Cyber Security & Insurance Solution Karachi, Pakistan

Similar documents
Cyber & Privacy Liability and Technology E&0

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

NZI LIABILITY CYBER. Are you protected?

Cyber Risks & Insurance

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

Cyber breaches: are you prepared?

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

Cyber Risks & Cyber Insurance

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

Cyber Risk & Insurance

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

Cyber-Insurance: Fraud, Waste or Abuse?

Cyber Liability A New Must Have Coverage for Your Soccer Organization

Your defence toolkit. How to combat the cyber threat

PRIVACY AND CYBER SECURITY

Chubb Cyber Enterprise Risk Management

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

Cyber Risk Management

Cyber Enhancement Endorsement


Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity

At the Heart of Cyber Risk Mitigation

Cyber Risk Mitigation

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

Cyber Security Liability:

Insuring your online world, even when you re offline. Masterpiece Cyber Protection

Cyber Insurance for Lawyers

Tech and Cyber Claims Services

Add our expertise to yours Protection from the consequences of cyber risks

Cyber Risk Insurance. Frequently Asked Questions

An Overview of Cyber Insurance at AIG

HOW TO INSURE CYBER RISKS? Oulu Industry Summit

Privacy and Data Breach Protection Modular application form

Cyber, Data Risk and Media Insurance Application form

Protecting Against the High Cost of Cyberfraud

THE GENERAL DATA PROTECTION REGULATION

CYBER INSURANCE IN IF - with a touch of Casualty - August 18 th 2017 Kristine Birk Wagner

Cyber Insurance I don t think it means what you think it means

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

CYBER LIABILITY INSURANCE: CLAIMS ISSUES AND TRENDS THAT AUDITORS NEED TO KNOW

Cyber a risk on the rise. Digitalization Conference Beirut, 4 May 2017 Fabian Willi, Cyber Risk Reinsurance Specialist

DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY

Evaluating Your Company s Data Protection & Recovery Plan

A FRAMEWORK FOR MANAGING CYBER RISK APRIL 2015

Cyberinsurance: Necessary, Expensive and Confusing as Hell. Presenters: Sharon Nelson and Judy Selby

Managing E-Commerce Risks

Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

DATA COMPROMISE COVERAGE FORM

Cyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April Cyber Risks Advisor

CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY

A GUIDE TO CYBER RISKS COVER

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

Bank of America Merrill Lynch Future of Financials Conference 2018

CYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING

Fraud and Cyber Insurance Discussion. Will Carlin Ashley Bauer

Electronic Commerce and Cyber Risk

STEPPING INTO THE BREACH A GUIDE TO CYBER AND DATA INSURANCE

HEALTHCARE INDUSTRY SESSION CYBER IND 011

Personal Information Protection Act Breach Reporting Guide

Professional Indemnity and Cyber Insurance for Technology Companies Summary of cover

CYBER AND INFORMATION SECURITY COVERAGE APPLICATION

Summary of Form Changes e-md /MEDEFENSE Plus Insurance Policy (from version P1818CE-0115 to P1818CE-0716)

Vaco Cyber Security Panel

Cybersecurity Insurance: New Risks and New Challenges

Cyber insurance: The next frontier. Cyber insurance the next frontier

When The Wind Blows: Renewable Energy Risk Management Strategies

Solving Cyber Risk. Security Metrics and Insurance. Jason Christopher March 2017

Crawford Cyber Risk Services. A definitive solution for cyber-related events

APPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

Cyber Risk. October 2017

ConSept: Policy Highlights: Other Coverage Features

Property business interruption Policy wording

Aon Cyber Risk and Directors & Officers Forum CRM011

DEBUNKING MYTHS FOR CYBER INSURANCE

Year-end 2016 fraud update: Payment cards, remote banking and cheque

MANAGING DATA BREACH

australia Canada ireland israel united kingdom United states Rest of world cfcunderwriting.com

RIMS Cyber Presentation

A broker guide to selling cyber insurance. CyberEdge Sales Playbook

Cyber Liability Insurance for Sports Organizations

Case 2:15-cv Document 1 Filed 12/08/15 Page 1 of 15 UNITED STATES DISTRICT COURT FOR THE WESTERN DISTRICT OF WASHINGTON AT SEATTLE JUDGMENT

Property business interruption (technology) Policy wording

Insurance Requirement Provisions in Technology Contracts: Mitigating Risk, Maximizing Coverage

Terms and Conditions Cyber Enterprise Risk Management Insurance

Invas ion of Privacy, Hacking and Intellectual Property Claims : Are You Covered?

Whitepaper: Cyber Liability Insurance Overview

What is a privacy breach / security breach?

2015 EMEA Cyber Impact Report

Understanding Cyber Risk in the Dental Office. Melissa Moore Sanchez, CIC

Professional indemnity for chartered accountants Policy wording

Cyber Risks A Reinsurer s Perspective on Exposure & Claims. EMEA Claims Conference 2018, Rüschlikon, 6th 7th March, Anthony Cordonnier

Healthcare Data Breaches: Handle with Care.

Cyber Risk Proposal Form

FM Global. First-Party Property Cyber Coverage

Crawford & Company (Canada) Inc. Cyber Loss Management Program

ProtoType 2.0 Manufacturing E&O with CyberInfusion

MEASURING & PRICING THE COST DRIVERS OF A CYBER SECURITY RISK EVENT

Cyber Liability: New Exposures

Cyber Liability Launch Event Moscow

CYBER INSURANCE GUIDE

Transcription:

March 2017 Cyber Security & Insurance Solution Karachi, Pakistan Ram Garg CFA, MBA Financial & Casualty Line J B Boda & Co (Singapore) Pte Ltd Karachi Insurance Institute

Agenda Cyber Risk - Background Cyber Exposure Cyber Insurance Solution Claim Trend

There are only two types of companies: those that have been hacked and those that will be Robert Mueller Director, FBI

We are in a day when a person can commit about 15,000 bank robberies sitting in their basement Robert Anderson Executive Assistance Director, FBI s Criminal Cyber Response and Services Branch

IF SOPHISTICATED ORGANIZATIONS SUCH AS THESE CAN HAVE A BREACH Amazon.com AT&T Bell Canada Cisco Systems Facebook Wells Fargo Research in Motion Nortel SONY IBM

DO ANYONE CLAIMTHAT THEIR IT SECURITY PROTOCOLS MAKES THEM UNTOUCHABLE?

What is Cyber Crime? Wikipedia definition: Cybercrime, or computer crime, is crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target

Cyber Environment Growing digital data and its connectivity with outside world Mobile apps Automated systems Social media Cloud computing Companies are collecting, storing and processing large amount of data of all kinds Increasing reliance on technology and connectivity leads to increasing Cyber exposure for all kinds of organisations

Source of Cyber Loss State sponsored Criminals Hacktivism.. For Fun.. Rogue employee Human error

Types of Cyber Attacks Malware Code exploits.. Ransomware.. Spear-phishing.. DOS attack Unauthorized access

Cyber Risk Root cause of Data Breach Human error, 25% Malicious or criminal attack, 48% System glitch, 27% Source: 2016 Cost of Data Breach Study: Global Analysis (IBM & Ponemon Institute LLC)

Cost of a Breach Personnel Costs Staff time to research and collect information to measure the scope of the incident; executive time with legal counsel Post incident Costs Media, investor relations, call centre, forensics, repairs, credit monitoring Legal Costs Regulators, liability assessment, defence, damages Lost Revenue Lost customers, lost opportunity costs

Malware Threats Pakistan is 1 st in position

CIOs face a shortage of skills, lack of metrics and strategy Board of Directors Security Maturity Stakeholders Compliance Mandates Industry Standards 49 % of IT executives have no measure of security effectiveness 2012 Forrester Research Study 31 % of IT professionals have no risk strategy 2013 Global Reputational Risk & IT Study, IBM 83 % of enterprises have difficulty finding the security skills they need 2012 ESG Research

Pakistan Emergency Readiness FIA Established National Response Centre For Cyber Crime (NR3C-FIA) as a is a law enforcement agency in Pakistan http://www.nr3c.gov.pk The National Assembly (NA) passed the Prevention of Electronic Crimes Bill (PECB) 2015

Cyber Insurance Market Cyber Insurance market is projected to be $2.5b globally Cyber growing annually by more than 25%+ Cyber market could be up to $20b by 2020 Most countries in Asia are developing their local data protection legislation

Cyber Insurance First Party Loss First Party Network business interruption Intangible property Loss of Digital Assets Crisis Management costs Cyber Extortion Loss of income and extra expense resulting from a total or partial failure of by DOS, malicious code, unauthorized access/use to computer system Costs to restore or recreate data or software resulting from network security failure Expenses & costs incurred resulting from damage, alteration, theft, digital assets caused by DOS, malicious code, unauthorized access/use to Legal costs to comply with privacy regulations, credit monitoring, PR, costs, resulting from a security data breach, privacy breach or breach of Extortion expenses and monies paid resulting from a threat to destroy or assets which are acquired by unauthorized access

Cyber Insurance 3 rd Party Loss Third Party Litigation and regulatory Regulatory response Notification costs Crisis management Covers the costs associated with civil lawsuits, judgments, settlements or penalties resulting from a cyber event. Covers the legal, technical or forensic services necessary to assist the policyholder in responding to governmental inquiries relating to a cyber attack, and provides coverage for fines, penalties, investigations or other regulatory actions Covers the costs to notify customers, employees or other victims affected by a cyber event, including notice required by law Covers crisis management and public relations expenses incurred to educate customers concerning a cyber event and the policyholder s response, including the cost of advertising for this purpose. Continue..

Cyber Insurance 3 rd Party Loss..Continue Third Party Credit monitoring Media liability Privacy liability Covers the costs of credit monitoring, fraud monitoring or other related services to customers or employees affected by a cyber event. Provides coverage for media liability, including coverage for copyright, trademark or service mark infringement resulting from online publication by the insured. Provides coverage for liability to employees or customers for a breach of privacy

Covering Insurance Gaps with Cyber Insurance Slide courtesy of AIG HK

Covering Insurance Gaps with Cyber Insurance Slide courtesy of AIG HK

Cyber Insurance Typical Exclusions Retroactive Date: No cover for events/circumstances/viruses that happened before the retroactive date Inception Date: No cover for claim or any acts, facts, or circumstances that happened before the inception date, if the Insured knew or could have reasonably foreseen Bodily Injury Property Damage: No cover for hardware, but restorage expense for data and computer programs that exists in computer system is covered Failure in power, telecommunications other infrastructure: No cover for infrastructure failure unless under the Insured s operational control Continue..

Cyber Insurance Typical Exclusions Continue NAT CAT or any other physical event Act of Terrorism, war, invasion Fine or Penalty arising out of Payment Card Industry Standard/Payment Card Company Rules Infringement of any patent or trade secret by Insured, Insured former employee Unlawful collection of personally identifiable non public information by Insured Theft, Loss of unencrypted Lap tops and mobiles

Sector wise demand growth Source: CYBER LIABILITY INSURANCE MARKET TRENDS: SURVEY 2014 Sponsor by PartnerRe

Most vulnerable industries in Asia Within Asia, FireEye Labs identified the following industries as having experienced advanced persistent cyber-attacks during 2013, in order: Financial Services Government (Federal) High-Tech Chemicals / Manufacturing / Mining Services / Consulting Higher Education Telecom (Internet, Phone and Cable) Energy / Utilities / Petroleum Entertainment / Media State and Local Government

Client considerations Adequate Limits Coverage priority Peer benchmarking Selfretention Budget Client consideration Other policy consideration

CYBER CLAIM TREND (Worldwide)

Loss Example Third party fraud Impersonation Loss amount: US$ 3,500,000 Insured s industry: Hotel Country: Mauritius Date: Mar 2016 Description: fraud was committed by persons whose identities are still unknown fraud was perpetrated through devious electronic means, impersonation resulting in two transfers to foreign bank

Loss Example Third party fraud Phishing attack Loss amount: US$ 2,000,000 Insured s industry: Banks Country: Taiwan Date: 2016 Description: GIC of India became victim of 'phishing' attack and lost $1.1 million A fake email purportedly from the GIC Re Chief Managing Director (CMD) AK Roy was send by the fraudsters to the company s Dubai office, directing it to make a payment of $ 1.1 million to an American entity for reinsurance transaction. And the concerned official at Dubai branch made the payment.

Loss Example Third party fraud ATM malware heist Loss amount: US$ 2,000,000 Insured s industry: Banks Country: Taiwan Date: 2016 Description: Taiwan investigators suspect two Russian nationals hacked into a major domestic bank's ATMs last weekend, using malware to withdraw more than $2 million from dozens of machines in the country's first recorded case of its kind. Combining cybercrime with daylight robbery after a typhoon battered greater Taipei, the suspects may have used a cellphone to trigger 41 First Bank ATMs to dispense fat wads of bills

Loss Example Third party fraud Hacking attack Loss amount: NIL Insured s industry: Banks Country: Sri Lanka Date: 2016 Description: Commercial Bank of Ceylon has released a statement admitting that a "hacking attack" on its website resulted in a successful intrusion - however, it maintained that no customer data has been compromised.

Loss Example Third party fraud Data breach Loss amount: Not Known Insured s industry: Banks Country: India Date: 2016 Description: The breach is thought to have been caused by malware on an ATM network A number of major Indian banks took safety measures amid fears that the security of more than 3.2 million debit cards has been compromised.

Loss Example Third party fraud Hacking Loss amount: No Insured s industry: Banks Country: India Date: Oct, 2016 Description: Axis Bank suffers cyber attack Upon information from an international network, Axis Bank team looked into the bank s servers, it found out that there was indeed an unauthorized login by an unnamed, offshore hacker.

Loss News in Asia

Loss News in Asia

Loss News in Asia

Loss News in Asia

Thanks Ram Garg DID: +65-6309 1158 Mobile: +65-8322 9962 E-mail: ram@jbboda.com.sg

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback