Fraud and Cyber Insurance Discussion. Will Carlin Ashley Bauer

Similar documents
Evaluating Your Company s Data Protection & Recovery Plan

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

Protecting Against the High Cost of Cyberfraud

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

Your defence toolkit. How to combat the cyber threat


Cyber Risk Management

Cyber-Insurance: Fraud, Waste or Abuse?

CYBER AND INFORMATION SECURITY COVERAGE APPLICATION

Cyber Risks & Insurance

2017 Cyber Security and Data Privacy Study

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

Protecting against and recovering from fraud and identity theft WHAT TO DO

O P C S. OPCS Overview 9/28/2017 (OPCS) The implementation of the Ohio Pooled Collateral System creates a unique partnership between:

Electronic Commerce and Cyber Risk

Cyber Risk Mitigation

Cyber Liability A New Must Have Coverage for Your Soccer Organization

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

Cyber Risk Insurance. Frequently Asked Questions

MANAGING DATA BREACH

Cyber Enhancement Endorsement

Cyber Liability: New Exposures

Cyber & Privacy Liability and Technology E&0

mitigating Payments Fraud risk:

A Review of Actual Fraud Cases in 2017 FRAUD REVIEW

Slide 1. Slide 2. Slide 3. Identity Theft Coverage. Today s Agenda. What is Identity Theft? What is Identity Theft?

Vaco Cyber Security Panel

PRIVACY AND CYBER SECURITY

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

Bank Secrecy Act OFAC FinCEN

Insuring your online world, even when you re offline. Masterpiece Cyber Protection

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY

Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do

NZI LIABILITY CYBER. Are you protected?

Privacy and Data Breach Protection Modular application form

Electronic Banking Service Agreement and Disclosure

Bank Secrecy Act OFAC FinCEN

Cyber Risk Proposal Form

Cyber Insurance for Lawyers

Cyber, Data Risk and Media Insurance Application form

At the Heart of Cyber Risk Mitigation

Business Merchant Capture Agreement. A. General Terms and Conditions

INFORMATION AND CYBER SECURITY POLICY V1.1

A GUIDE TO CYBER RISKS COVER

BUSINESS ONLINE BANKING AND CASH MANAGEMENT SERVICES MASTER AGREEMENT

Cyber breaches: are you prepared?

DATA COMPROMISE COVERAGE FORM

Case study. Malware mayhem. A targeted ransomware attack on a technology provider opens up a can of worms

Cyber Risks & Cyber Insurance

HIPAA Compliance Guide

Identity Theft Handbook Steps to Protect Yourself What to Do If You Are a Victim Policies to Reduce Identity Theft. MaryPIRG Foundation

Year-end 2016 fraud update: Payment cards, remote banking and cheque

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

Learn about identity theft. Investor education

Chubb Cyber Enterprise Risk Management

Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity

Cybersecurity Privacy and Network Security and Risk Mitigation

CYBER LIABILITY REINSURANCE SOLUTIONS

Citibank Online & Citi Mobile App

Receive a Completely Unexpected IRS Tax Refund in Your Bank Account? STOP!!! Don t Take the Bait!

CYBER INSURANCE GUIDE

Virus Protection and Personal Internet & Identity Theft Coverage Terms and Conditions

Mobile Deposit Capture Agreement and Disclosure Mobile Deposit Capture ("Mobile Deposit") Georgia s Own Credit Union ( Georgia s Own )

Commercial Banking Online Service Agreement

SAFEGUARDING YOUR CHILD S FUTURE. Child Identity Theft. Protecting Your Child s Identity

Cyber Liability Insurance for Sports Organizations

Cyber Security & Insurance Solution Karachi, Pakistan

ebanking Agreement and Disclosure

Personal Information Protection Act Breach Reporting Guide

Providing greater coverage for the greater good.

DEBUNKING MYTHS FOR CYBER INSURANCE

2017 annual fraud update:

Visa s Approach to Card Fraud and Identity Theft

Cyber ERM Proposal Form

Privacy and Security Issues Facing Qualified Retirement Plans

HIPAA AND YOU 2017 G E R A L D E MELTZER, MD MSHA

The Internet of Everything: Building Cyber Resilience in a Connected World

CYBER LIABILITY INSURANCE: CLAIMS ISSUES AND TRENDS THAT AUDITORS NEED TO KNOW

ALLY BANK ONLINE BANKING SERVICES AGREEMENT. Version 14.0, November 4, 2017

City National Bank & Trust Mobile Check Deposit Agreement

This Agreement contains the general terms, conditions and service descriptions governing each City National Bank Treasury Management Service (a

Business Online Banking Services Agreement

January to June 2016 fraud update: Payment cards, remote banking and cheque

o The words "You" and "Your" mean a South Shore Bank Home Banking customer.

2018 ERO Compliance Training RETURNING CLIENTS FEE COLLECT

An Overview of Cyber Insurance at AIG

Securing Treasury. Craig Jeffery, Managing Partner, Strategic Treasurer Rosemary Lyons, Business Project Manager, Cigna. You. Are. Not. Done.

Three D s of safeguarding your personal data

Insurance Requirement Provisions in Technology Contracts: Mitigating Risk, Maximizing Coverage

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

Online and Electronic Banking Services Agreement

DAWSON PUBLIC POWER DISTRICT 300 South Washington Street P. O. Box Lexington, Nebraska Tel. No.- 308/324/2386 Fax No.

HOW TO INSURE CYBER RISKS? Oulu Industry Summit

Designing Privacy Policies and Identifying Privacy Risks for Financial Institutions. June 2016

business online banking agreement

AonLine Service Agreement Effective July 19, By logging into AonLine, user agrees to these terms and conditions (T&C):

Cyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April Cyber Risks Advisor

Cyber Risk & Insurance

Transcription:

Fraud and Cyber Insurance Discussion Will Carlin Ashley Bauer

Why is it Important to Remain Vigilant? Fraud does not discriminate it occurs everywhere, and no organization is immune The changing business environment: with greater convenience and increased payment channels comes greater risk (mobile banking, remote deposit capture, etc.) Fraud tactics are becoming more sophisticated every day Fraudsters are reliant on the actions of their targets Fraud is ubiquitous in today s business environment and the threat continues to grow 2

Traditional and Evolving Exposures Credit Card Processing Sensitive Data Storage Lost or Stolen Devices Improper disposal or information access Malicious or Accidental Employee Actions Virus transmission Phishing Attacks Business Email Compromise Vendor Activities Ransomware 3

What is Phishing? Phishing attacks are typically perpetrated through the use of emails that appear to be sent from a legitimate source. Through deception, recipients of these emails are directed to click on links that send them to websites designed to obtain sensitive information or install malicious software onto their device. 4

Phishing Email Traits 1 SPELLING AND BAD GRAMMAR Cybercriminals are not known for their grammar or spelling. If you notice mistakes in an email, it may be malicious. 2 MALICIOUS LINK Phishing emails will almost always contain a bad link that will either install malware or take you to a malicious website. 3 CALL-TO-ACTION Many phishing campaigns will use pressure tactics to push victims into clicking on malicious links and/or giving up sensitive information. 4 POSING AS A RECOGNIZABLE ORGANIZATION Posing as large, easily recognizable companies allow cybercriminals to net a wider population of victims. Hello, As part of our security measures, we regularly screen activity in the Facebook system. We recently contacted you after noticing an issue on your account. Our system detected unusual Copyrights activity linked to your Facebook account, please follow the link bellow to fill the Copyright Law form: http://www.facebook.com/application_form Note: If you don t fill the application your account will be permanently blocked. Regards, Victim Important Facebook Notification [Action Required] facebook.alert@f.book.cd.com Facebook Copyrights Department. 4 1 2 3 5

Spear Phishing Unlike standard phishing attempts that are typically sent at random to a wide audience, spear phishing is a more focused attack directed at a specific individual or organization. The perpetrator will send an email from what appears to be a trusted source (friend, colleague, vendor, etc.) requesting that the recipient click on a bad link, initiate a monetary payment, or divulge sensitive information. In a spear phishing attack, the perpetrator leverages information they have obtained on the target to make the correspondence appear more legitimate. This is often the first step in a masquerading scheme. 6

Masquerading Scheme In a masquerading scheme (also referred to as BEC Business Email Compromise) a fraudster poses as a firm s CEO/executive or business partner using a compromised email account, or an email account that appears to be near identical, to facilitate financial crimes. Masquerading as the legitimate party, the fraudster will send an email to an employee of the target company requesting that a transaction (typically a wire transfer) be executed to a fraudulent beneficiary. 7

Masquerading - Example Scenario Fraudster uses spear phishing tactics to compromise the email of a company s CEO Access to the CEO s email is acquired, and the fraudster reviews all available info (calendar, email history, language/signature/templates used, who executes monetary transactions, etc.) A payment request is sent to an employee at the target company from an email account created by the fraudster that mirrors or closely resembles the CEO s email account The employee confirms the request via email with the fraudster, who they believe to be the CEO The employee, believing the request to be legitimate, initiates the fraudulent payment 8

Masquerading - Red Flags Email contains several spelling and grammatical errors and/or language not typically used by the alleged sender. Includes a reason that the sender cannot be reached directly (i.e. in an important meeting for remainder of day ). Many times, fraudsters will review the calendar of the individual they are posing as and time their attacks during scheduled vacation, all-day meetings, etc. Includes a set of circumstances that necessitate expedient action in sending funds. Failure to execute the requested transaction in a timely fashion will often result in multiple follow-up emails. 9

Ransomware Ransomware is a form of malware that restricts the target from using their device or retrieving their files until a ransom is paid. Normal functionality will not be restored by the perpetrator unless an untraceable fee is paid (instructions provided) within a designated period of time. In many cases, ransomware encrypts any files it can access, and the fraudster is the only one with the primary key that can successfully decrypt them. If the payment is made in the allotted period of time, the fraudster claims that they will decrypt the effected files. Some ransomware demands can be appear to come from legitimate entities (i.e. FBI). 10

Man-in-the-Middle Attack At the highest level, a man-in-the-middle attack is a scenario where a fraudster covertly intercepts and relays messages between two parties who believe that they are communicating directly with each other. This tactic can be used to redirect targets to spoofed login pages and steal their login credentials or other sensitive information. Target (whose device has previously been infected with malware) attempts to access online banking website, but is redirected to cosmetically identical website controlled by the fraudster Target enters login credentials, which are intercepted by the fraudster and used to log into the legitimate online banking website If the fraudster requires any further credentials they can be obtained through deceiving the target into enter them into the spoofed login page Once access is successfully gained, the fraudster initiates unauthorized transactions 11

What Does a Hacker Want with Your PC? WEB SERVER Phishing Site Malware Download Site Warez/Piracy Server Child Pornography Server Spam Site BOT ACTIVITY Spam Zombie DDoS Extortion Zombie Click Fraud Zombie Anonymous Proxy CAPTCHA Solving Zombie EMAIL ATTACKS Webmail Spam Stranded Abroad Scams Harvesting Email Contacts Harvesting Associated Accounts Access to Corporate Email VIRTUAL GOODS Online Gaming Characters Online Gaming Goods/Currency PC Game License Keys Operating System License Key ACCOUNT CREDENTIALS ebay/paypal Fake Auctions Online Gaming Credentials Web Site FTP Credentials Skype/VoIP Credentials Client-Side Encryption Certs FINANCIAL CREDENTIALS Bank Account Data Credit Card Data Stock Trading Account Mutual Fund/401K Account REPUTATION HIJACKING Facebook Twitter LinkedIn Google+ Client-Side Encryption Services HOSTAGE ATTACKS Fake Antivirus Ransomware Email Account Ransom Webcam Image Extortion 12

Small Businesses at Risk? 49% of claims were made by companies with revenue less than $50MM in 2016 25% were made by companies with revenue between $50MM and $300MM in 2016 Many executives believe that they haven t been a victim of a cyber-attack around 35% say they have not had a data breach in the last 12 months (1) It is possible that an intrusion may have a happened but has not yet been discovered. On average, hackers can remain undetected in systems for almost 150 days, and over half of companies are notified that they have been compromised by an external party (2) 1 Ponemon Institute 2 Mandiant Consulting 13

2016 Statistics According to a review by IBM Security- the quantity of Ransomwareinfected emails expanded 6,000 percent as compared to 2015. According to the same study, 70 percent of business victims paid the hackers to get their data back. Of those who paid, 50 percent paid more than $10,000 and 20 percent paid more than $40,000 (1). Ransomware was in almost 40 percent of all spam messages in 2016. Evidenced by ransomware related Bitcoin wallets- Cybercriminals took $1 billion in 2016 (2). 1 https://finance.yahoo.com/news/ransomware-spiked-6-000-2016-110000366.html 2 http://www.csoonline.com/article/3154714/security/ransomware-took-in-1-billion-in-2016- improved-defenses-may-not-be-enough-to-stem-the-tide.html 14

First Party Coverage Options Typical Coverage Components will cover costs the insured incurs for: Breach Response/Crisis Management Coverage responds to a network or privacy breach. Coverage includes: breach notification, public relations, forensic consultants, and credit monitoring costs Cyber Extortion or Loss Coverage responds to a threat by third party to commit a network security or privacy breach Business Interruption Extra Expense Loss Coverage responds to loss of income resulting from a network security breach or a network attack and extra expenses incurred to restore network to original condition Data Restoration Coverage Coverage responds to cost to restore data destroyed or altered as a result of a network security breach 15

Third Party Liability Coverage Options Components will cover claim expenses and damages the insured is legally obligated to pay as a result of the following: Network Security Liability Provides coverage for actions that the Insured is legally liable for claims made against the Insured for a Network Security Breach or Failure Privacy Liability Provides coverage for actions that the Insured is legally liable for claims made against the Insured for a Privacy Breach of PII, PHI or Corporate Confidential Information Regulatory Coverage Provides coverage for actions or proceedings and fines/penalties against the Insured by a regulatory agency resulting from a violation of a Privacy Law Website Media / Multimedia Provides coverage for actions that the Insured is legally liable for claims made against the Insured for a Media Peril of content on the Insured s Internet Site or may cover general Media Perils Professional Liability Provides coverage for acts, errors or omissions in the rendering or failure to render professional services to a client of the Insured 16

Fraud Insurance Tools Below highlighted are insurance tools to assist in fraud management. Insurance Product Cyber Liability Typically a separate policy Product Description Coverage for damages when private, personal and financial information is compromised due to a data breach or network intrusion. While not all cyber policies are the same, typical coverage includes incident management, regulatory defense, business interruption and extra expense, network extortion, digital assets, privacy liability, network security liability, and internet media liability. Computer Fraud Part of a Crime Policy Coverage for the theft of money, securities, or property by using a computer to transfer covered property from the insured's premises or bank to another person or place. Funds Transfer Fraud Part of a Crime Policy Coverage for the erroneous transferring of funds to or from a financial account of the insured based upon instructions fraudulently transmitted by a non-employee. Business Email Compromise/Masquerading Added by Endorsement to either Cyber or Crime Coverage for criminals deceptively gaining the confidence of an employee to induce him or her to voluntarily part with money or securities. 17

Executive Liability Insurance Insurance Product Product Description Directors & Officers Liability Directors and Officers can be made liable for the decisions they make on behalf of the organization. An organization s indemnification may be unable to protect them, leaving their personal assets at stake! Note: Many D&O policies now include cyber exclusions Employment Practices Liability Fiduciary Liability Coverage that protects against liability resulting from harassment, discrimination, wrongful termination, or failure to hire an applicant or employee and is typically amended to include coverage for third parties (customers, vendors) Coverage was designed to address the personal liability exposure created by the Employee Retirement Income Security Act (ERISA) in 1974. Fiduciary Liability Policies cover claims for loss to a plan as the result of a Wrongful Act by a fiduciary. Crime Protects against theft or forgery of money, securities, or other tangible property 18

Average Cost of Cyber Claim Services* 2013 2014 2015 2016 Average cost of crisis services $365,000 $366,484 $499,710 $357,000 Average cost of defense $258,000 $698,797 $434,354 $129,515 Average cost of settlement $88,000 $558,520 $880,839 $814,700 *2014, 2015, 2016 NetDiligence Cyber Claims Study 19

2016 Incidents by Cause of Loss 50 45 47 40 35 37 30 25 20 15 10 22 20 16 13 12 10 5 0 4 1 2016 NetDiligence Cyber Claims Study 20

Average Days to Identify and Contain Data Breach by Industry 21

Cost per day for BCM and DR 22

Cost of Data Breach per Record 23

Factors Influencing Data Breach Cost 2017 Ponemon Institute Cost of a Data Breach 24

Tips to Defend Against Fraud Update your Operating Systems, browser and software patches to ensure you re running the most up to date technology Establish a secure firewall and install/maintain antivirus solutions Require dual approval on monetary transactions, as well as administrative changes Consider using a dedicated PC for online banking or separate PC s for the initiator and approver Set up strong passwords and avoid password repetition across multiple sites/applications Be cautious when using public wifi and consider utilizing a VPN (virtual private network) to protect your network traffic 25

Tips to Defend Against Fraud Be aware of and utilize your bank s security measure Huntington s Business Security Suite ACH Positive Pay Check Block Check Positive Pay Reverse Positive Pay Review online users and their profiles periodically Verify routing and account numbers over the phone for any new or modified payment instructions Educate employees about common fraud schemes (PhishMe) Take a measured approach to personal information shared online Purchase an Insurance Policy to cover losses if the above precautions fail 26

Takeaways Cyber is an Operational Risk for every business Regulatory environment will continue to evolve Each cyber insurance policy is different, check exclusions Developing Coverages Capacity is available Losses will push pricing pressure upward 27

28

Member FDIC 29

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback