Issue link: https://maltatoday.uberflip.com/i/1542674
6 COMMERCIAL maltatoday | SUNDAY • 18 JANUARY 2026 From breach to recovery: The role of cyber insurance in incident response CYBER incidents are escalating in both frequency and impact, making resilience no longer op- tional but essential. This reality was underscored during the MI- TA–NCC CYBER Talk, "From Breach to Recovery: The Role of Cyber Insurance in Incident Re- sponse." The session convened a panel of industry experts who shared firsthand experiences, strategic insights, and practical guidance on how organisations can better navigate an increas- ingly complex and high-stakes cyber-risk landscape. The discussion, moderated by Robert Gauci, Digital Advisory Lead at KPMG, brought together Finian Massa, Strategic Market- ing Manager at ICT Solutions; David Vassallo, CEO of Cyber- Sift; and Mark Spiteri, General Manager at Antes Insurance Bro- kers. Collectively, the panel ex- plored the growing importance of cyber insurance within today's incident response frameworks and examined why its role is be- coming increasingly critical in the face of evolving cyber threats. The session opened with a broad overview of today's cyber- security landscape, setting the tone for a discussion shaped by urgency and realism. Cyber-at- tacks are no longer just more frequent; they are increasingly sophisticated and multifaceted. Finian Massa set the stage with a striking observation: the ingenu- ity behind modern cyber-attacks would almost be admirable, if not for their harmful intent From ransomware attacks and cloud infrastructure breaches to spam-calling operations and business email compromise, cyber threats have become an unwelcome constant for organ- isations of every size and sec- tor. While attack methods vary, many are driven by the same un- derlying goal: identity theft. David Vassallo expanded on the potential fallout, highlight- ing two of the most severe con- sequences, financial loss and reputational damage. When it comes to detecting an attack, ransomware is often the most obvious, announcing itself im- mediately upon infection. How- ever, not all threats are so obvi- ous. Many attackers gain access quietly, remaining undetected as they monitor systems and us- er behaviour. According to him, subtle anomalies, such as logins at unusual times or activity that deviates from a user's normal patterns, can be early indicators that something is amiss. The panel agreed that strong cyber hygiene remains the first and most critical line of defence. Measures such as multi-factor authentication, endpoint mon- itoring, and ongoing employee awareness training are essential. Yet, as emphasised throughout the discussion, prevention alone is not enough. Every organisation must also have a comprehensive incident response plan that ad- dresses preparation, active re- sponse, and recovery. As Mark Spiteri explained, any organisation with an online pres- ence is inherently exposed to cyber risk. For this reason, cyber insurance should be regarded not as an optional extra, but as a core component of an effective incident response strategy. While adoption of cyber insurance in Malta has increased slightly, particularly within the financial services sector, overall uptake re- mains limited. Cost is often cited as a key bar- rier, though this varies depend- ing on an organisation's size and industry. However, Mark noted that price is not the only consid- eration. The process of obtaining cyber insurance involves rigor- ous assessment of an organisa- tion's security posture, much like a safety inspection. Insurers will identify weaknesses and require remediation before offering cov- erage. Even if insurance is not ultimately purchased, the evalua- tion itself can be highly valuable in exposing gaps that need atten- tion. As moderator Robert Gau- ci observed, some organisations are now using cyber insurance requirements as a benchmark, shaping their broader risk man- agement and security frame- works around them. Finian Massa echoed this senti- ment, stressing that cyber insur- ance is far from a simple check- box exercise. While the process can be demanding, it serves as a meaningful starting point for strengthening security funda- mentals, at the very least, en- suring that basic protections are firmly in place. David Vassallo added that or- ganisations already working to- wards certifications such as ISO 27001 or SOC 2 will find them- selves well positioned, as much of the groundwork aligns closely with cyber insurance require- ments. In this way, insurance can complement existing certifica- tions, providing clients with an added layer of confidence. Mark Spiteri also outlined what organisations can expect when a breach is suspected and what cyber insurance typically covers. This often includes business in- terruption, loss of income, extor- tion-related costs, liability, hard- ware damage, regulatory fines, and breach response services. These response services generally cover access to incident response teams, cybersecurity specialists, legal support, and additional monitoring, such as post-breach credit card surveillance. The discussion underscored a clear message: as cyber threats continue to evolve, so too must organisational response strate- gies. Emerging risks, driven by advances in AI, increasingly so- phisticated attack methods, and supply chain vulnerabilities, are raising the stakes even further. With powerful tools now readily available, even individuals with minimal technical expertise can launch effective attacks. Ultimately, the session high- lighted not only the growing complexity of the cyber-risk en- vironment but also the expand- ing role cyber insurance can play in helping organisations prepare, respond, and recover in an in- creasingly hostile digital land- scape. For more information and up- dates on upcoming initiatives and events, visit https://ncc-mi- ta.gov.mt/ or follow MITA-NCC across its official social media channels. Pauline Borg