic shows a flashing strobe light. Text: Your CyberScan plus Our Threat Intelligence Team equals Personalised threat alerts. Threat Alerting Service. Our Threat Intelligence team track threats and breaches across the globe and around the clock. We use this information on newly discovered threats to assess the degree of risk to each policyholder and then advise those that could be impacted of imminent risks. You will receive an alert only when the team has determined that there's a specific risk to your organisation based on the types of software and IT infrastructure in place at your organisation. We will provide step-by-step instructions for remediation and support for organisations to understand how to properly implement suggestions. Policyholders who engage with our Alerts, can patch their systems 3 times faster and can be given an average of 15 days' advance notice of new vulnerabilities before the vulnerability is more widely exploited by threat actors.

(SPEECH)
DAVID HAWKINS: As a Travelers cyber risk policyholder, you will benefit from our threat monitoring and alert service at no additional cost. The cyber risk services team at Travelers around the clock, tracking threats and breaches across the globe. Using what we know about a client's software and IT infrastructure, we assess the degree of risk to each policyholder. If a threat is applicable to you, we will send you a personalised, prioritised email to both you and your broker, and provide guidance on the action needed to remediate any threat.

It's certainly beneficial because it can help prevent breaches from occurring. Further, those who engage with our alerts can patch their systems three times faster on average. So yes, I'd say it's a really good benefit of the policy with Travelers.

(DESCRIPTION)
Slide. Text: Up Next. 1 Cyber Risk at Travelers - Introduction and 2 Preparing for the Worst are both crossed out with 3 Moment of Crisis bolded.

(SPEECH)
CHRIS SCOTT: That brings us to the end of this video and how you can best prepare yourselves for a cyber incident. Please join us for our other videos that look at the process we follow in the moment of crisis, and the post-incident steps that can be taken during the recovery phase.

(DESCRIPTION)
A red umbrella logo appears. Text: Travelers.

(DESCRIPTION)
Logo: Travelers. Text: From breach to business as usual. Travelers Cyber Risk Video Series. David Hawkins.

(SPEECH)
DAVID HAWKINS: Welcome to this series of short videos about the Travelers Cyber Claim service. In this third video in the series, we will take you through what happens after you call our Cyber Breach Helpline. My name is David Hawkins, and I am part of the claim relationship team at Travelers.

CHRIS SCOTT: And my name is Chris Scott. I'm one of the claim managers here at Travelers, with overall oversight of the cyber claims. Before we move on, I'll give you a few moments to read through the following disclaimer. Please note that the information provided in these videos is not to be construed as legal advice.

(DESCRIPTION)
Disclaimer. Important Note. This presentation is for general informational purposes only. It does not, and is not intended to, provide legal, technical, or other professional advice, nor does it amend, or otherwise affect, the provisions or coverages of any insurance policy issued by Travelers. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this presentation, and Travelers does not warrant that adherence to, or compliance with, any recommendations, best practises, checklists, or guidelines will result in a particular outcome. Travelers does not accept or assume any responsibility or liability in contract, tort or otherwise, for any consequence of you or anyone else acting, or refraining to act, in reliance on the information contained in this presentation or for any decision based on it. Copyright 2025. All rights reserved. Travelers and the Travelers Umbrella logo are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries. All other registered trademarks are the property of their respective owners.

(SPEECH)
DAVID HAWKINS: In this video, we are going to have a look at the breach response process and give you a better understanding of how the incident response process works in practise.

(DESCRIPTION)
Video Series. Item 1, Cyber Risk at Travelers. Introduction. Item 2, Preparing for the Worst. Item 3, Moment of Crisis. Item 4, Recovery Phase. Item 3 appears in bolded letters. Hello and welcome! We're excited to introduce you to our comprehensive video series, designed to guide you through the journey of a cyber claim and explore how our risk management offerings can help you prepare for the unexpected.

(SPEECH)
CHRIS SCOTT: So the worst has happened. Your organisation has suffered a cyber incident. We would recommend that you call our breach hotline as soon as possible. That means we can get a breach response call arranged as quickly as possible, which will then begin to put the team in place to start remedying the incident.

(DESCRIPTION)
A red exclamation mark appears inside a red circle. Text: The worst happens. What do you do? Call the hotline. 0, 800, 5-8-7, 8388. Time to being on a breach call. 2 hours inside working hours. 4 hours outside working hours. Average breach call occurred within 30 minutes in 2024.

(SPEECH)
During working hours, we would look to arrange a call within two hours. And outside of working hours, it would be within four hours. However, on average, we find our breach response call is within 30 minutes of notification. Although this is, of course, subject to all parties being available.

(DESCRIPTION)
Screen title: From breach to business as usual. A timeline appears, with a block labelled 0 hours, a block labelled typically within 15 minutes, a block labelled typically within 30 minutes, and a block labelled breach update calls on an ongoing basis. Text boxes appear within each section of the timeline. Racing finish line flags appear inside the box labelled typically within 30 minutes.

(SPEECH)
DAVID HAWKINS: When you call the breach hotline, you will be asked very brief details of the incident just in terms of what exactly has happened, your cyber risk policy number, and your contact details.

This information will then be passed over simultaneously to your assigned claim professional within the Travelers Cyber Claims team, as well as the breach coach. Your assigned claim professional will contact you to take further details about what has occurred and to arrange a suitable time for a breach response call.

The breach coach will run a conflict check just to ensure that they are free to act, and we will discuss their role in more detail below.

CHRIS SCOTT: The breach response call is an opportunity for all the key stakeholders within your organisation to meet with the experts and the assigned claim professional from Travelers. This is a really important step in the recovery process and typically happens within 30 minutes of your call to the breach hotline. Things do move fast, which is why it's beneficial to have all the preparation in place, as discussed in the second video of the series.

The breach response call itself is completely complimentary under the policy, typically they last between 30 and 60 minutes, depending on the nature of the incident itself. The objective of the call is to formulate a resolution strategy.

So to do that, it's crucial to have a number of key participants from your organisation on the call. It would involve someone who's able to make a decision on behalf of your organisation and equally, someone who has knowledge of the IT architecture of your organisation. That way, we can really give you the best advice on the incident itself and formulate the most appropriate strategy.

If your organisation has a marketing or communications team, they may well be benefit in their participation on the call, as well. Another key participant on the breach response call is the breach response coach. We have a panel of solicitor firms who have been specifically selected due to their experience in acting as a breach coach.

The breach coach is responsible for coordinating the team of breach response experts, depending on the type of incident they are dealing with. They will also provide the legal and regulatory advice arising out of the incident. And by using a law firm as a breach coach, it means any steps taken by them is protected by privilege, which is beneficial should claims arise further down the line.

Our breach coaches work on a rota basis, helping us to manage capacity levels of the breach coaches and maintain a high level of service.

The other key participant in the breach response call is the IT forensics expert. They are there to give you some initial containment advice in terms of the incident itself and equally to assist you with the investigation in terms of understanding what's happened, how it's happened, and how to resolve it and prevent it from happening again.

Finally, Travelers claim professional will be on the breach response call to support you and your organisation and take any steps necessary that we can confirm cover under the cyber risk policy.

Once we have agreed a resolution strategy, the breach coach will act as the project manager, ensuring that all the instructed vendors are working as agreed and operating within their own separate swim lanes. Thereafter, there will be very regular updates and certainly, initially these could be daily update calls, although they can be more or less frequent depending on the nature of the incident itself.

In addition, there will be an email chain formed as well so that everyone in the decision making process is kept regularly updated.

(DESCRIPTION)
Slide title: The wider Breach Response Team. How do they help? A circle appears in the centre with six segments of different colours. The segment titles are Breach Coaches, I-T Forensics, D-D-o-S Attack Response, Public Relations, Credit Monitoring Services, Threat Actor Negotiators, and Forensic Accounting.

(SPEECH)
Depending on the nature of the cyber incident, there are a range of experts that we can call upon.

DAVID HAWKINS: We have already covered the roles of the breach coach and the IT forensic expert. But if we are looking at responding to a ransomware attack as an example, we would often call upon the skills of a threat actor negotiator. Their role is to communicate with cyber criminals, negotiate terms, as well as agree extensions to any deadlines, and test whether the cybercriminals have the data they claim to have. They can also arrange the payment of any ransomware payments.

We find it very useful to engage with a PR firm. This is on the basis that it is good for organisations, for both internal and external communications, to give a clear message as to what is happening.

CHRIS SCOTT: A list of our preferred vendors can be found on the eRiskHub.

(DESCRIPTION)
https colon backslash backslash e risk hub dot com slash preferred hyphen vendors.

(SPEECH)
Once you have logged in there on the home screen, there is a box entitled "Expert." If you click on that, that contains a list of all the vendors we utilise. We are continually reviewing our vendor panel to make sure that we have the best vendors for all types of incidents.

(DESCRIPTION)
Up Next. Item 1, Cyber Risk at Travelers. Introduction. Item 2, Preparing for the Worst. Item 3, Moment of Crisis. Item 4, Recovery Phase. Lines appear through items 1 through 3, and item 4 appears in bolded letters.

(SPEECH)
That brings us to the end of this video. A look at the process and the people that support getting your organisation back up and running. Next, in the fourth video in this series, we explore the recovery phase.

(DESCRIPTION)
Logo: Travelers.

(DESCRIPTION)
Text: From breach to business as usual: Travelers Cyber Risk Video Series. Red Umbrella Logo: Travelers. The background shows people at a conference table listening to two people on a video conference screen.

(SPEECH)
DAVID HAWKINS: Welcome to this series of short videos about the Travelers Cyber claim service. In this final video, we will take you through the post-incident recovery phase, and what travellers can do to help. My name is David Hawkins. And I am part of the claim relationship team at Travelers.

CHRIS SCOTT: And my name is Chris Scott. I'm one of the claim managers here at Travelers with overall oversight of the cyber claims.

(DESCRIPTION)
Slide: Disclaimer. Text: Disclaimer. Important Note. This presentation is for general informational purposes only. It does not, and it is not intended to, provide legal, technical or other professional advice, nor does it amend, or otherwise affect, the provisions or coverages of any insurance policy issued by Travelers. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this presentation and Travelers does not warrant that adherence to, or compliance with, any recommendations, best practises, checklists, or guidelines will result in a particular outcome. Travelers does not accept or assume any responsibility or liability in contract, tort or otherwise for any consequence of you or anyone else acting, or refraining to act, in reliance on the information contained in this presentation or for any decision based on it. Copyright 2025. All rights reserved. Travelers and the Travelers Umbrella logo are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries. All other registered trademarks are the property of their respective owners.

(SPEECH)
Before we move on, I'll just give you a few moments to read through the following disclaimer. Please note that the information provided in these videos is not to be construed as legal advice.

(DESCRIPTION)
Slide: Video Series. Text: 1. Cyber Risk at Travelers - Introduction. 2. Preparing for the Worst. 3. Moment of Crisis. 4. Recovery Phase. Number 4 is in bold. Text: Hello and welcome! We're excited to introduce you to our comprehensive video series, designed to guide you through the journey of a cyber claim and explore how our risk management offerings can help you prepare for the unexpected.

(SPEECH)
DAVID HAWKINS: This session focuses on post-incident recovery phase. The purpose of the video itself is to give you some key takeaways around post-incident recovery, and how we can help after the dust has settled and your systems have been recovered and restored.

(DESCRIPTION)
Slide: Post incident recovery actions: key takeaway. Text: Business interruption cover. Our dedicated team will partner closely with you, connecting you with third-party forensic accounting experts to precisely quantify the financial impact of business interruption resulting from the security breach. We provide comprehensive support throughout the calculation process to ensure accurate assessment of your downtime losses.

(SPEECH)
CHRIS SCOTT: The first point to note is that the policy provides cover for business interruption. We will work very closely with you, typically through the use of a forensic accountant, to assist you in the calculations, providing some assistance in terms of the loss to your business as a result of the downtime from the breach itself.

(DESCRIPTION)
Slide: Post incident recovery actions: key takeaway. Text: Mitigating reoccurrence. After your systems are fully restored, our I.T. vendor partners will provide tailored recommendations for strengthening your security infrastructure to prevent similar incidents in the future. Should you choose to implement these enhanced security measures, Travelers will support your investment through our policy's betterment coverage. This operates on a co-insurance basis, where we partner with you to share the financial responsibility of the implementation costs for these security enhancements, creating a collaborative approach to strengthening your digital defences. This shared investment demonstrates our commitment to not only helping you recover from the current situation but also building more resilient protection for your business moving forward.

(SPEECH)
The second point is that we will also help you with how to mitigate the situation going forwards. Following the recovery of your systems, the IT vendors will provide some recommendations on security strengthening techniques, which will assist you in preventing that type of reoccurrence, if that's something that you would like to utilise and implement into your systems.

The second point is that we will also help you with how to mitigate the situation going forward. Following the recovery of your systems, the IT vendors will provide some recommendations on security strengthening techniques, which will assist you in preventing that type of loss reoccurring.

Is that something that you would like to utilise and implement into your systems? Travelers will support you through the mitigating reoccurrence coverage within the policy on a co-insurance basis. That means that we can cover up to 50% of those costs to implement the security enhancements, subject to the policy terms and conditions, and effectively sharing the expenses with you on a 50/50 basis.

(DESCRIPTION)
Slide: We're here to support you every step of the way. On the left is a screenshot of a Travelers webpage titled, Post Claim Wellbeing Service. Text: Cyber Wellbeing Service. Cyber incidents are highly stressful; our service supports the insured's Cyber response team with therapy and coaching to aid personal wellbeing. Participation is completely voluntary and confidential, with Travelers and the insured unaware of who accesses the service. No impact on the claim - the priority for this service is the wellbeing of the insured's Cyber response team. Key Features: Up to four individuals per insured are eligible for six sessions, with potential for more subject to approval. A service that's tailored to the needs of the user - clinical psychologists, counselling psychologists and CBT Therapists providing different types of wellbeing support.

(SPEECH)
DAVID HAWKINS: A further initiative we've touched on in previous videos is our cyber wellbeing service. We've partnered with HelloSelf, an independent organisation of therapists, to help the key individuals within your business through what can be a very difficult and stressful time.

It's a service where up to four key individuals within your business are eligible for up to six one-hour sessions initially, and we potentially agree further sessions if the therapist and individual request them.

This service is completely confidential. We receive no information whatsoever about who has taken up the service, and the cost is entirely assumed by Travelers. We offer this as we recognise that dealing with cyber incidents is a unique experience and can be an extremely stressful event.

(DESCRIPTION)
Slide: Need to contact us? Text: For policyholders: Check your policy documents, or speak to your broker. For more information on our Cyber offer: travellers dot C.O. dot U.K. slash cyber.

(SPEECH)
CHRIS SCOTT: That brings us to the end of this video on the post-recovery actions and the end of our video series. We'd encourage you to look back through these videos periodically as a reminder of the key takeaways on how to prepare for a cyber incident. What to do when it occurs, and how Travelers helps you all the way through the process.

For policyholders, if you have any questions or wish to get in touch, please speak with your broker or check your policy documents for the relevant contact information. For anyone looking for further information on what we offer at Travelers Europe, please visit travelers.co.uk/cyber or speak to your broker. Thank you.

(DESCRIPTION)
Red Umbrella Logo: Travelers.