CYBER LIABILITY INSURANCE: CLAIMS ISSUES AND TRENDS THAT AUDITORS NEED TO KNOW

Similar documents
Cyber Insurance I don t think it means what you think it means

Protecting Against the High Cost of Cyberfraud

CYBER LIABILITY REINSURANCE SOLUTIONS

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

Cyber Risk Management

Surprisingly, only 40 percent of small and medium-sized enterprises (SMEs) believe their

PRIVACY AND CYBER SECURITY

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

Your defence toolkit. How to combat the cyber threat

Cyber Risk Mitigation

Insuring your online world, even when you re offline. Masterpiece Cyber Protection

Cyber Incident Response When You Didn t Have a Plan

Electronic Commerce and Cyber Risk

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

Cyber Insurance for Lawyers

Cyber Risks & Cyber Insurance

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

Cyber Security & Insurance Solution Karachi, Pakistan

DEBUNKING MYTHS FOR CYBER INSURANCE

Cyberinsurance: Necessary, Expensive and Confusing as Hell. Presenters: Sharon Nelson and Judy Selby

Evaluating Your Company s Data Protection & Recovery Plan

CYBER INSURANCE IN IF - with a touch of Casualty - August 18 th 2017 Kristine Birk Wagner

CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY

Cyber-Insurance: Fraud, Waste or Abuse?

Cyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April Cyber Risks Advisor

Cyber Risks & Insurance

An Overview of Cyber Insurance at AIG

2014 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved.

Vaco Cyber Security Panel

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

Cyber & Privacy Liability and Technology E&0

IDENTITY THEFT COVERAGE ON INSURANCE POLICIES SPONSORED BY

Sizing the Standalone Commercial Cyber Insurance Market

Fraud and Cyber Insurance Discussion. Will Carlin Ashley Bauer

Manufacturing and Wholesale

Cyber Liability Launch Event Moscow

What is a privacy breach / security breach?

RIMS Cyber Presentation

Healthcare Data Breaches: Handle with Care.

MEASURING & PRICING THE COST DRIVERS OF A CYBER SECURITY RISK EVENT

Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do

CYBER CLAIMS BRIEF A SEMI-ANNUAL PUBLICATION FROM YOUR WNA FINEX CLAIMS & LEGAL GROUP

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

Cyber Enhancement Endorsement

To renew the County s General Insurance Program for 2018 and consider some optional coverage for increased protection.

Aon Cyber Risk and Directors & Officers Forum CRM011

Why CISOs Should Embrace Their Cyber Insurer

NZI LIABILITY CYBER. Are you protected?

Small business, big risk: Lack of cyber insurance is a serious threat

Cyber breaches: are you prepared?

Cyber Risk Insurance. Frequently Asked Questions

How to mitigate risks, liabilities and costs of data breach of health information by third parties

Trends in Cyber-Insurance Coverage to Meet Insureds Needs

ACTIVE SHOOTER COVERAGE:

At the Heart of Cyber Risk Mitigation

CYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING

TECHNOLOGY ERRORS & OMISSIONS MARKET SURVEY 2019

Cyber Liability Insurance for Sports Organizations

Cyber Liability State of the Insurance Market & Risk Update Sept 8, ISACA North Texas

MEMORANDUM. Health Care Information Privacy The HIPAA Regulations What Has Changed and What You Need to Know

Trends, Vendor Management, and Practical Tips For In House Counsel. ACC National Capital Region October 16, 2018

MANAGING DATA BREACH

2017 Cyber Security and Data Privacy Study

Personal Information Protection Act Breach Reporting Guide

Cyber Risk Proposal Form

A GUIDE TO CYBER RISKS COVER

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

HEALTHCARE BREACH TRIAGE

Add our expertise to yours Protection from the consequences of cyber risks

Determining Whether You Are a Business Associate

Cyber COPE. Transforming Cyber Underwriting by Russ Cohen

Port Jefferson Union Free School District. Annual Risk Assessment Update Pertaining to the Internal Controls Of District Operations.

Cyber a risk on the rise. Digitalization Conference Beirut, 4 May 2017 Fabian Willi, Cyber Risk Reinsurance Specialist

Sara Robben, Statistical Advisor National Association of Insurance Commissioners

Building a Program to Manage the Vendor Management Lifecycle

A FRAMEWORK FOR MANAGING CYBER RISK APRIL 2015

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

HIPAA AND YOU 2017 G E R A L D E MELTZER, MD MSHA

Mitigating the Existential Data Breach Risk A Complimentary LexisNexis Webinar March 12, 2014

Will the Real Cyber Solution Please Stand Up?

This article has been published in PLI Current: The Journal of PLI Press, Vol. 2, No. 2, Spring 2018 ( 2018 Practising Law Institute),

Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

Tech and Cyber Claims Services

PRIVACY: BRIDGING THE GAP BETWEEN THIRD PARTY/VENDOR RISK MANAGEMENT AND CYBER RESILIENCY. Annmarie Giblin, Esq. Thursday, April 21, 2016

Crawford & Company (Canada) Inc. Cyber Loss Management Program

Summary of Coverage Diocesan Property & Casualty Program

A Review of Actual Fraud Cases in 2017 FRAUD REVIEW

Risk Associated with Meetings

Crawford & Company (Canada) Inc. Cyber Loss Management Program

Solving Cyber Risk. Security Metrics and Insurance. Jason Christopher March 2017

WORTH THE RISK? Highlights from the Chubb 2013 Private Company Risk Survey

CYBER INSURANCE GUIDE

Cyber Exposures: The Importance of Risk Identification and Transfer. Presented By: Joe Weipert

2015 Latin America Cyber Impact Report

HEALTHCARE INDUSTRY SESSION CYBER IND 011

We re Under Cyberattack Now What?! John Mullen, Partner/Co-founder, Mullen Coughlin Jason Bucher, Senior Underwriting Manager, Schinnerer Cyber

Take It or Leave It: Pitfalls and Challenges of IT Contracts Thursday, May 4, 2017 General Session; 9:00 10:30 a.m.

State of Card Fraud: 2018

Insurance Requirement Provisions in Technology Contracts: Mitigating Risk, Maximizing Coverage

A broker guide to selling cyber insurance. CyberEdge Sales Playbook

Transcription:

CYBER LIABILITY INSURANCE: CLAIMS ISSUES AND TRENDS THAT AUDITORS NEED TO KNOW INSURANCE RISK MANAGEMENT EMPLOYEE BENEFITS Presented by: Douglas R. Jones, CPCU, ARM, Senior Vice President, Principal www.rhsb.com www.techassure.org

Today s Discussion Deeper understanding of cyber insurance coverage and claims Understand future trends and issues impacting cyber insurance Practical steps to secure favorable coverage at lower total cost of risk 2

2014 NetDiligence Claim Study Business Sector 3

2015 NetDiligence Claim Study Business Sector 4

2015 NetDiligence Claim Study Business Sector 5

Breach Notification Costs the Real Numbers Cost per Record (Total=$201) 6

2014 NetDiligence Claim Study Total Claim Costs 7

2015 NetDiligence Claim Study Total Claim Costs 8

2014 NetDiligence Claim Study Crisis Service Costs 9

2015 NetDiligence Claim Study Crisis Service Costs 10

Maricopa County Community College 2.5 million records lost Costs $9.3M legal fees $7.5M security consulting and repair $7.0M notification and credit monitoring $2.2M records management, public relations, photocopying, etc. 11

2015 NetDiligence Claim Study Total Costs Data Type 12

2015 NetDiligence Claim Study Total Costs Cause of Loss 13

Spear Phishing Losses 14

Types of Events Over Time 15

Industry Composition 16

Industry Composition over Time 17

More Small Companies Targeted According to the Identity Theft Resource Center (ITRC), nearly 800 data breaches were publicly reported in 2015, representing over 169 million records Many on breach list were small or midsize including: Sole-proprietor Certified Public Accountants Dry Cleaning companies Car wash businesses Sporting and recreational goods manufacturers Food courts Gift shops 18

Types of Data Lost 19

2014 NetDiligence Claim Study Third-Party Breaches 20

2015 NetDiligence Claim Study Third-Party Breaches 21

Ransomware Attacks 22

Practical Steps To Lower Your Total Cost of Risk Knowledge of market and coverage Develop a risk profile Have a process 23

Navigating Cyber Insurance Understand the market Coverage is still evolving Terms are not consistent Demand and capacity Understand the product 1 st and 3 rd Party coverages Varying applications and sublimits Interaction with other coverages E&O, Crime, D&O, GL Additional resources 24

Cost Variation: Example of carrier benefits Breach of approximately 50,000 records, including social security numbers Two years of credit monitoring services provided to victims Insured's Vendor Cost Carrier Vendor Cost Savings Legal Assistance with Notification Letters $24,190 $10,000 $14,190 Print/Mail Letters $63,551 $56,341 $7,209 Call Center Services $118,642 $66,852 $51,790 Credit Monitoring Services * $34,199.80 - $683,996 $15,864.85 - $317,297 $18,334.95 - $336,698 Totals $240,583 - $890,379 $149,058 - $450,490 $91,524 - $409,887 25

Breach Response Resources 26

Insurance Applications Insurance applications are awful, but provide opportunity to demonstrate that you thought through exposures Don t stress about the perfect application Supplement with separate risk profile 27

Develop a Risk Profile Demonstrate a commitment to risk management from senior leadership Incident response plan should be formalized and tested Security review and analysis by third party Manage contractual liability exposures Insurance, Indemnifications, Limitations of Liability Third party vendor evaluation Cloud providers and data holders 28

Develop a Risk Profile Controls and Procedures Limit access to electronic information only as needed Encryption whenever possible, esp. mobile devices Review physical security procedures Privacy policy in place, monitored for compliance, updated Sharing of customer information with any 3rd parties International privacy rules Include policy on Social Media 29

Have a Process Include Senior Mgt IT, Legal, Risk Mgt, Finance Evaluation of carriers and coverages Use exposure based risk assessment Prioritize coverage features and map quotes against priorities Limit Determination Benchmarking Breach Calculators Review claims & trends Review data and aggregation 30

Limit Selection Breach Calculators 31

Limit Selection Peer Benchmarking 32

Navigating the Claims Process Your information network will be compromised Immediate response is key, but the claims process will take time Many involve both 1 st and 3 rd party losses Multiple 1st party breach responses Computer Forensics Legal Consultation Breach Notification Credit Monitoring Public Relations Class action litigation 33

Douglas R. Jones, CPCU, ARM Senior Vice President & Principal djones@rhsb.com 972-744-2743 www.rhsb.com / www.techassure.org 34

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback