Be the GAME CHANGER.
|
|
- Bethanie Nicholson
- 5 years ago
- Views:
Transcription
1 Be the GAME CHANGER.
2 DISCLAIMER Seminar materials and presentations are intended to provide you with guidance and insight with regard to the selected topics. However, your instructor is not an attorney; and the materials and comments do not constitute, and should not be regarded as, legal advice. Although every effort has been made to assure the accuracy of these materials and the comments made during the seminar, they are not intended to serve as a substitute for legal counsel. Policy forms, clauses, rules, and court decisions constantly change and vary from company to company and state to state. These materials are intended as a general guideline and may not apply to a specific situation. The author, instructor, Professional Insurance Agents of Indiana Inc., and any organization for whom this seminar is conducted shall have neither liability nor responsibility to any person or entity with respect to any loss or damage alleged to be caused directly or indirectly as a result of information contained in this book, in the presentation, or in any ensuing discussion. Presented by Professional Insurance Agents of Indiana 50 E. 91st Street, Suite 207 Indianapolis, IN
3 Mark Reilly Mark has been in the insurance industry as a company production underwriter, agent, agency owner, speaker, author and expert witness almost 40 years. He was an agency owner for nearly 30 years. Mark currently is an owner of inbuzz Group, and Inbound Marketing and Sales company. He is also employed by USI Insurance, one of the largest independent insurance agencies in the word. His responsibilities with USI include employee education and mentoring. Mark and his wife Nancy live in Port Clinton Ohio.
4 Just the Equifax Mam - Cyber Liability Exposures and Solutions for Your Clients Are Our Clients Being Hacked 1
5 Are Our Clients Being Hacked 67% of Exposed Records were from the Retail Sector Small Companies Represented 47% of the Claims The Average Breach Cost was $348k and the Median Amount was $56k The Largest Regulatory Claim was $6M Cyber Event Recovery Cost High was $475k Ransomware / Cyber Extortion affected every sector with maximum breach costs in excess of $500K Net Diligence Claims Study Are Our Clients Being Hacked Wire Transfer Fraud & Theft of Money averaged $179K in breach cost Trademark Infringement and / or the Loss of Trade Secrets averaged $865K, with a median of $182K and a maximum of $4.9M Healthcare and Professional Services suffered 44% of the fraudulent W-2 claims Breach costs were 20% higher when there was Cloud involvement. PCI data was exposed in 16% of claims but accounted for 67% of records. PHI data represented 15% of claims and 17% of exposed records, while PII data accounted for 36% of claims but only 16% of exposed records. PCI, PHI and PII data accounted for 99% of all records exposed Net Diligence Claims Study 2
6 Are Our Clients Being Hacked Lost or Stolen Devices more than doubled in claims this year, and Paper Records claims almost tripled. Maliciously motivated Insider events resulted in more expensive claims by a factor of four Hackers were identified as the most common Cause of Loss, followed by Malware / Virus, Ransomware / Cyber Extortion and Staff Mistake. Notification cost was 39% higher 2017 Net Diligence Claims Study Are Our Clients Being Hacked Across the entire healthcare sector, Security Scorecard says 75 per cent have suffered a malware infection. Medical treatment centers (96 per cent) are most targeted by ransomware and medical equipment manufacturers (90 per cent) are most frequently hit by malware -Insurance Business November 09,
7 Just the Facts Just the Facts 4
8 Just the Facts Just the Facts 5
9 Just the Facts Just the Facts 6
10 Just the Facts Just the Facts 7
11 Just the Facts Just the Facts 8
12 Just the Facts Just the Facts 9
13 Just the Facts Just the Facts 10
14 Just the Facts Just the Facts 11
15 Just the Facts Just the Facts 12
16 Growth Rate Opp by Industry Cyber Insurance Today One of the fastest growing lines of insurance Claims so far have been moderate and experience good for insurers (recent losses are negatively impacting rates up 85% since 11) Challenges are coming Breaches are growing Too many breaches will affect premiums and coverages Common attack breaches will start to show up especially cloud based There is a lack of talent in underwriting and claims Can Actuaries predict and offer stable pricing Cyber coverages are widely different and have many gaps 13
17 Cyber Insurance Today Gaps will include Reduction in business market capital Reputational harm Business Interruption and extra expense costs Lost time from staff and business focus This exposure is cradle to grave Legendary vs. evidentiary Focus needs to be on risk avoidance, risk mitigation, risk reduction, and duplication of value added services Risk control through advances in technology needed New Credit Cards as example the EMV Liability Shift (10/01/2015) Recent Denial of Service from IoT and smarthomes Which Clients and Prospects Need Coverage? Who Needs Coverage Two Major Categories Users of Technology They Need Data Breach or Cyberliability Coverage Sellers of Technology They Need E&O, Professional, Content and /or Media Coverage 14
18 Let s ID some Exposures What State enacted the first Data Security Breach law? What is FERPA? What does it protect What is the Opt Out requirements for the CAN-SPAM act? What is the Red Flag Rule Who has to comply with HIPPA What is the HITECH Act What is COPPA and how will it affect your clients? Let s ID some Exposures ta-breach-toolkit/data-breachcalculators/
19 Let s ID some Exposures ta-breach-toolkit/data-breachcalculators/ -breach-toolkit/data-breach-calculators/ IBM Data Breach Calculator lt 16
20 erisk Calculator Let s ID some Exposures ta-breach-toolkit/data-breachcalculators/ 17
21 Cyber Risk Exposure Scorecard Presented by Diversified Insurance Service QUESTION RESPONSE SCORE Does your organization have a wireless network, or do employees or customers access your internal systems from remote locations? Yes 5 Does anyone in your organization take company-owned mobile devices (e.g., laptops, smartphones and USB drives) with them, either home or when travelling? Yes 5 Does your organization use Cloud-based software or storage? Yes 5 Does your organization have a bring your own device (BYOD) policy that allows employees to use personal devices for business use or on a company network? Yes 5 Are any employees allowed access to administrative privileges on your network or computers? No 0 Does your organization have critical operational systems connected to a public network? No 0 Does anyone in your organization use computers to access bank accounts or initiate money transfers? Yes 5 Does your organization store sensitive information (e.g., financial reports, trade secrets, intellectual property and product designs) that could potentially compromise your organization if stolen? Yes 5 Does your organization digitally store the personally identifiable information (PII) of employees or customers? This can include government-issued ID numbers and financial information. Yes 5 Is your organization part of a supply chain, or do you have supply chain partners? Yes 5 Does your organization conduct business in foreign countries, either physically or online? No 0 Has your organization ever failed to enforce policies around the acceptable use of computers, , the Internet, etc.? Unsure 5 Instructions In recent years, cyber attacks have emerged as the most significant threats facing organizatio sizes. The Internet and other network operatio created risks that were unheard of less than a ago. When cyber attacks (such as data breache hacks) occur, they can result in devastating da such as business disruptions, revenue loss, leg and forensic analysis and customer or employ notifications. It is important to remember that no organizati immune to the impact of cyber crime. As a res liability insurance has become an essential com to any risk management program. Begin by answering the questions on the left. response will be assigneda numerical value depending on the answer. At the end, we will your score to determine your organization's l cyber risk. Can the general public access your organization s building without the use of an ID card? Yes 5 Is network security training for employees optional at your organization? No 0 Can employees use their computers or company-issued devices indefinitely without updating passwords? No 0 Has your IT department ever failed to install antivirus software or perform regular vulnerability checks? No 0 Can employees dispose of sensitive information in unsecured bins? No 0 Would your organization lose critical information in the event of a system failure or other network disaster? Yes 5 Can employees easily see what co-workers are doing on their computers? No 0 SCORE: 55 Has your organization neglected to review its data security or cyber security policies and procedures within the last year? No 0 LEVEL OF RISK: Escalated Yes No Unsure Let s look at Some Losses Sony DSW Target and it s Vendor Doctors Office and the Love Interest Facebook and the Non-Profit Advertising Infringement Claim for Plumbing Supply Company that Stopped Carrying a Line Ace Hardware and the Academy Awards The Swimming Pool Flier 18
22 What Are the Risks Rapid change in the marketplace and ISO/Company reaction in policy language affecting Cyber Loss both First and Third Party claims. Understanding the client and the exposure Knowledge Policy Client Ways to avoid loss Know the client and their exposures Understand your markets treatment of these types of loss Listening Techniques and Tools to determine exposure What Are the Risks Net expansion outruns General Liability (GL) coverage - Existing policies do not account for web-based liabilities Data theft is commonplace Increasing intellectual property liability claims 19
23 What Are the Risks Employee misuse of websites, s and other electronic communications that involve: - Harassment of other employees or outside individuals - Accidental or purposeful slander or copyright infringement - Use of pirated or unstable software - Misuse of company data Economic Exposures Trademarks Copyright implications Intellectual property rights Defamation Security Breaches Systems failures 20
24 Trademarks Risks: Cyber-squatting - Registering domain names without consent Deep linking - Linking to Web pages within sites Using unauthorized links - To Web sites without consent -ttp://goo.gl/k5ki2 Copyright Implications Risks: Unlicensed duplication of copyrighted material - Pinterest Agreement - Licensing Violations - Theft or unauthorized distribution of trade secrets - ://goo.gl/k5ki2 21
25 Licensing Agreement Violation Intellectual Property Rights Risks: Website content - Ownership issues - Who owns what content? What is the scope of the licenses? - Patent infringement How to manage: Decrease legal liability with terms-of-use agreement Security and encryption concerns Review methods of authenticating information 22
26 Defamation Risks: Defamatory statements - Opinions versus facts Postings - Via websites - - Chat rooms Linkedin, - Publications - Blogs - - Online bulletin boards Data Security Risks: Collection, storage and use of information Privacy issues Security breaches Risk Management: Data Security Policy Data Encryption Employee Training Transfer liability to third-party vendor 23
27 Systems Failure Risks: Virus attacks - Transmission of Malicious Code or Virus Physical damage or interruption to servers - Income/Extra Exp Natural disasters Hacking/Cracking Computer Extortion Employee Related Employment liabilities Privacy violations Discrimination and harassment 24
28 Privacy Violations Employees claim their privacy rights were violated after the employer reviewed s or personal files Employees claim privacy violations for website tracking or blocking of Internet sites Fight between employee/employer on social media. Passwords, free speech issues Discrimination and Harrassment Employees receive unwelcome verbal, visual or physical conduct that is sexual or discriminatory in nature - Conduct interferes with employee s work - Employee feels violated and uncomfortable on the job - Conduct occurs via , bulletin board postings on the Internet or by physically showing another employee explicit websites 25
29 Social Media Misuse of social media can open a company up to a variety of risks Keep track of what s being said about your company online, through social networks and blogs Risk Finance Solutions for Clients Self Insurance Options Formal plan requires planning for payment and budgeting for organization s losses in any given category. (Not just for large risks) Limit the impact of loss by partially self funding (SIR) with fixed amount on per claim or occurrence. Still may need Cyber Coverage You need to replace services often provided by insurer Usually self funded internally but may establish captive or collective funding Transfer Plans Insurance or Non-insurance 26
30 Risk Finance Solutions for Clients Usually a firm will use a combination of both Insurance and Non-insurance Non-insurance (often contractual risk transfer) Cyber Contracts Shrink Wrap, Licensing Agreements etc. Not really transfer of the exposure but the obligation to pay either on behalf of or as indemnification Most prevalent forms of non-insurance transfer is by the use of hold harmless agreements and risk transfer to the transferee s insurer Risk Finance Solutions for Clients Insurance Transfer Monoline vs. Package Transfer Plans/Coverage Forms Monoline 1 st party Cyber Property or 3 rd Party Cyber Liability only Package 1 st and 3 rd Party Executive Liability Chubb, Chartis, Travelers, CAN. Incorporated in the D&O Combination with other forms EDP Coverage - like Selective Electronic Information Systems Policy which gives $50,000 per occurrence and $150,000 Aggregate from virus and harmful code, also has cyber business income limit 27
31 Cyber Coverage ISO Property Forms Tangible vs. Intangible Property Impaired vs. Damaged Scope: Any company with a Web presence or performing e-commerce activities Storage of any information of a private nature Coverage: (First Party) Intangible economic losses Destruction of home pages Network and server failure Unauthorized obstruction of customer information Restoration costs Fake orders Viruses Industrial espionage Cyber Coverage CGL Limitations CGL not intended to cover electronic data and other cyber related losses The definition of Property Damage in the ISO CGL coverage form clearly states that electronic data is not tangible property. Coverage exclusion is further reinforced with the Electronic Data Exclusion found in Coverage A There may be some coverage under CGL for some offenses such as the use of internet, or certain website notices under Coverage B Personal/Advertising Injury but this is subject to significant exclusions 28
32 Cyber Coverage Cyber Liability is not usually an ISO Coverage Form Many policies are non standard in language Many polices have the words Cyber, Internet or Security but without careful review policy may not address the clients exposure Coverage Analysis is critical Common Characteristics of Cyber Liability Policies Typically include Insuring Agreement Definitions Exclusions Limits of Liability/Declarations Defense and Settlement Cyber Coverage Multiple Insuring Agreements Like other Specialty Policies many included numerous insuring agreements (D&O, E&O, EPLI) Examples of insuring Agreements Associated with Cyber Privacy Injury Security Breach Expense Network Security Liability Content Injury Liability 29
33 Cyber Liability Cyber Coverages Cyber Liability Privacy Liability 30
34 Cyber Coverages System Damage Business Interruption Cyber Coverages Consequential Reputational Harm Regulatory Actions and Investigation 31
35 Cyber Coverages Cyber Coverages 3 rd Party Notification Costs Computer Crime 32
36 Cyber Coverages Identity Theft Defamation Cyber Coverages Intellectual Property 33
37 Cyber Coverages Cyber Threats & Extortion Cyber Coverages Invasion of Rights to Privacy 34
38 Cyber Coverages Cyber Coverages 35
39 Selling Cyber Coverage Must sell this product, it is not often bought Deal with decision maker but involve IT to determine need and buy in Stress Website Breaches Erode Vital Company Resources (Financial, Personal, Reputation, Confidence and Long Term Value to the Company) Firewalls are not foolproof, about 65% of organizations with firewalls have been penetrated. Virus Protection is reactive Help Client assess or encourage them to assess exposure Attacks are growing in frequency and severity 5 Top Objections from Small Business My business is not attractive to hackers I have all my stuff in the cloud Cyber Attacks are just like any other Computer Problem (Data Breach, Transmission of Malware or Virus) Cyber Policy does not cover my risk (I just need some crime and BOP) I will fix it myself (or I will just ignore and bury it) 36
40 Real Live Claims Ransomware / Cyber Extortion A company provides customers with hosting and connectivity solutions, including Internet access, hosted environments for internal and external facing websites, hosted application services, etc. Access is restricted to authorized users through assigned user identification with user-controlled passwords. Situation: The company receives a threat from an unknown third party that will cause an interruption of the company s network and unauthorized access to the data stored on the company s servers. After investigating the threat, it s determined that the threat is credible and the company makes an extortion payment to the person or group making the threat. Challenge: The cyber extortion threat results in the following expenses for the company: $25,000 cyber extortion expenses Resolution: The total expenses incurred by the insurer were $25,000. Claims Examples from Bizlock/Arlington& Roe Real Live Claims Medical Records Hacked When an insured hospital was notified by the United States Secret Service of a potential HIPAA breach that may have compromised data for 40,000 patients, our experienced team of dedicated cyber claims specialists quickly engaged a breach coach and a forensic investigator. As a result, the insured had knowledgeable partners to provide advice, handle notifications, create a call center, offer patients access to identity-monitoring products, and ensure the incident was properly reported to the state regulatory agencies. Claims Examples from Bizlock/Arlington& Roe 37
41 Real Live Claims Malware Data Breach A regional retail computer system was compromised when a third party sent a malware program via to a number of employees. The invasive software allowed the third party to access the system and capture the names, addresses and credit card numbers for more than 500,000 customers. Claims Examples from Bizlock/Arlington& Roe Real Live Claims Stolen Laptop An employee s company laptop containing private customer information is stolen from his home. As a result, customers sue the company for damages resulting from alleged failure to protect their private financial information. Claims Examples from Bizlock/Arlington& Roe 38
42 Real Live Claims enetwork Interruption When an insured with hundreds of outlets experienced a 48-hour systems failure at the start of a busy holiday weekend due to a hack, the insured could not process sales and payments quickly and its operations were disrupted. The response team added expertise, assisted the retailer in retaining a forensic accountant, and verified the lost sales calculation for the holiday weekend. The insured was also reimbursed for approximately $200,000 of lost sales incurred after the waiting period applicable to the network interruption caused by a malicious attack. Claims Examples from Bizlock/Arlington& Roe Real Live Claims Rogue Employee An employee stole a donor s credit card information from a non profit that resulted in a forensics investigation, a lawsuit and a PCI fine. The per record insured cost for that incident was $50,000. Claims Examples from Bizlock/Arlington& Roe 39
43 Real Live Claims Data Theft From Server When a server and hard drive maintained by a company acquired by an insured were stolen, sensitive data for nearly 45,000 individuals was compromised. The insured was provided $1 million to cover notification, public relations, and other incident-related services. Claims Examples from Bizlock/Arlington& Roe Real Live Claims Payment Card Industry (PCI) Related Fines and Penalties A large movie theater operation had its transaction processing systems at a specific movie theater location hacked. Thieves collected card data from one machine over Pharmacy Procedural Error A woman purchased a used computer from a pharmacy. The computer still contained the prescription records, including names, addresses, social security numbers, and medication lists of pharmacy customers. The cost of notifying affected parties per state law totaled nearly $110,000. Two lawsuits were filed: one alleged damages in excess of $200,000 from a party who claimed she lost her job as a result of the disclosure; the second alleged the plaintiff s identity was stolen, and the costs of correction and emotional distress exceeded $100,000. the course of one year before the Secret Service notified the movie theater owners. A forensic investigation ensued. Mastercard issued PCI related contractual fines and penalties in excess of $250,000 to the payment processor, who in-turn contractually passed the obligation to the movie theater owners. The insurance aggregate limit was reached at $100,000. Claims Examples from Bizlock/Arlington& Roe 40
44 Real Live Claims Pharmacy Procedural Error A woman purchased a used computer from a pharmacy. The computer still contained the prescription records, including names, addresses, social security numbers, and medication lists of pharmacy customers. The cost of notifying affected parties per state law totaled nearly $110,000. Two lawsuits were filed: one alleged damages in excess of $200,000 from a party who claimed she lost her job as a result of the disclosure; the second alleged the plaintiff s identity was stolen, and the costs of correction and emotional distress exceeded $100,000. Claims Examples from Bizlock/Arlington& Roe Real Live Claims Media Liability Exposure Two employees at a Pizza chain posted derogatory comments and a video online. The video captured their employee uniforms and work location. Claims Examples from Bizlock/Arlington& Roe 41
45 Thank you 42
Cyber Liability: New Exposures
Cyber Liability: New Exposures Presented by: CONRAD INSURANCE 2007, 2010-2011, 2013-2014 Zywave Inc. All rights reserved. New Economy, New Exposures Business shift: Bricks and Mortar to Clicks and Orders
More informationCyber Liability A New Must Have Coverage for Your Soccer Organization
Cyber Liability A New Must Have Coverage for Your Soccer Organization Presented By: Pat Pullen Jeanne Zabuska President Underwriting Manager February 17, 2012 Why do you need Cyber Liability? Have a web
More informationPrivacy and Data Breach Protection Modular application form
Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while
More informationCyber, Data Risk and Media Insurance Application form
Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while
More informationCYBER AND INFORMATION SECURITY COVERAGE APPLICATION
NOTICE: THIS APPLICATION IS FOR CLAIMS-MADE AND REPORTED COVERAGE, WHICH APPLIES ONLY TO CLAIMS FIRST MADE AND REPORTED IN WRITING DURING THE POLICY PERIOD, OR ANY EXTENDED REPORTING PERIOD. THE LIMIT
More informationChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them
ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them PROVIDED BY HUB INTERNATIONAL October 25th, 2016 W W W. C H I C A G O L A N D R I S K F O R U M. O R G AGENDA 1. The evolution of
More informationCYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP
CYBER LIABILITY INSURANCE OVERVIEW FOR Prepared by: Evan Taylor NFP Targeted Industries Business Sector Financial Services 10% Non-Profit 11% Retail 10% Other 37% Other 18% Type of Data PII 40% Professional
More informationCyber-Insurance: Fraud, Waste or Abuse?
SESSION ID: STR-F03 Cyber-Insurance: Fraud, Waste or Abuse? David Nathans Director of Security SOCSoter, Inc. @Zourick Cyber Insurance overview One Size Does Not Fit All 2 Our Research Reviewed many major
More informationInsuring your online world, even when you re offline. Masterpiece Cyber Protection
Insuring your online world, even when you re offline Masterpiece Cyber Protection Protect your online information from being an open network 97% of Chubb clients who had a claim paid were highly satisfied
More informationJAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group
SPECIAL GUEST JAMES GRAY Underwriter, London UK Specialty Treaty Beazley Group All 6 Beazley Lloyd's Syndicates are rated A (Excellent) by A.M. Best Admitted Carrier in the US Beazley Ins Co rated A (Excellent)
More informationThe Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage
The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage James P. Bobotek james.bobotek@pillsburylaw.com (202) 663-8930 Pillsbury Winthrop Shaw Pittman LLP DOCUMENT
More informationSixth Annual Benchmark Study on Privacy & Security of Healthcare Data
Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data Sponsored by ID Experts Independently conducted by Ponemon Institute LLC Publication Date: May 2016 Ponemon Institute Research Report
More informationCyber & Privacy Liability and Technology E&0
Cyber & Privacy Liability and Technology E&0 Risks and Coverage Geoff Kinsella Partner http://map.norsecorp.com http://www.youtube.com/watch?v=f7pyhn9ic9i Presentation Overview 1. The Cyber Evolution 2.
More informationCyber Risks & Insurance
Cyber Risks & Insurance Bob Klobe Asst. Vice President & Cyber Security Subject Matter Expert Chubb Specialty Insurance Legal Disclaimer The views, information and content expressed herein are those of
More informationHealthcare Data Breaches: Handle with Care.
Healthcare Data Breaches: Handle with Care November 13, 2012 ID Experts Webinar www.idexpertscorp.com The material presented in this presentation is not intended to provide legal or other expert advice
More informationAPPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London
APPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London SECTION I. GENERAL INFORMATION 1. Name of Applicant: Physical Address: (as it should appear
More informationCyber Risk Mitigation
Cyber Risk Mitigation Eide Bailly Howalt + McDowell Insurance Introduction Meet your presenters Eric Pulse Risk Advisory Director 20 years in the public accounting and consulting industry providing information
More informationEvaluating Your Company s Data Protection & Recovery Plan
Evaluating Your Company s Data Protection & Recovery Plan CBIA Cybersecurity Webinar Series 11AM 12PM Part V. Presented by: Stewart Tosh Charles Bellingrath Date: December 7, 2017 Today s presenters Stewart
More informationNZI LIABILITY CYBER. Are you protected?
NZI LIABILITY CYBER Are you protected? Any business that operates online is vulnerable to cyber attacks and data breaches. From viruses and hackers to employee error and system damage, your business is
More informationPRIVACY AND CYBER SECURITY
PRIVACY AND CYBER SECURITY Presented by: Joe Marra, Senior Account Executive/Producer Stoya Corcoran, Assistant Vice President Presented to: CIFFA Members September 20, 2017 1 Disclaimer The information
More informationCyber Enhancement Endorsement
Cyber Enhancement Endorsement What is Cyber Risk? Why should I buy Cyber Risk insurance? What is the cost? Why should I buy Great American s product? Who do I contact to learn more about Cyber Risk Insurance?
More informationSTEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH
STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH 2 THE CYBER AND DATA RISK TO YOUR BUSINESS This digital guide will help you find out more about the potential cyber and data risks to your business,
More informationA GUIDE TO CYBER RISKS COVER
A GUIDE TO CYBER RISKS COVER Cyber risk the daily business threat to SMEs Cyber risks and data security breaches are a daily threat to everyday business. Less than 10% of UK companies have cyber insurance
More informationClaims Made Basis. Underwritten by Underwriters at Lloyd s, London
APPLICATION for: NetGuard Plus Claims Made Basis. Underwritten by Underwriters at Lloyd s, London tice: The Policy for which this Application is made applies only to Claims made against any of the Insureds
More informationCyber Risk Proposal Form
Cyber Risk Proposal Form Company or trading name Address Postcode Country Telephone Email Website Date business established Number of employees Do you have a Chief Privacy Officer (or Chief Information
More informationCyber Risk & Insurance
Cyber Risk & Insurance Digitalization in Insurance a Threat or an Opportunity Beirut, 3 & 4 May 2017 Alexander Blom - AIG 1 Today s Cyber Presentation Cyber risks insights from an insurance perspective
More informationCyber a risk on the rise. Digitalization Conference Beirut, 4 May 2017 Fabian Willi, Cyber Risk Reinsurance Specialist
Cyber a risk on the rise Digitalization Conference Beirut, 4 May 2017 Fabian Willi, Cyber Risk Reinsurance Specialist Cyber data breaches reaching a new level 1 000 000 000 Source: http://money.cnn.com/2016/09/22/technology/yahoo-data-breach/
More informationCyber Risk Insurance. Frequently Asked Questions
Cyber Risk Insurance Frequently Asked Questions Frequently Asked Questions What is Cyber Risk? Why should I buy Cyber Risk Insurance? What is the cost? Who is Great American Insurance? Why should I buy
More informationInsuring! Agreement Claim! Scenario Coverage! Response Network &! Information! Security Liability A hacker successfully obtains sensitive, personal information from the insured s computer system. As a
More informationAt the Heart of Cyber Risk Mitigation
At the Heart of Cyber Risk Mitigation De-risking Cyber Threats with Insurance Vikram Singh Abstract Management of risks is an integral part of the insurance industry. Companies have succeeded in identifying
More informationHEALTHCARE BREACH TRIAGE
IAPP Privacy Academy September 30 October 2, 2013 HEALTHCARE BREACH TRIAGE Theodore P. Augustinos EDWARDS WILDMAN PALMER LLP Kenneth P. Mortensen CVS/CAREMARK 2013 Edwards Wildman Palmer LLP & Edwards
More informationManaging E-Commerce Risks
Managing E-Commerce Risks, Chartered Insurer ACII (UK), CPCU (USA), ARe (USA), ARM (USA), FIII (India). MBA Email: manoj@einsuranceprofessional.com E-Commerce and Risk Management E-Commerce is the delivery
More informationElectronic Commerce and Cyber Risk
Electronic Commerce and Cyber Risk Fifth Third Bank All Rights Reserved Reality and Solutions Objectives for Today What I will cover How banks are changing How the public is changing How the laws are changing
More informationAPPLICATION FOR DATA BREACH AND PRIVACY LIABILITY, DATA BREACH LOSS TO INSURED AND ELECTRONIC MEDIA LIABILITY INSURANCE
Deerfield Insurance Company Evanston Insurance Company Essex Insurance Company Markel American Insurance Company Markel Insurance Company Associated International Insurance Company DataBreach SM APPLICATION
More informationCyber ERM Proposal Form
Cyber ERM Proposal Form This document allows Chubb to gather the needed information to assess the risks related to the information systems of the prospective insured. Please note that completing this proposal
More information2018 Cyber & Tech Liability Risk Transfer Update Part 2
2018 Cyber & Tech Liability Risk Transfer Update Part 2 For: PARMA February 15, 2018 (Revised 2.19.2018) Copy of handout at www./parma2.pdf By: Robert J. Marshburn, CRM, CIC, ARM, CRIS, CISC, CCIP R. J.
More informationInsurance Requirement Provisions in Technology Contracts: Mitigating Risk, Maximizing Coverage
Presenting a live 90-minute webinar with interactive Q&A Insurance Requirement Provisions in Technology Contracts: Mitigating Risk, Maximizing Coverage THURSDAY, OCTOBER 5, 2017 1pm Eastern 12pm Central
More informationBusiness Associate Risk
Business Associate Risk Assessing and Managing Business Associate Risk Presented by CJ Wolf, MD, COC, CPC, CHC, CCEP, CIA Healthicity Senior Compliance Executive Disclaimer: Nothing in this presentation
More informationLargest Risk for Public Pension Plans (Other Than Funding) Cybersecurity
Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity 2017 Public Safety Employees Pension & Benefits Conference Ronald A. King (517) 318-3015 rking@ I am convinced that there are only
More informationCyber Security Liability:
www.mcgrathinsurance.com Cyber Security Liability: How to protect your business from a cyber security threat or breach. 01001101011000110100011101110010011000010111010001101000001000000100100101101110011100110111
More informationDetermining Whether You Are a Business Associate
The HIPAApotamus in the Room: When Lawyers and Law Firms are Subject to HIPAA Enforcement, And How to Comply with the Law by Leslie R. Isaacman, J.D., M.B.A. The Omnibus Final Rule 1 of the Health Information
More informationCyber Risk Insurance Policy Application
5 W. Hargett Street, 4th Floor, Raleigh, NC 27601 Fax: (919) 834-7039 Email: Underwriting@SuretyOne.org Cyber Risk Insurance Policy Application INSURING AGREEMENT I.B. OF THIS POLICY IS WRITTEN ON A CLAIMS
More informationCyber breaches: are you prepared?
Cyber breaches: are you prepared? Presented by Michael Gapes, Partner Overview What is cyber crime? What are the risks and impacts to your business if you are a target? What are your responsibilities do
More informationACORD 834 (2014/12) - Cyber and Privacy Coverage Section
ACORD 834 (2014/12) - Cyber and Privacy Coverage Section ACORD 834, Cyber and Privacy Coverage Section, is used to apply for cyber and privacy coverage. The form was designed to be used in conjunction
More informationTHE HARTFORD CYBERCHOICE 2.09 SM
THE HARTFORD CYBERCHOICE 2.09 SM CYBER AND TECHNOLOGY RISK AND LIABILITY INSURANCE (INSURER NAME) NOTICE: THE LIABILITY COVERAGE PARTS SCHEDULED IN ITEM 5 OF THE DECLARATIONS PROVIDE CLAIMS MADE COVERAGE.
More informationCybersecurity Privacy and Network Security and Risk Mitigation
Ask the Experts at fi360 2016 Cybersecurity Privacy and Network Security and Risk Mitigation Gary Sutherland, NAPLIA CEO Brian Edelman, Financial Computer Inc. CEO Paul Smith, AIF NAPLIA SVP SEC s 1st
More informationCyber Liability Insurance for Sports Organizations
Cyber Liability Insurance for Sports Organizations The biggest threat to your organization or club isn t a loss of funds. It s a loss of data. From online sign-ups and payment systems to social media
More informationWhat is a privacy breach / security breach?
What is a breach? What is a privacy breach / security breach? Privacy breach Computer security breach: The theft, loss or unauthorized disclosure of personally identifiable non-public information (PII)
More informationYou ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017
You ve been hacked Riekie Gordon & Roger Truebody & Alexandra Schudel Why should you care? U$4.6 - U$121 billion - Lloyds U$45 billion not covered 2 The plot thickens 2016 Barkly Survey: It s a business
More informationSchool District of Palm Beach County
PALM BEACH COUNTY SCHOOL DISTRICT WIRELESS HOTSPOT (Wi-Fi) TERMS OF SERVICE and ACCEPTABLE USE AGREEMENT 1. Purpose The purpose of this Agreement is to set forth terms and conditions, as well as standards
More informationTechnology E&O, Cyber and Privacy Insurance
ACE American Insurance Company 436 Walnut St. Philadelphia, PA 19106 Chubb Digitech Enterprise Risk Management Policy Technology E&O, Cyber and Privacy Insurance Short Form Application NOTICE NOTICE: THE
More informationRIMS Cyber Presentation
RIMS Cyber Presentation Forrest Pace Cyber & Strategic Risk Leader South Zone AIG Property Casualty Forrest.Pace@aig.com 1 Bio Forrest Pace is the Cyber and Strategic Risk Leader for the South Zone, coordinating
More informationYour defence toolkit. How to combat the cyber threat
Your defence toolkit How to combat the cyber threat Contents The threat of cyber crime 4 How UK businesses are targeted 6 Case studies 8 Why cyber security is so important to manufacturers now 10 The
More informationCyber Risk Management
Cyber Risk Management Privacy & Data Protection Agenda 2 Introductions Risk Management 101 Defining & Quantifying a Breach Prevention, Mitigation & Transfer Strategies Finance Strategy- Cyber Insurance
More informationPAI Secure Program Guide
PAI Secure Program Guide A complete guide to understanding the Payment Card Industry Data Security Requirements (PCI DSS) and utilizing the PAI Secure Program Welcome to PAI Secure, a unique 4-step PCI-DSS
More informationCyber Liability Insurance. Data Security, Privacy and Multimedia Protection
Cyber Liability Insurance Data Security, Privacy and Multimedia Protection Cyber Liability Insurance Data Security, Privacy and Multimedia Protection What is a Cyber Risk? Technology is advancing at such
More informationChubb Cyber Enterprise Risk Management
Chubb Cyber Enterprise Risk Management Fact Sheet Financial Lines Chubb Cyber Enterprise Risk Management When it comes to a data security breach or privacy loss, it isn t a matter of if it will happen
More informationHIPAA AND ONLINE BACKUP WHAT YOU NEED TO KNOW ABOUT
WHAT YOU NEED TO KNOW ABOUT HIPAA AND ONLINE BACKUP Learn more about how KeepItSafe can help to reduce costs, save time, and provide compliance for online backup, disaster recovery-as-a-service, mobile
More informationHIPAA / HITECH. Ed Massey Affiliated Marketing Group
HIPAA / HITECH Agent Understanding And Compliance Presented By: Ed Massey Affiliated Marketing Group It s The Law On February 17, 2010 the Health Information Technology for Economic and Clinical Health
More informationProtecting Against the High Cost of Cyberfraud
Protecting Against the High Cost of Cyberfraud THE ROLE OF CYBER LIABILITY INSURANCE IN YOUR RISK MANAGEMENT STRATEGY Paying the Price...2 The Ransomware Scourge...3 Policy Provisions...3 Management Liability...4
More informationARE YOU HIP WITH HIPAA?
ARE YOU HIP WITH HIPAA? Scott C. Thompson 214.651.5075 scott.thompson@haynesboone.com February 11, 2016 HIPAA SECURITY WHY SHOULD I CARE? Health plan fined $1.2 million for HIPAA breach. Health plan fined
More informationCYBER LIABILITY REINSURANCE SOLUTIONS
CYBER LIABILITY REINSURANCE SOLUTIONS CYBER STRONG. CYBER STRONG. State-of-the-Art Protection for Growing Cyber Risks Businesses of all sizes and in every industry are experiencing an increase in cyber
More informationCyber Insurance for Lawyers
Cyber Insurance for Lawyers Learn What Most People Don t Know About a Cyber Insurance Policy Cyber Crime Trends NAS Cybercrime 2017 Claims Analysis Report 1 in 4 Claims Exceeding $200,000 Average Cybercrime
More informationMEDIATECH INSURANCE APPLICATION THIS APPLICATION IS FOR A CLAIMS MADE POLICY PLEASE INDICATE WHICH COVERAGES ARE REQUIRED Technology and Professional
THIS APPLICATION IS FOR A CLAIMS MADE POLICY PLEASE INDICATE WHICH COVERAGES ARE REQUIRED Technology and Professional Services: $100,000 $250,000 $500,000 $1,000,000 $2,000,000 Other:$ Technology Product
More informationCyber Risks & Cyber Insurance
Cyber Risks & Cyber Insurance Terry Quested Executive Director Associated Risk Managers of Ohio Darren Faye Vice President Leonard Insurance / Assured Partners Legal Disclaimer The views, information and
More informationDirectors & Officers Insurance 101
Directors & Officers Insurance 101 The outlines of coverage used throughout this presentation are not intended to express any legal opinion as to the nature of coverage. They are only intended to provide
More informationHOW TO INSURE CYBER RISKS? Oulu Industry Summit
HOW TO INSURE CYBER RISKS? Oulu Industry Summit 2017 6.10.2017 Panu Peltomäki Liability and Financial Lines Practice Leader Marsh Oy Marsh A Leader in Quality, Scope, and Scale GLOBAL RISKS OF CONCERN
More informationDoes the Applicant provide data processing, storage or hosting services to third parties? Yes No
BEAZLEY BREACH RESPONSE APPLICATION NOTICE: THIS POLICY S LIABILITY INSURING AGREEMENTS PROVIDE COVERAGE ON A CLAIMS MADE AND REPORTED BASIS AND APPLY ONLY TO CLAIMS FIRST MADE AGAINST THE INSURED DURING
More informationLIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE
I N S U R A N C E a g a i n s t c y b e r r i s k s After "prevention", risk covering is always the next step. Good insurance policies have the substantial merit allowing people to progress, even choosing
More informationCyber Exposures: The Importance of Risk Identification and Transfer. Presented By: Joe Weipert
Cyber Exposures: The Importance of Risk Identification and Transfer Presented By: Joe Weipert The Complexity of Cyber Risk and its Severity My Goal Today: Getting Your Attention in 30 Minutes Average Claim
More informationINFORMATION AND CYBER SECURITY POLICY V1.1
Future Generali 1 INFORMATION AND CYBER SECURITY V1.1 Future Generali 2 Revision History Revision / Version No. 1.0 1.1 Rollout Date Location of change 14-07- 2017 Mumbai 25.04.20 18 Thane Changed by Original
More informationIS YOUR CYBER LIABILITY INSURANCE ANY GOOD? A GUIDE FOR BANKS TO EVALUATE THEIR CYBER LIABILITY INSURANCE COVERAGE
IS YOUR CYBER LIABILITY INSURANCE ANY GOOD? A GUIDE FOR BANKS TO EVALUATE THEIR CYBER LIABILITY INSURANCE COVERAGE THOMAS H. BENTZ, JR.* I. INTRODUCTION The last several years have taught many banks that
More informationAn Overview of Cyber Insurance at AIG
An Overview of Cyber Insurance at AIG Michael Lee, MBA Cyber Business Development Manager AIG 2018 Brittney Mishler, ARM Cyber Casualty Underwriting Specialist AIG Cyber Insurance It s a peril, not a product
More informationUnderstanding Cyber Risk in the Dental Office. Melissa Moore Sanchez, CIC
Understanding Cyber Risk in the Dental Office Melissa Moore Sanchez, CIC Data Breaches are Escalating Between February 5, 2005 and May 26, 2012 561,465,563 records containing sensitive personal information
More informationHEALTHCARE INDUSTRY SESSION CYBER IND 011
HEALTHCARE INDUSTRY SESSION CYBER IND 011 Speakers: Jody Westby, Chief Executive Officer, Global Cyber Risk René Siemens, Partner, Covington & Burling LLP Brent Rieth, Senior Vice President and Team Leader,
More informationCYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING
CYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING 2015 Verizon Data Breach Report 79,790 security incidents 2,122 confirmed data breaches Top industries affected: Public, Information,
More informationWe re Under Cyberattack Now What?! John Mullen, Partner/Co-founder, Mullen Coughlin Jason Bucher, Senior Underwriting Manager, Schinnerer Cyber
We re Under Cyberattack Now What?! John Mullen, Partner/Co-founder, Mullen Coughlin Jason Bucher, Senior Underwriting Manager, Schinnerer Cyber Protection Data Creates Duties What data do you access, and
More informationCyberinsurance: Necessary, Expensive and Confusing as Hell. Presenters: Sharon Nelson and Judy Selby
Cyberinsurance: Necessary, Expensive and Confusing as Hell Presenters: Sharon Nelson and Judy Selby Setting the stage 2018 report from PwC one-third of US businesses have some form of cyberinsurance PwC
More informationFraud and Cyber Insurance Discussion. Will Carlin Ashley Bauer
Fraud and Cyber Insurance Discussion Will Carlin Ashley Bauer Why is it Important to Remain Vigilant? Fraud does not discriminate it occurs everywhere, and no organization is immune The changing business
More informationAdd our expertise to yours Protection from the consequences of cyber risks
CyberEdge THIS INFORMATION IS INTENDED FOR INSURANCE BROKERS AND OTHER INSURANCE PROFESSIONALS ONLY Add our expertise to yours Protection from the consequences of cyber risks What is CyberEdge? 2 CyberEdge
More informationDeluxe Provent SM : Protecting against expanded threats. Providing for expanded opportunities.
Deluxe Provent SM : Protecting against expanded threats. Providing for expanded opportunities. deluxe growth services introduction Identity thieves are extending beyond credit relationships and are more
More informationTERMS AND CONDITIONS OF USE
TERMS AND CONDITIONS OF USE Thank you for visiting the Society of Actuaries ( SOA ) Web site. Please be aware that visitors are subject to the following Terms and Conditions of Use (these Terms ) established
More informationCYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY
CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY Agenda Threat Landscape and Trends Breach Response Process Pitfalls and Critical Points BBR Services Breach Prevention
More informationIDENTITY THEFT COVERAGE ON INSURANCE POLICIES SPONSORED BY
IDENTITY THEFT COVERAGE ON INSURANCE POLICIES SPONSORED BY Slide 1 Identity Theft Coverage on Insurance Policies November 8, 2013 Slide 2 What s the big deal? Slide 3 PII Personally Identifiable Information
More informationThe Impact of Final Omnibus HIPAA/HITECH Rules. Presented by Eileen Coyne Clark Niki McCoy September 19, 2013
The Impact of Final Omnibus HIPAA/HITECH Rules Presented by Eileen Coyne Clark Niki McCoy September 19, 2013 0 Disclaimer The material in this presentation is not meant to be construed as legal advice
More informationHIPAA in the Digital Age. Anisa Kelley and Rachel Procopio Maryan Rawls Law Group Fairfax, Virginia
HIPAA in the Digital Age Anisa Kelley and Rachel Procopio Maryan Rawls Law Group Fairfax, Virginia Virginia MGMA reminds attendees that the program is not intended to provide legal advice and advises participants
More informationErrors and Omissions, Media and Privacy (EMP) Claims Examples
Errors and Omissions, Media and Privacy (EMP) Claims Examples Errors and Omissions A management consulting firm specializing in efficiency consulting was hired to reduce the cost of distribution for a
More informationACCESS TO ELECTRONIC HEALTH RECORDS AGREEMENT WITH THE DOCTORS CLINIC, PART OF FRANCISCAN MEDICAL GROUP
ACCESS TO ELECTRONIC HEALTH RECORDS AGREEMENT WITH THE DOCTORS CLINIC, PART OF FRANCISCAN MEDICAL GROUP and THIS AGREEMENT ( Agreement ) is made and entered into this day of, 20, by and between The Doctors
More informationCybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do
ARTICLE Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do By Gene Griggs and Saad Gul This article analyzes cybersecurity issues for retirement plans. Introduction
More informationPreparing for a HIPAA Audit & Hot Topics in Health Care Reform
Preparing for a HIPAA Audit & Hot Topics in Health Care Reform 2013 San Francisco Mid-Sized Retirement & Healthcare Plan Management Conference March 17-20, 2013 Elizabeth Loh, Esq. Copyright Trucker Huss,
More informationConditions Of Use Disclaimer
Conditions Of Use Conditions Of Use Disclaimer By using this material, you acknowledge your assent to the following conditions of use without limitation or qualification. Please read these conditions carefully
More informationaustralia Canada ireland israel united kingdom United states Rest of world cfcunderwriting.com
australia Canada ireland israel united kingdom United states Rest of world CYBER PRIVATE ENTERPRISE policy document cfcunderwriting.com 1 PREAMBLE This Policy is a contract of insurance between you and
More informationCyber Security Insurance Proposal Form
Cyber Security Insurance Proposal Form This proposal must be completed and signed by a Principal, Partner or Director of the Proposer. The person completing and signing the form should be authorised by
More informationU.S. Eagle Federal Credit Union Mobile Banking Agreement
U.S. Eagle Federal Credit Union Mobile Banking Agreement Please read these Agreements carefully before accessing or using this service. By accessing or using the service, you agree to be bound by the terms
More informationCyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April Cyber Risks Advisor
Cyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April 2013 Cyber Risks Advisor 1 Contents Information Age Directive On Network and Information Security
More informationUniversity Data Policies
BACKGROUND Data are valuable institutional assets of Washington State University. Data policies are needed to ensure that these resources are carefully managed, maintained, protected, and used appropriately.
More informationHIPAA AND YOU 2017 G E R A L D E MELTZER, MD MSHA
HIPAA AND YOU 2017 G E R A L D E MELTZER, MD MSHA ALLISON SHUREN, J D, MSN Financial Disclosure Gerald Meltzer is a consultant for imedicware Allison Shuren co-chairs the Life Sciences and Healthcare Regulatory
More informationH E A L T H C A R E L A W U P D A T E
L O U I S V I L L E. K Y S E P T E M B E R 2 0 0 9 H E A L T H C A R E L A W U P D A T E L E X I N G T O N. K Y B O W L I N G G R E E N. K Y N E W A L B A N Y. I N N A S H V I L L E. T N M E M P H I S.
More informationDEBUNKING MYTHS FOR CYBER INSURANCE
SESSION ID: GRC-F02 DEBUNKING MYTHS FOR CYBER INSURANCE Robert Jones Global Head of Financial Lines Specialty Claims AIG Garin Pace Cyber Product Leader AIG @Garin_Pace Introduction What Is Cyber Insurance?
More informationData Security Addendum for inclusion in the Contract between George Mason University (the University ) and the Selected Firm/Vendor
Data Security Addendum for inclusion in the Contract between George Mason University (the University ) and the Selected Firm/Vendor This Addendum is applicable only in those situations where the Selected
More information