Rapid Response

Third Rock’s rapid response arms you with the right response to reduce cyber claims cost

The Issue

Almost all cyber claims are treated as
DEFCON 5 situations

The process for most insurance cyber claims uses a one size fits all approach. Driven by fear of being sued for noncompliance, law firms became the leaders in cyber incident project management. The faulty thinking is that businesses view a breach of personal data as their only significant cyber-related concern.

The Facts

Not all cyber claims result in a breach

With new cybersecurity technologies and the vast data that exists between companies, vendors and employees, businesses need to identify operational exposures, not just legal ramifications. It’s time for insurance companies to be empowered to reduce claims costs, improve client experience, analyze trends and improve policy holder’s cybersecurity across people, processes, technology and vendors.

Our experience in multiple industries can help you.

The cyber claims process needs to evolve as cyber evolves.

Insurance companies are the leaders in driving cyber protection and reducing risk for businesses. As cyber crime evolves, insurance companies have the opportunity to transform their claims process.

We know technology, cybersecurity, privacy regulations and insurance.

Since 1995, Third Rock continues to be a thought leader in cybersecurity and compliance. We have in-depth experience in cyber risj and compliance management and automation. 

Gain signifcant cost savings, deliver better experience for policy holders and reduce ongoing cyber risks with Third Rock’s Rapid Reponse

See how our solution can evolve your cyber claims process.

Our multi-industry experience can work for you 

Excess Line Association of New York (ELANY) vetted us, along with other companies, for months before choosing us as the cybersecurity and professional complaince organization for their members.

We also work with Texas Medical Liability and Trust (TMLT), the largest insurer for physicians in the nation.TMLT compared our CyberCompass® software to over ten competitors and found it the most comprehensive and user-friendly.

See how CyberCompass® automates your work flow in any industry

There’s a better way to deliver rapid response for a variety of cyber incidents and reduce costs:

We have seen first-hand how attorneys using “legal-only” thinking. Clients and insurance companies were impacted by precious time wasted, simple solutions missed and often, an incident turned into a breach.

Third-Party Breach



Cyber Issue

The client received their 2nd letter from the OCR because HIPAA cybersecurity and compliance plans prepared by a law firm were not adequate to address a data breach. OCR required a new submission in 2 weeks.

Potential fine


Potential Damage

Fine, loss of patent clients, reputation

Third Rock’s Rapid Response

Delivered a report in less than 4 days to the client’s attorney correcting previous incorrect statements about data loss by the client. Attorney reviewed and submitted to OCR. OCR dismissed the entire audit.

Internal Breach


Real Estate

Cyber Issue

An employee stole corporate data and protected personal information.

Potential fine


Potential Damage

Major loss of business and clients

Third Rock’s Rapid Response

Confirmed the suspicious behavior, identified the accessed systems and stolen data in 3 days. Worked with IT department and FBI. Person arrested in less than 2 weeks. No data was actually lost and no notifications required. 

Full network scans, operating system scans and external penetration testing were performed. The network vulnerability scan identified four unkown devices that were found and removed from the network by the IT department. Two were old systems but the other two were potential stealth devices that were not activated externally.

Identity Theft



Cyber Issue

Employees used company data to create and sell fake IDs on the dark web

Potential fine


Potential Damage

Identity theft of patients’ data and business reputation

Third Rock’s Rapid Response

Analyzed activity logs of suspected user. Documented proof that the employee accessed the EMR system beyond their authorized use, accessed websites to create false identification material and to sell created materials. Analyzed documents, documents lack of uploads and lack of information on the dark web to prove no data was actually stolen, lost or destroyed. No fine was incurred. No notifications were required after review by legal counsel.

Third Rock’s rapid response solution

Our solution starts with using a formal project management approach to utilize the right expertise to:

  • Reduce claim costs
  • Protect the policyholders’ business
  • Provide learnings/ trends about cyber crime
  • Educate the policyholder about cyber risks
  • Empower the policyholder to manage cyber risks
  • Provide guidance to legal firms to drive for higher efficiencies
  • Deliver timely tracking and status for cyber crimes

Rapid response project management approach

Step 1:

Triage Assessment

Assessor interviews client and IT department to determine the who, what, when and possible data lost

Priority 1: Event
Priority 2: Incident
Priority 3: Breach

How to act

Cyber Triage Assessor will provide the client immediate actions to take in order to limit exposure and secure evidence based on assessment results

Guide to next level

Cyber Triage Assessor will scheduel discovery assessment if determined your are at Priority 2 or 3

Step 2:

Discovery Assessment

CISSP Forensics team does technical deep dive to determine if a breach occured and the severity if so
1. Scan/analyze system and application logs
2. Create/review data map of sensitive data
3. Conduct technical scans – inventory, network and operating scans

If Priority 2 determined

If certified assessor determines unauthorized activity or abnormal behavior then claims is notified

If Priority 3 determined

If certified assessor determines data loss, then claims, legal counsel and communications firm are notified

Step 3:

Comprehensive Report

Develop comprehensive documentation of all findings with executive summary for quick review by all parties

Custom Remediation Plan

Based on the discovery and client’s resources, Third Rock will generate a custom remediation plan

Manage Recovery

This plan will be available in CyberCompass® software to prioritize, manage and collaborate with client and associated parties

Using automation to increase quality and reduce your costs

Only CyberCompass® delivers and maintains cyber claim playbook.

Cyber Compass® is cloud-based software that automates cyber risk management to increase productivity by 70%. With every cyber crime being different, unique expertise is needed. CyberCompass® creates the “go-to” tool for all the findings, reporting and actions. It creates an on-demand portal for the client, legal firm, communication firm and insurance claims departments to see the status.

By it capturing the information for cyber claims as they are assessed and remediation, insurance companies will have access to better insights and data to understand how to better manage cyber risk with their clients going forward. It provides your client with a secure encrypted vault to upload all the documentation.

Want to learn more about CyberCompass®? Visit their website for product information and updates.

Ready to start saving money?

Our tiered proposed fee structure is based on the severity of the cyber incident, not an hourly rate.

$500 – $1,500 per triage call

$7,500 – $20,000 per security/privacy incident that can be remediated without legal assistance

$12,500 – $35,000 per data breach for providing oversight and project management for legal, specialized forensics and notification communication firms