Crawford Cyber Risk Services. A definitive solution for cyber-related events

Similar documents
Crawford & Company. Total Property Solution

Crawford & Company (Canada) Inc. Cyber Loss Management Program

Cyber & Privacy Liability and Technology E&0

Crawford & Company (Canada) Inc. Cyber Loss Management Program

At the Heart of Cyber Risk Mitigation

A GUIDE TO CYBER RISKS COVER

FM Global. First-Party Property Cyber Coverage


Cyber breaches: are you prepared?

HOW TO INSURE CYBER RISKS? Oulu Industry Summit

NZI LIABILITY CYBER. Are you protected?

Add our expertise to yours Protection from the consequences of cyber risks

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

Your defence toolkit. How to combat the cyber threat

Cyber Security Liability:

An Overview of Cyber Insurance at AIG

Insuring your online world, even when you re offline. Masterpiece Cyber Protection

Cyber Enhancement Endorsement

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

Cyber Risk Insurance. Frequently Asked Questions

The golden rules of captive claims management for global corporate companies

Cyber Security & Insurance Solution Karachi, Pakistan

Crawford & Company (Canada) Inc. Crawford s Transportation & Cargo Service Solution

Chubb Cyber Enterprise Risk Management

Cyber Risk & Insurance

Cyber Risks & Insurance

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

A FRAMEWORK FOR MANAGING CYBER RISK APRIL 2015

Streamline and integrate your claims processing

Healthcare Data Breaches: Handle with Care.

T A B L E of C O N T E N T S

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

IT Risk in Credit Unions - Thematic Review Findings

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

Protecting Against the High Cost of Cyberfraud

Alternative Investments Advisory Services. kpmg.com

Cyber Liability Launch Event Moscow

Cyber a risk on the rise. Digitalization Conference Beirut, 4 May 2017 Fabian Willi, Cyber Risk Reinsurance Specialist

Cyber Risk Mitigation

red24 Special Risks - Kidnap for Ransom and Extortion Mitigation

Surprisingly, only 40 percent of small and medium-sized enterprises (SMEs) believe their

DEBUNKING MYTHS FOR CYBER INSURANCE

Cyber Liability Insurance for Sports Organizations

PRIVATE CAPITAL ADVISORY SERVICES EXPERTS WITH IMPACT TM

Beazley Financial Institutions

CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY

Cyber-Insurance: Fraud, Waste or Abuse?

CYBER INSURANCE IN IF - with a touch of Casualty - August 18 th 2017 Kristine Birk Wagner

Allianz Global Corporate & Specialty Pacific. Allianz Cyber Protect Premium

INTERNATIONAL ASSOCIATION OF INSURANCE SUPERVISORS

The Internet of Everything: Building Cyber Resilience in a Connected World

When The Wind Blows: Renewable Energy Risk Management Strategies

PRIVACY AND CYBER SECURITY

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

Guidewire ClaimCenter. Adapt and succeed

2015 EMEA Cyber Impact Report

Bank of America Merrill Lynch Future of Financials Conference 2018

Overview. With the property & casualty solution from TCS BaNCS, your insurance firm can gain from:

Cybersecurity Insurance: New Risks and New Challenges

Cyber Insurance I don t think it means what you think it means

Sizing the Standalone Commercial Cyber Insurance Market

Forensic Accounting, Litigation Support and Advisory Services for Law Firms

CYBER AND INFORMATION SECURITY COVERAGE APPLICATION

INFORMATION AND CYBER SECURITY POLICY V1.1

Risk Management Policy and Framework

Electronic Commerce and Cyber Risk

Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity

Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do

Risks and uncertainties facing the business

THE GENERAL DATA PROTECTION REGULATION

Solving Cyber Risk. Security Metrics and Insurance. Jason Christopher March 2017

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

Investment Objective The ARK Web x.0 ETF s ( Fund ) investment objective is long-term growth of capital.

DATA COMPROMISE COVERAGE FORM

Privacy and Data Breach Protection Modular application form

Commercial Insurance >

Data Breach Program Pricing Companies with revenues less than $1,000,000

Key risks and mitigations

Cybersecurity Privacy and Network Security and Risk Mitigation

Commercial Insurance >

Cyber, Data Risk and Media Insurance Application form

ConSept: Policy Highlights: Other Coverage Features

CYBER INSURANCE. Tel No: E Riley Road, Riley Road Office Park, Bedfordview, Gauteng, 2008

Cyber Liability: New Exposures

Cyber insurance: The next frontier. Cyber insurance the next frontier

Vaco Cyber Security Panel

Cyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April Cyber Risks Advisor

H 7789 S T A T E O F R H O D E I S L A N D

DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY

The working roundtable was conducted through two interdisciplinary panel sessions:

2014 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved.

Cyber Liability A New Must Have Coverage for Your Soccer Organization

Evaluating Your Company s Data Protection & Recovery Plan

Cyber Risk Proposal Form

Client Risk Solutions Going beyond insurance. Risk solutions for Real Estate. Start

FRAMEWORK FOR CONSUMER PRIVACY LEGISLATION

Healthcare Industry Key Issues kkk

Transcription:

Crawford Cyber Risk Services A definitive solution for cyber-related events

CYBER-RELATED EVENTS An Increasing Threat Companies in all industries face an increasing threat of a cyber attack and cyber-related events. The event itself and those responsible for it continue to vary in levels of threat and sophistication, but whether from a hobbyist, criminal or terrorist group, the threat is real. As cyber-related events evolve, so does cyber insurance coverage to provide protection for damage caused by human error, malicious attacks, cyber sabotage/extortion, fraud and other unauthorized access to sensitive information. Traditional liability products were originally designed to protect businesses against thirdparty claims for bodily injury and property damage; these types of policies are increasingly subject to exclusions as new exposures emerge. As we understand it today, cyber exposures are largely intangible which makes determining the cause and coverage of cyber risk a significant challenge. Whether or not you choose to purchase separate cyber liability coverage the exposure still exists. Crawford can help you manage this difficult, evolving risk. Criminals/Terrorists Hobbyists 1995 First MS Word based virus 2001 Code red worm attacks White House 2005 Poison Ivy trojan takes control of PCs 2008 Koobface virus spread via social networking sites 2010 Industrial control threat - Stuxnet 2011 First Sony Playstation breach 2012 Heartbleed bug affects billions of users 2013 Target retail breached 2014 Second Sony breach 2015 Substantially heightened awareness by Risk Managers

IT MEGATRENDS Mobile Landscape The increased adoption of mobile platforms is leading to an increasing trend of targeted cybercrimes; this is particularly pertinent to the android system due to its open source nature and app distribution model. NAVIGATING A CHANGING DIGITAL LANDSCAPE The increasing need for cyber coverage stems not only from deliberate acts, but also from the changing landscape of the digital world. From data breaches, intentional or otherwise, to the fines incurred from such breaches, mitigation of these losses are increasingly tricky. Loss of Personal Data/Breach Data can be lost or compromised accidentally for example, by employee negligence, loss of hardware and devices, or network process errors. It can also be lost through intentional system attacks, such as viruses/malware, deliberate staff interference, or hacking. Exposure can be controlled, in part, by taking precautionary measures examples include: monitoring of network and email traffic, controlling data transfer via removable media and installing dynamic virus/malware protection. Organizations must also hold inhouse IT and communications teams accountable for network activity, and strictly control user and administrative privileges. Incurred Fines Significant fines can be incurred for loss of data or breaches allowing access to personal data, the parameters of which are interpreted in varying ways. In the European Union, it is defined as any information relating to an identified or identifiable natural person. Further, certain types of personal data are deemed Special Categories, as their processing would have heightened impact on an individual s privacy. In the United Kingdom, for example, this is data revealing information such as racial/ethnic origins, health data, offenses or court proceedings. In the United States, personally identifiable information includes categories such as a person s first name, middle initial, last name, physical address, contact information and/or financial information. Fines can also be imposed for permanent data loss related to personal data, examples include: costs to the business for notifying data subjects of the loss, purchasing third-party data recovery expertise, and staff to manually recreate lost data. Cyber Security Plan While cyber risks to brand and reputation face all corporations, these risks are especially acute for publicly-traded companies. According to a recent Reuter s article 1 less than half of company boards have the necessary skills to manage the rising threat of cyber-attacks. With four of five respondents, a survey of global investors further suggested they might blacklist businesses that have been hacked. Crawford understands the critical need for a corporation to secure all proper partners in its cyber security plan (insurance, incident manager, legal professionals, and public relations firms). This crucial element also further demonstrates to institutional and non-institutional investors that your corporation s cyber threat is effectively managed. Crawford s Cyber Risk Services addresses this need with the Crawford Incident Manager, an end-to-end solution for Corporations and Insurance Carriers during a cyber event. Bring Your Own Device (BYOD) Revolution Continued Cloud Hacker Groups and Hacktivism High-Profile Data Cybercrime Economy As more and more personal devices are used in the corporate space, ensuring security of data becomes even more challenging. We will see a higher frequency of severity losses (>USD 50M). The increasing use of cloud solutions, particularly the public cloud and on-demand services, means that there is an increased risk of high aggregation losses (both in respect of lost data, fines and penalties and loss of revenues). Advanced online groups will continue to penetrate systems for political reasons or personal gain. As more success is achieved there will be further incidents. Companies that hold sensitive data will be particularly at risk. We are seeing an increasing trend in high profile catastrophe losses through malware infection and hacking. These events result in highly complex losses which are difficult to understand and mitigate. There is a concerning trend regarding the development of cybercrime resources and services under a black economy. This means potentially anyone can have access to cutting-edge hacking tools and know-how to aid criminal activities. 1 Sinead Cruise. (Wed Apr 15, 2015). Company executives poorly placed to handle rising cyber risk: KPMG survey [Reuters.com article] Retrieved from http://www.reuters.com/article/2015/04/15/us-kpmg-cyberpoll-iduskbn0n616f20150415

CRAWFORD CYBER RISK SERVICES An End-to-End Solution for Corporations and Insurance Carriers Every business has the goal to prevent cyber threats before a breach of a network or loss of data occurs but in the event that a threat occurs, having a plan in place is vital. Crawford has the tools to help manage events effectively and minimize the impact on your business or your customer s business. Whatever the event, however complex, wherever in the world, Crawford can have experts on the ground, on the phone, and online instantaneously. Our Cyber End-to-End Solution Model Crawford is the reliable resource needed to ensure that your cyber-related event is handled instantly by the proper experts. IT Forensic CRAWFORD INCIDENT MANAGER The Crawford Incident Manager solution provides a single, end-to-end turnkey solution. Our three core services (First Notice of Loss [FNOL], Public Notifications and Forensic Accounting) are complemented by key strategic partnerships. For more than 70 years, Crawford has been establishing relationships with leading cyber industry specialists. These specialists are contracted to Crawford and available on a 24/7 basis. Each specialist has successfully completed a rigorous due diligence process to confirm their suitability for the role. From regulatory notifications to public relations, we have the capabilities to handle every aspect of a cyber-related event/incident. As the go-to incident manager, the entire event response is seamlessly managed from FNOL to resolution, including benefits such as: Guaranteed crisis management response Global capability Single FNOL center with 200 language capability Specially selected, trained and accredited incident managers Contracted specialists, available 24/7 and preeminent in their fields Our core services are: 1. FNOL 2. Public Notifications 3. Forensic Accounting Forensic Accounting Legal First Notification of Loss CRAWFORD INCIDENT MANAGER Cyber Extortion 1. FNOL The FNOL call sets the tone for the entire claim experience regardless of the type of event. This is especially true during a cyber-related event when details are often vague, losses are likely complicated and the atmosphere is frenetic. As with any 24/7/365 days a year operation, staffing, training and accurate claims intake are challenging for any organization. More and more businesses are realizing the benefits of outsourcing FNOL operations to experienced specialists. Our comprehensive call center follows a regulated process to ensure that even the most complicated claims are handled in the timeliest manner with clearly set goals for each hour and with the highest expertise in cyber-related events. Public Notifications incl. Call Center Public Relations FNOL 5 HOURS 24 HOURS 48 HOURS Regulatory Notifications FNOL 5 HOURS 24 HOURS 48 HOURS Identity Protection 24/7/365 notification Incident Manager appointed First response to Insured Appoint specialists Triage calls with stakeholders Commence investigations Immediate mitigations Policy coverage reviewed Clear action plan emerges Investigations well underway Initial indications emerging Immediate mitigations continuing Regular updates to stakeholders Initial investigations concluding Regular updates to stakeholders continuing Policy coverage view emerging Immediate mitigation work maturing Clear solution plans emerging Blue indicates services performed directly by Crawford. Gray indicates services performed directly by strategic partnerships.

2. Public Notifications Whether a cyber-related event affects one or a million customers, an efficient scalable solution is the best way to protect brand integrity and restore confidence, whether insurance coverage is available or not. Social media enables a cyberrelated event to get quickly out of hand. The ability to access the right resources to respond to a cyber-related event is a unique ability of Crawford. Our goal is to be an extension of our clients customer relations/legal department and provide scalable resources to match the size of the communications needed to respond to customers. Customer intake services Event cause investigation Individual claim investigation and resolution Subrogation demand preparation and support services Loss funding, check issuance and data services Local contact and legislative landscape Report capabilities Customer Intake Services Our web intake service captures the nature of the inquiry directly from the customer. We then have the ability to respond directly to the customer complaint via automated email response, live Help Desk and proactive outreach services. These services can be provided on an overflow or primary basis depending on the needs of the client. Event Cause Investigation We can work with our client and third parties to determine: 1) the source of issue, 2) location and timeframe when customer was affected, 3) pool of potential claimants and 4) likely impact on customers. Individual Claim Investigation and Resolution We enable our clients to work in a positive environment for the customer impacted by an event. We will work to confirm claim details and if valid, reimburse claimants for reasonable costs or damages resulting from the event. Any claims that cannot be confirmed as valid will be denied. Subrogation Demand Preparation and Support Services Should the event source be a third party, we can assist our client with preparing a demand package to recover payments and expenses as an additional support service. Loss Funding, Check Issuance and Data Services We can provide administrative support for an event by providing check issuance services from an account funded by our clients. Additionally, we can provide our standard claim data file for the event that can be consolidated into our clients RMIS system as needed. Local Contact and Legislative Landscape Due to its global nature, cyber-related events can affect all companies in all markets. Crawford Cyber Risk Services provides solutions through an expansive global network serving clients in more than 70 countries. Report Capabilities We can provide and deploy reporting systems that are as simple or as complex as you need. From a simple report on cyber-related events that can be analyzed at the data field level to more complex reports that provide detailed costs and analytics, Crawford s Risk Management Information System offers different levels of applications giving you unprecedented levels of customization. 3. Forensic Accounting Services Cyber-related event claims often come with large volumes of data amounts that can be overwhelming for most claim departments. Crawford Forensic Accounting Services (CFAS) has the resources, expertise and experience to handle large volumes of data and provide immediate assistance in developing claims mitigation and settlement strategies. CFAS offers the market a single solution to meet the financial claims needs of clients, regardless of location. Services Advanced loss of profits/delayed start-up Arbitration and litigation support Bankers bond Business interruption Contingent business interruption Credit guarantee Benefits High-caliber specialist adjusters with an extremely differentiated skill set, possessing strong commercial knowledge, combined with a deep forensic insight Ability to work seamlessly with our full team of adjusters to provide immediate assistance in developing claims mitigation and settlement strategies Outcome-driven focus on fast and effective resolution, reducing claims management and legal costs Leverages the strength of Crawford s global footprint and organizational infrastructure Unparalleled customer service experience Other Services Fidelity guarantee Financial liability Fraud Malicious product tampering and extortion Mediation support IT Forensic Legal Regulatory Notifications Identity Protection Public Relations Cyber Extortion

LOSS MANAGEMENT AND TECHNICAL CLAIM ADJUSTING GTS Cyber Risk Group For major insurance claim events, the risk and insurance community needs a team of experts with experience and industry focus to evaluate and assess damages under extreme conditions. Crawford GTS has the largest, most experienced team of strategic loss managers and technical adjusters in the world. We cover virtually every industry and every geographical region. With more nominated senior technical adjusters than any other independent adjusting resource, we have relationships spanning the insurance industry and with many corporations in the Fortune 1000. Our teams are run by senior insurance professionals who bring skills much broader than claims adjusting. We marshal every resource to minimize the inevitable disruption of business as usual. Our technical adjusting staff function as strategic loss managers, and we offer the security and confidence that every aspect of large losses will be planned, organized and executed at the highest levels of industry, technical and regulatory standards. The Crawford GTS Cyber Risk Group has experience and expertise in claims focused on: First-party information and communication technology equipment losses Outsourcing information and communication technology services (e.g. cloud, web services) including privacy policies Data transmission, corruption, loss and recovery Secure methods of data disposal and deletion of sensitive data Software, software licensing and the inherent problems associated with bespoke software Firewall failures, antivirus protection and virus transmission Electronic and mobile commerce CRAWFORD CYBER RISK SERVICES provides the very best expertise and with the most developed global network of specialists backed by the largest independent claim organization.

For more information on how Crawford can help you with your cyber-related event, please call 404.300.1284 or email us at solutions@us.crawco.com www.crawfordandcompany.com GCG The Crawford Solution TM The most comprehensive global solution for claims administration Powered by Crawford iq TM NYSE: CRD-A, CRD-B Crawford & Company 1001 Summit Blvd Atlanta GA 30319 800-241-2541 CRAW-CYBERNOTBRO-0416-TC CRAWFORD, the CRAWFORD Globe logo, CRAWFORD & COMPANY, THE CRAWFORD SOLUTION ȚM THE CRAWFORD SOLUTION logo ȚM BROADSPIRE, the BROADSPIRE Globe logo ȚM CONTRACTOR CONNECTION, CRAWFORD CONTRACTOR CONNECTION, CRAWFORD GLOBAL TECHNICAL SERVICES, CRAWFORD GTS, GLOBAL TECHNICAL SERVICES ȚM GTS ȚM the GTS CRAWFORD GLOBAL TECHNICAL SERVICES logo, RISK SCIENCES GROUP and RSG are trademarks or registered trademarks of Crawford & Company or its affiliates in the U.S. and/or other countries. Foreign trademark registrations may also protect these trademarks. The foregoing is a non-exhaustive list of Crawford s trademarks and service marks.

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback