A GUIDE TO CYBER RISKS COVER

Similar documents
Your defence toolkit. How to combat the cyber threat

Add our expertise to yours Protection from the consequences of cyber risks

Combined Liability Insurance for Financial Technology Companies Proposal Form

NZI LIABILITY CYBER. Are you protected?

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

Cyber breaches: are you prepared?

Insuring your online world, even when you re offline. Masterpiece Cyber Protection

PRIVACY AND CYBER SECURITY

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

Cyber-Insurance: Fraud, Waste or Abuse?

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

HOW TO INSURE CYBER RISKS? Oulu Industry Summit

Cyber & Privacy Liability and Technology E&0

Cyber Risk Proposal Form

CYBER INSURANCE. Tel No: E Riley Road, Riley Road Office Park, Bedfordview, Gauteng, 2008

CYBER INSURANCE GUIDE

Professional Indemnity Insurance for Security Companies Proposal Form

Insurance policy SPECIMEN. Cyber and data risks.

How well do you really understand cyber risk?

Chubb Cyber Enterprise Risk Management

Case study. Malware mayhem. A targeted ransomware attack on a technology provider opens up a can of worms


STEPPING INTO THE BREACH A GUIDE TO CYBER AND DATA INSURANCE

Professional Indemnity and Cyber Insurance for Technology Companies Summary of cover

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

PAI Secure Program Guide

At the Heart of Cyber Risk Mitigation

Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity

Professional Indemnity Insurance for Accountants Proposal Form

Tech and Cyber Claims Services

Beazley Financial Institutions

CYBER AND INFORMATION SECURITY COVERAGE APPLICATION

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

DEBUNKING MYTHS FOR CYBER INSURANCE

Cyber Liability: New Exposures

Cyber Enhancement Endorsement

Professional Indemnity Insurance for Surveyors (and related professions) Proposal Form

DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY

australia Canada ireland israel united kingdom United states Rest of world cfcunderwriting.com

Professional Indemnity Insurance for the Designing and Consulting Department of Contractors Proposal Form

Cyber Risk Management

Privacy and Data Breach Protection Modular application form

CYBER RISK INSURANCE. Proposal Form

Cyber, Data Risk and Media Insurance Application form

Cyber Security Insurance Proposal Form

Cyber Liability A New Must Have Coverage for Your Soccer Organization

Data Breach Financial Protection Program Terms and Conditions

FM Global. First-Party Property Cyber Coverage

IndustryEdge for technology companies OUR KNOWLEDGE IS YOUR EDGE

Cyber Liability Insurance for Sports Organizations

Directors and Officers or Trustees Liability Section

DATA COMPROMISE COVERAGE FORM

By clicking in the appropriate box on the web page you are confirming that:

Cyber Risks & Insurance

APPLICATION FOR DATA BREACH AND PRIVACY LIABILITY, DATA BREACH LOSS TO INSURED AND ELECTRONIC MEDIA LIABILITY INSURANCE

Computer Cyber Insurance

COMMERCIAL CRIME PROTECTION INSURANCE Policy Summary

Cyber Insurance for Lawyers

Travelers CyberRisk Risks, responses and the reassurance we offer

Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

Charity and Community Insurance

Cyber Risk Insurance. Frequently Asked Questions

Cyber Security Liability:

Cyber Insurance I don t think it means what you think it means

What can be done to mitigate cyber risk?

Charity and Community Insurance Ireland

WELCOME TO FULL COVER AND DAMAGE COVER

Managing E-Commerce Risks

PROTECTING YOU FROM CYBER RISK FROM EVERY POSSIBLE ANGLE

Compute Managed Services Schedule to the Products and Services Agreement

APPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

Slide 1. Slide 2. Slide 3. Identity Theft Coverage. Today s Agenda. What is Identity Theft? What is Identity Theft?

Virus Protection and Personal Internet & Identity Theft Coverage Terms and Conditions

Online Banking Agreement

PROFESSIONAL INDEMNITY FOR MEDIA PROFESSIONALS. Policy summary

Media Protector for Publishers Proposal Form

Protecting Against the High Cost of Cyberfraud

Cybersecurity Privacy and Network Security and Risk Mitigation

Section / Nature of Change

QBE Cyber Insurance. Cyber and Data Security Insurance Policy

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do

SME. Trading SME Business Electronically with Zurich

Cyber Risks & Cyber Insurance

Cyber Liability Insurance

About these Terms and Conditions

Cyber a risk on the rise. Digitalization Conference Beirut, 4 May 2017 Fabian Willi, Cyber Risk Reinsurance Specialist

INFORMATION AND CYBER SECURITY POLICY V1.1

Compute Managed Services Schedule to the General Terms

Surprisingly, only 40 percent of small and medium-sized enterprises (SMEs) believe their

Cyber Risk Mitigation

CyberPro: Insurance, Risk Management and Breach Response Services

Bank Account. Terms and Conditions

Property business interruption Policy wording

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

my Identity Learning objectives

Terms and Conditions Cyber Enterprise Risk Management Insurance

Crawford Cyber Risk Services. A definitive solution for cyber-related events

Transcription:

A GUIDE TO CYBER RISKS COVER

Cyber risk the daily business threat to SMEs Cyber risks and data security breaches are a daily threat to everyday business. Less than 10% of UK companies have cyber insurance protection in place,* and the figure is lower for SMEs. These risks are only increasing in frequency. Those who ignore it are putting their business at risk. Simply put, any SME that relies on technology to conduct business is increasingly vulnerable to the immediate effects of a cyber attack or data security breach and its ability to recover. Standard insurance policies do not cover these risks. There is a growing need for SMEs to have appropriate insurance cover along with a suitable disaster recovery plan. *Source: UK Govt; UK Cyber Security The Role of Insurance Any business needs this insurance if they do any of the following: Hold sensitive customer information on its computers (e.g. names, addresses etc.) Have a website Take online transactions and are subject to a payment card industry (PCI) merchant services agreement Are reliant on computers to run its business Use email What are cyber risks? From computer hacking to the loss of data caused by human error, cyber risks take many forms. Cyber risk and data security breaches include: Computer Malware: Malicious software designed to cause damage to a standalone computer or a networked pc. This can be anything from viruses and worms to Trojans. Hacking: Accessing computers and networks to destroy data or maliciously harm the computer. Cyber theft: Stealing financial and / or personal information through a computer for fraudulent or illegal use. Extortion: An attack or threat of attack (e.g. system interruption; data theft) with a demand for money to avert or stop it. These often involve the use of so called Ransomware. Denial of service attack: Attacking from multiple IP addresses to make a machine or network resource unavailable to its intended users. (Think about it being similar to a group of people crowding the entry door or gate to a shop or business and not letting legitimate parties enter into the shop or business, disrupting normal operations). Human error / dishonesty: Loss or disclosure of sensitive personal and / or financial information either through accidental or malicious means. Infringement of intellectual property rights: Unintentional intellectual property infringement and other media cover as a result of website or social media content. Libel, slander or defamation: Defamation or slander conducted via the internet.

74% of small and medium-sized businesses reported that they had suffered an information security breach in 2015 Source: UK Govt; Information Security Breaches Survey 2015 Myth Interruption to business from a cyber attack or data security breach is covered by a standard insurance policy. Fact Standard business insurance will not cover these risks; Cyber Risks Cover will. What is Cyber Risks Cover? A complete insurance package that s easy to arrange, cost-effective and specifically designed for SMEs. Underwritten by industry specialists Markel, the policy includes 24/7 disaster recovery provided by RPC. The cover is split into two areas: For the business (first party or own loss): This specifically refers to the interruption to the company s own systems that causes the business loss. This can include the loss of net profit, cost to recover the data and systems, increased operational costs during the business interruption and the cost of notifying customers where there is a legal or regulatory requirement. Impact on other parties (third party liability): This is the liability the business has to a third party as a result of the loss of sensitive personal data stored on its network. Businesses need to protect this information to ensure it is not published or misused. Failure to do so could result in regulatory, civil or legal action. This part of the policy covers the costs of investigation into the system breaches as well as compensation and fines which could result from the breach. Key Facts It is a full insurance package underwritten by Markel s specialist cyber division; A 24/7 helpline means the business is just one call away from activating the disaster recovery service provided by RPC through Markel and making a claim; Premiums start from 150 per annum giving peace of mind at an affordable price; The policy covers first party as well as third party cover; Cover options range from 250,000 to 1,000,000. Bespoke covers and higher limits are also available. The policy excess varies depending on the business s turnover and cover level selected.

For small and medium-sized businesses the average cost of the worst security breaches is between 75,000 and 310,080 Source: UK Govt; Information Security Breaches Survey 2015 Myth Anti-virus software, firewalls and password protections are sufficient security. Fact These protection methods do not provide 100% security from cyber attacks and data security breaches. Source: UK Govt Cyber Security Myths Putting a Third of SME Revenue at Risk 2015

Summary of Cover Cyber Risks Cover provides the following protection for both the business (first party) and other parties impacted (third party) in the event of a cyber attack or data security breach. First Party Financial loss Following: Physical data breach (e.g. theft or misuse of data by an employee); Electronic data breach (e.g. computer virus or hack). Up to chosen limit Data security breach and mitigation costs A security audit of systems to establish the extent of the breach; Establishment of legal requirements and compliance with these (including customer notification and use of mitigation services for credit monitoring or identity theft); Notification to other parties where appropriate to reduce reputation damage. Up to chosen limit System and data rectification Business interruption Restoration and rebuild or replacement of the computer system following the virus, hack or service denial. To cover the following incurred during business interruption: Loss of net profit; Costs and expenses incurred; Additional operating costs (e.g. staff overtime). Up to chosen limit Up to 100,000 Extortion Costs To deal with threats or ongoing viruses, hacks or denial of service. This may include payment or mitigation of ransom (as agreed). Up to 50,000 Cyber Theft To cover unauthorised electronic funds transfer following a virus or hack. Up to 25,000 Telephone Phreaking To cover hacking that results in unauthorised call or bandwidth charges. Up to 25,000 Third Party Liability Damages and claimant costs Following: Network security incidents (e.g. Hack or Virus) - Insured s failure to prevent - Inability of Third Party to access the insured s computer system Up to chosen limit Electronic data breaches Physical data breaches (e.g. theft or misuse by employee) E-Media incidents (e.g. infringement of intellectual property rights In addition, there are a range of automatic extensions. These include court attendance compensation, employee indemnification, public relations service and regulatory investigations. Key Exclusions The following would not be covered by this policy: Events occurring before the start of the cover; Directors and Officers Liability; Dishonest fraudulent acts of the insured (other than physical data breaches or viruses or data breaches by an employee) Infrastructure failure e.g. electrical supply or internet service; Insufficient IT infrastructure capacity; Upstream disputes e.g. with the service provider over Intellectual Property Rights; War and terrorism (Unless in the context of a hacking incident or use of a computer virus) Virtual currencies e.g. Bitcoin.

SMEs put a third (32%) of their revenue at risk because they are falling for some of the common misconceptions around cyber security. Source: UK Govt Cyber Security Myths Putting a Third of SME Revenue at Risk 2015 Myth SMEs are too small to target; it s only large companies at risk Fact Small businesses are at a bigger risk than ever because they typically hold far more data than the average customer but often don t have additional preventative measures to protect themselves. 24/7 HELPLINE In the event of an attack or to make a claim The minute there is an issue it is essential that the business acts quickly and effectively. One call will activate the ReSecure emergency breach response service provided by RPC. ReSecure provides accesses to a multi-disciplined task force offering data breach management, technical forensic investigation, legal advice, notification, web and credit monitoring as well as public relations. They will also handle the claims process, taking this time-consuming aspect off your hands. RPC ReSecure gives access to the following experts: RPC Whose Data Protection Team has a broad range of experience in advising businesses on the collection, misuse of personal data and on the management of data security incidents. Storm Guidance Specialist cyber risk and cyber incident consultants who provide experienced incident operations coordination, risk analysis advice and advice in relation to the cleaning of compromised systems and restoration to operational readiness. LGC Leading digital forensic consultants, whose investigation and data interrogation skills assist to identify the cause of the data breach, the data compromised, and the data recovery options, while protecting and preserving any forensic evidence for later analysis. Experian Market leading providers of internet and credit monitoring services and associated call centre response services. Mattison Public Relations Experts in corporate communications and crisis management.

Myth All cyber insurance policies cover first and third party costs. Fact Only some cyber insurance policies, such as Cyber Risks Cover, will cover third party costs. In the last twelve months, three fifths (57%) of business have sought information, advice or guidance on the cyber security threats facing their organisations. Source: UK Govt: Cyber Security Breaches Survey 2016 Example claim scenarios Data breach: A potential buyer of a company loses an encrypted memory stick containing personal and sensitive data of over 5,000 employees including address and details. The Information Commissioner s Office (ICO) imposes a fine and significant costs are incurred to the company. Our cover: Together with RPC, our cover will help the firm to engage expert data risks or protection lawyers, liaise with the ICO and informed affected employees. Denial of service: An estate agent experiences a denial of service attack on its IT systems. This is operationally damaging for the company and has the potential to impact its brand reputation. Our cover: Together with RPC, our cover will help the firm recover the systems and pay for PR specialists to mitigate reputational damages. We will also cover the business for loss of income while the website is down, beyond the first 24 hours. Computer hack: A computer engineer employed to update the computer system for a sheet metal company is fired for incompetence. When the company refuses to pay him, he hacks into its system and deletes its files. This costs the company over 70,000 to rectify the damage. Our cover: Our policy will cover the costs incurred to repair the damage caused to the computer system finding, replacing or restoring computer records. Ransomware attack: An insurance broker receives messages threatening encryption and deletion of their data by cyber criminals. The broker s IT specialists are unable to determine the source of the hack or use data backups to resolve the threat. Our cover: The cost of IT forensic specialists to investigate the attack, protect the data and restore systems is covered under the policy.

To find out more To discuss this insurance class or for further details, contact your insurance broker Cyber Risks Cover is arranged and administered by specialist scheme provider P J Hayman & Company Limited who are authorised and regulated by the Financial Conduct Authority. Financial Service Register No. 497103. Registered Office: Stansted House, Rowlands Castle, Hampshire PO9 6DX. Registered in England No. 2534965. Cyber Risks Cover is underwritten by Markel International Insurance Company Limited. Registered in England and Wales. Registered Number. 0966670 Registered office: 20 Fenchurch Street, London, EC3M 3AZ. Markel International Insurance Company Limited is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and Prudential Regulation Authority. Financial Services Register No. 202570

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback