Electronic Commerce and Cyber Risk

Similar documents

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

PRIVACY AND CYBER SECURITY

Data Breach Program Pricing Companies with revenues less than $1,000,000

NZI LIABILITY CYBER. Are you protected?

Fraud and Cyber Insurance Discussion. Will Carlin Ashley Bauer

Cyber Security Liability:

Cyber-Insurance: Fraud, Waste or Abuse?

Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

Cyber Risk Management

Cyber Risks & Insurance

Insuring your online world, even when you re offline. Masterpiece Cyber Protection

PAI Secure Program Guide

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

Cyber Insurance for Lawyers

Cyber Enhancement Endorsement

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

Cyber Risk Insurance. Frequently Asked Questions

MEASURING & PRICING THE COST DRIVERS OF A CYBER SECURITY RISK EVENT

Protecting Against the High Cost of Cyberfraud

CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY

Beazley Financial Institutions

CYBER AND INFORMATION SECURITY COVERAGE APPLICATION

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

CYBER LIABILITY INSURANCE: CLAIMS ISSUES AND TRENDS THAT AUDITORS NEED TO KNOW

Add our expertise to yours Protection from the consequences of cyber risks

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

Cyber & Privacy Liability and Technology E&0

Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

January to June 2016 fraud update: Payment cards, remote banking and cheque

Cyber Liability: New Exposures

How to mitigate risks, liabilities and costs of data breach of health information by third parties

Cyber Risks & Cyber Insurance

Cyberinsurance: Necessary, Expensive and Confusing as Hell. Presenters: Sharon Nelson and Judy Selby

PCI Training. If your department processes credit card information, it is CRITICAL that you understand the importance of protecting this data.

Vaco Cyber Security Panel

Chapter 4 E-commerce Security and Payment Systems

2017 Cyber Security and Data Privacy Study

Cyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April Cyber Risks Advisor

Table of Contents. Overview. What is payment processing? Who s Who. Types of Payment Solutions. Online Transactions. Interchange Process

Year-end 2016 fraud update: Payment cards, remote banking and cheque

Online Access Agreement and Disclosure Statement

Cyber Liability & Data Breach Insurance Claims

Evaluating Your Company s Data Protection & Recovery Plan

A GUIDE TO CYBER RISKS COVER

Your defence toolkit. How to combat the cyber threat

Ball State University

EXPERT GUIDE. January Private Investigators, Securities & Intelligence 2015

ALOSTAR BANK OF COMMERCE AGREEMENT FOR ONLINE SERVICES

Cyber Risk Mitigation

Cyber breaches: are you prepared?

Protecting against check fraud perspectives and best practices

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

IDENTITY THEFT COVERAGE ON INSURANCE POLICIES SPONSORED BY

ACCOUNT DISCLOSURES & FEE SCHEDULE PERSONAL BANKING

minimise card fraud in your business.

my Identity Learning objectives

CYBER LIABILITY REINSURANCE SOLUTIONS

Exactly what kind of bank is South State Bank?

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

YOUR RIGHTS AND RESPONSIBILITIES

IMPORTANT ACCOUNT INFORMATION FOR OUR CUSTOMERS from. The Tri-County Bank 106 N Main St Stuart, NE (402)

Equifax Data Breach: Your Vital Next Steps

Cyber Liability A New Must Have Coverage for Your Soccer Organization

MANAGING DATA BREACH

Payment Card Industry Training 2014

Cyber Liability Insurance for Sports Organizations

On-Line Banking Agreement (Consumers Only) Please Retain For Your Records

DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY

Regulation E Disclosure Revised 8/25/17 First State Bank of Arcadia. Electronic Funds Transfer Agreement and Disclosure

CYBER CLAIMS BRIEF A SEMI-ANNUAL PUBLICATION FROM YOUR WNA FINEX CLAIMS & LEGAL GROUP

Provided with permission to Mauch Chunk Trust Company Source: Security Breaches & Identity Theft Consumer Survey presented by RateWatch

Cyber Security & Insurance Solution Karachi, Pakistan

Business Days For purposes of these disclosures, our business days are Monday through Friday, excluding holidays.

MEDIATECH INSURANCE APPLICATION THIS APPLICATION IS FOR A CLAIMS MADE POLICY PLEASE INDICATE WHICH COVERAGES ARE REQUIRED Technology and Professional

Southwest National Bank Internet Banking Agreement

Slide 1. Slide 2. Slide 3. Identity Theft Coverage. Today s Agenda. What is Identity Theft? What is Identity Theft?

Electronic Funds Transfer Disclosure

2017 annual fraud update:

BUSINESS ONLINE BANKING AND CASH MANAGEMENT SERVICES MASTER AGREEMENT

Healthcare Data Breaches: Handle with Care.

2.1.3 CARDHOLDER DATA SECURITY

Visa s Approach to Card Fraud and Identity Theft

HOW TO INSURE CYBER RISKS? Oulu Industry Summit

Electronic Funds Transfer Disclosures

An Overview of Cyber Insurance at AIG

Electronic Banking Service Agreement and Disclosure

Bank of America Merrill Lynch Future of Financials Conference 2018

Your Guide to Business Asset Protection

APPLICATION FOR DATA BREACH AND PRIVACY LIABILITY, DATA BREACH LOSS TO INSURED AND ELECTRONIC MEDIA LIABILITY INSURANCE

When The Wind Blows: Renewable Energy Risk Management Strategies

Chart 1 How Fraudulently Used Consumer Information is Obtained M A Y

FRAUD ALERT! Cyber-Crime Impact on IDENTITY THEFT ACCOUNT FRAUD. n Minimize Risk n Vigilance Works n Fraud Prevention Tools

DATA COMPROMISE COVERAGE FORM

At the Heart of Cyber Risk Mitigation

Payment Card Security Policy

OLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE

Providing greater coverage for the greater good.

Transcription:

Electronic Commerce and Cyber Risk Fifth Third Bank All Rights Reserved Reality and Solutions Objectives for Today What I will cover How banks are changing How the public is changing How the laws are changing Future changes What I hope you think about? Areas I need to think about for our Municipality Where do I have risk What are the ramifications of not making a change What are my stakeholders asking for? 2 Fifth Third Bank All Rights Reserved 1

Things that keep you up at night Not having a hard copy paper trail Credit Card Fraud Employee / internal Fraud Employee reaction to change Not enough staff to implement Board/Council Education and Understanding The Media 3 Fifth Third Bank All Rights Reserved What should keep you up at night? What happens if my employee is robbed on the way to the bank? What happens if there is a large loss? How am I going to explain this to my Board? How am I going to explain this to the Public? How am I going to explain this to the Auditor? How am I going to explain this to the Judge? 4 Fifth Third Bank All Rights Reserved 2

Cyber Fraud Impacts Everyone 5 Fifth Third Bank All Rights Reserved Credit Cards Merchant Processing In Person, On the Web Site, or by Phone Fifth Third Bank All Rights Reserved 3

Credit Card Pin/Chip Technology Help verify user identity and more securely authorize transactions through the use of a small computer chip in each card Can be used with traditional magnetic stripe readers to enable single-card use, no matter where purchases are made Provide a single-card solution for international and domestic purchases Biometric Provide a greater level of security and fraud protection wherever cardholders live, work, and travel 7 Fifth Third Bank All Rights Reserved MasterCard Security Features 8 Fifth Third Bank All Rights Reserved 4

Phone Commerce -Mobile App payment options (Mobile Wallets) have become readily available through the Apple, Android and Google marketplace. -Customers experience the luxury of not carrying around their wallet, while maintaining the same convenience of using a credit card 9 Fifth Third Bank All Rights Reserved Data Breaches have gone mainstream 2015 Data Breach Goes Mainstream Major Headlines US Office of Personnel Management notifies 2.5MM individuals impacted by data breach. Hackers publish over 20GB of Ashley Madison data. Spike in ransomware attacks costs businesses $18MM. Corporate espionage group compromised system security at a string of major corporations. Nine suspects arrested for insider trading, suspects relied on hackers to steal commercially sensitive corporate information. The Perpetrators Outsiders 72% Insiders 28% Annual U.S. Commercial Losses by Event Average Losses Over Three Years / Losses in Millions Fire $2,600 Cyber Crime Tornadoe s Securities Lawsuits $182 $525 $400 5

Cyber Claims by the Numbers Median cost per breach response expense = $110,594; average cost for breach response services = $366,484 Median cost for legal defense = $283,300; average cost for legal defense = $698,797 Median cost for legal settlement = $150,000; average cost for legal settlement = $588,520 Median number of records lost = 3,500; average number of records lost was 2.4 million Personally Identifiable Information was the most frequently exposed data Hackers were the most frequent cause of data loss, followed by employee mistakes Insiders were involved in 32% of claims submitted Source: NetDiligence 2014 Claims Study Survey of 2013 claims filed with major cyber insurers across all industries Cyber policies are broad, and offer robust data breach response services 1 st and 3 rd Party Cyber Insurance Coverage Beazley: Data Breach Response First Party Loss 1. Insured registers at www.nodatabreach.com Breach Response Expenses Business Interruption breach Insured suspects a data Cyber Extortion Data Protection 2. Insured notifies Beazley claims office at bbrclaims@beazley.com Fines & Penalties (Payment Card Industry and Regulatory) Third Party Liability Privacy Liability (data security) 3. Beazley Breach Response (BBR) attorney contacts insured to assign legal counsel and forensic expert 4. BBR and insured determine if notification is required Systems Security Liability (virus transmission, access issues, spam) Web Based Media Liability (libel, slander) Regulatory Actions (usually defense coverage only) 5. Notification letters approved; call center services activated 6. Credit and Identity monitoring services offered to notified individuals, along with identify theft resolution and fraud support services if they are indeed a victim 7. BBR updates insured throughout breach response process, until breach is 4/28/2016 fully and legally resolved 12 6

The vast majority of businesses need Cyber Insurance Does the prospect need Cyber Insurance? Does the business store sensitive financial or other data? How many individual records could be at risk? Does the business credit/debit cards to perform transactions? How confident is the prospect in the IT platform security measures in place? Do employees use remote devices for work? Do service providers, vendors or other third parties have access to the company s sensitive information? Can business respond efficiently and effectively to a data or breach? Can business afford the expenses associated with a data or system breach? Can business afford to forfeit the confidence and trust of customers, employees and other stakeholders if a data breach is mishandled? A small company, with just 100 records breached, could have a $25k loss or more 2015 Verizon Data Breach Report Highlights In 2014, Ponemon Institute reported U.S. businesses paid an average costs of $5.4 million per data breach close to $200 per record (costs include liability and breach response expenses combined) However, Verizon claimed that the Ponemon methodology was flawed, expecting the per record cost to be around $260. BOTTOM LINE: Small businesses can ill afford to pay liability and breach response expenses associated with a data breach. However, more importantly, small businesses CANNOT AFFORD TO FORFEIT THE CONFIDENCE AND TRUST OF CUSTOMERS, EMPLOYEES AND OTHER STAKEHOLDERS IF A BREACH RESPONSE IS MISHANDLED. Source: 2015 Verizon Data Breach Investigations Report 7

Deposits the Electronic Way Cash and Checks 15 Fifth Third Bank All Rights Reserved Accounts Payable the Electronic Way 1. ACH 2. Wire 3. Credit Card 4. Automated Payables 5. Cell phone! 16 Fifth Third Bank All Rights Reserved 8

Why You Care.. Choice Escrow and Land Title v. BancorpSouth Bank Cincinnati Insurance Company V. Wachovia Bank The court ruled in favor of BancorpSouth Bank and Wachovia Bank in both court cases. Choice Escrow and Cincinnati Insurance were held responsible for check fraud, despite being the victim. The clients were offered Positive Pay services but declined; making them liable for any check fraud cases. 17 Fifth Third Bank All Rights Reserved Positive Pay Check and ACH What it is, what it does, what it costs Fifth Third Bank All Rights Reserved 9

Check and ACH Positive Pay Positive Pay is the best product in 30 years to deal with the problem of forged, altered and counterfeit checks. -Frank W. Abagnale Preventative Stops fraud before it happens Reduces / eliminates your liability both personal and professional Ensures process / controls in place 19 Fifth Third Bank All Rights Reserved Fraud Prevention Best Practices Protect stored data. Ensure that employees cannot override or circumvent security software. Implement a policy of updating operating system and security software on all computers, and assign someone the responsibility for seeing that this is done on a regular basis. Have controls! Checks and Balances Use tools available to minimize risk 20 Fifth Third Bank All Rights Reserved 10

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback