08 Apr Cyber Insurance & Incident Response Plans
RIAs operate within a swift cybersecurity environment, where preparation and infrastructure are critical—not only to safeguard sensitive data, but also for maintaining client confidence, and meeting fiduciary obligations.
Advisers find themselves in ecosystems that can include estate attorneys, accountants, insurance agents, custodians, and clients themselves. These distributed models can create multiple vulnerabilities, particularly highly sensitive documents that may pass along Personally Identifiable Information (PII) or money movement instructions across different parties.
While the updated Regulation S-P framework warrants its own deep dive, it is important to recognize that the incident response plan (IRP) is no longer just a “best practice” but a regulatory expectation that is driving many advisers and compliance professionals to reassess how cyber risk operationalized across the firm and familiar professionals.
As a part of our effort to better understand and support our RIA clients, Golsan Scruggs conducts a bi-annual RIA Risk Survey. In the most recent survey (circa 2025), 8,000 independent RIAs were asked to rate perceived areas of risk on a scale of 1 to 10. Notably, “Cyber/Privacy Data Breach” ranked as the highest perceived risk at ~8.5, followed by “Wire Fraud/Crime/Social Engineering” at ~7.9.
Registered Investment Advisors, in response to the Golsan Scruggs 2025 RIA Risk Survey conducted from May through August of 2025, ranked the following areas of risk from lowest to highest:
*Golsan Scruggs 2025 RIA Risk Survey
Given the RIA community’s heightened concern around cyber threats, regulatory pressure, and our behind-the-scenes perspective of how cyber insurance functions in practice, it is worth exploring how advisers can better manage risk amid ongoing uncertainty.
At its core, an incident response plan should outline both technical and legal procedures while also identifying key external stakeholders. Among the most critical of these are the firm’s cyber insurance carrier and in some cases the insurance broker (particularly where the broker plays an active role in claims advocacy and coordination).
For advisers, embedding insurance information directly into the IRP is not merely administrative, it is operationally essential. Including details such as the carrier’s breach response hotline, policy number and broker contact information ensures the firm can act immediately in the event of an incident. This can be especially important given the time-sensitive nature of firm operations, where delays can impact client communications, capital activity, and regulatory obligations.
The importance of this alignment becomes clear when considering how cyber insurance policies function in practice. Many policies require prompt notification as a condition of coverage and if triggered, they often require the use of pre-approved vendor panels including breach counsel, digital forensic firms, public relations specialists, and notification or credit monitoring providers. For advisers who may already be coordinating with outside parties or engaging non-panel vendors can create duplicative efforts, increased costs, and unnecessary disruption during an already sensitive matter.
Simply put—there is sometimes a disconnect that exists between insurance contracts, and what is often viewed as standard operational or compliance practice. To be completely fair and to not step on toes of compliance professionals, Regulation S-P does not explicitly require firms to include insurance carrier details within their IRP, but it does emphasize the need for effective, actionable response procedures. This can extend beyond internal workflows and include coordination across multiple third parties and service providers.
In this context, integrating cyber insurance carrier information such as hotline access, policy details, and broker contacts into the IRP becomes a practical risk management tool that not only supports more coordination but also strengthens the firm’s ability to meet regulatory expectations, fulfill fiduciary duties and preserve trust with its clients.
Appendix
Markel:
Incident/Crisis Contact Hotline: 844-462-7535
Policy #
Broker contact info
Chubb:
Incident/Crisis Contact Hotline: 800-817-2665 or ChubbClaimsFirstNotice@Chubb.com
Policy #
Broker contact info
Coalition:
Incident/Crisis Contact Hotline: 833-866-1337 or Attn: Coalition Claims claims@coalitioninc.com
Policy #
Broker contact info
Hartford:
Incident/Crisis Contact Hotline: 800-370-0605 or FirstResponse@thehartford.com
Policy #
Broker contact info
Travelers:
Incident/Crisis Contact Hotline: 888-842-8496 or BSIclaims@travelers.com
Policy #
Broker contact info
Tokio Marine:
Incident/Crisis Contact Hotline: 888-627-8995 or CyberClaims@tmhcc.com
Policy #
Broker contact info
At-Bay:
Incident/Crisis Contact Hotline: 650-850-5408 or claims@at-bay.com
Policy #
Broker contact info
CFC:
Incident/Crisis Contact Hotline: 844-677-4155 or cyberclaims@cfc.com
Policy #
Broker contact info
BCS:
Incident/Crisis Contact Hotline: 866-288-1705 or RPSCyberClaims@bakerlaw.com
Policy #
Broker contact info
Corvus:
Incident/Crisis Contact Hotline: 855-248-2150 or cyberclaimreport@corvusinsurance.com
Policy #
Broker contact info
*Contact information above is provided for informational purposes only and is subject to change without notice. We do not guarantee the accuracy or completeness of this information and recommend you confirm your cyber carrier’s contact info via your most recent policy document*
By Bryant Wood & Cameron Norris, CAIA – Golsan Scruggs
Golsan Scruggs is an insurance brokerage firm operating throughout the United States specializing in investment advisor E&O errors & omissions insurance (aka professional liability insurance) for RIA registered investment advisors. As one of the largest insurers of RIA firms in the U.S., we have a dedicated staff that understands the risks of the financial services industry and delivers superior results. We make the underwriting process painless.
At Golsan Scruggs, we believe it is incumbent upon us to earn the right to be appointed as your insurance and risk-management agent. Our RIASURE process exists to serve that purpose.
Our RIASURE Review will analyze your fiduciary exposures, provide rate details and comparisons, and provide a contract comparison. No application required.
To obtain your complimentary RIASURE Review, please provide the following information or contact us at (800)273-5883. Fields marked with * are required.