Cyber Risks & Cyber Insurance

Similar documents
Cyber Risks & Insurance

Cyber-Insurance: Fraud, Waste or Abuse?

CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY

ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them

Largest Risk for Public Pension Plans (Other Than Funding) Cybersecurity

Cyber Risk Mitigation

PRIVACY AND CYBER SECURITY

CYBER AND INFORMATION SECURITY COVERAGE APPLICATION


Your defence toolkit. How to combat the cyber threat

ACORD 834 (2014/12) - Cyber and Privacy Coverage Section

JAMES GRAY SPECIAL GUEST 6/7/2017. Underwriter, London UK Specialty Treaty Beazley Group

CYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING

Cyber Liability Insurance. Data Security, Privacy and Multimedia Protection

Protecting Against the High Cost of Cyberfraud

At the Heart of Cyber Risk Mitigation

Cyber & Privacy Liability and Technology E&0

CYBER LIABILITY INSURANCE OVERVIEW FOR. Prepared by: Evan Taylor NFP

NZI LIABILITY CYBER. Are you protected?

Privacy and Data Breach Protection Modular application form

Cyber, Data Risk and Media Insurance Application form

The Wild West Meets the Future: Key Tips for Maximizing Your Cyber and Privacy Insurance Coverage

Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

Cyber Risk Management

Cyber Risk Proposal Form

LIABILITY INTERRUPTION OF ACTIVITIES CYBER CRIMINALITY OWN DAMAGE AND COSTS OPTION: LEGAL ASSISTANCE

Cyber Security & Insurance Solution Karachi, Pakistan

Cyber Risk Insurance. Frequently Asked Questions

Cyber Liability Launch Event Moscow

We re Under Cyberattack Now What?! John Mullen, Partner/Co-founder, Mullen Coughlin Jason Bucher, Senior Underwriting Manager, Schinnerer Cyber

You ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017

IDENTITY THEFT COVERAGE ON INSURANCE POLICIES SPONSORED BY

BREACH MITIGATION EXPENSE COVERAGE

Data Breach Program Pricing Companies with revenues less than $1,000,000

A GUIDE TO CYBER RISKS COVER

Understanding Cyber Risk in the Dental Office. Melissa Moore Sanchez, CIC

Cyber breaches: are you prepared?

BREACH RESPONSE INFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES

RIMS Cyber Presentation

Tech and Cyber Claims Services

BEAZLEY BREACH RESPONSE INFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES SHORT FORM APPLICATION

What is a privacy breach / security breach?

Beazley Financial Institutions

Does the Applicant provide data processing, storage or hosting services to third parties? Yes No. Most Recent Twelve (12) months: (ending: / )

Evaluating Your Company s Data Protection & Recovery Plan

Cyber Risk & Insurance

Fraud and Cyber Insurance Discussion. Will Carlin Ashley Bauer

AXIS PRO PRIVASURE INSURA

Cyber Enhancement Endorsement

Cyber Liability Insurance for Sports Organizations

Cyber Insurance for Lawyers

2014 The Hartford Steam Boiler Inspection and Insurance Company. All rights reserved.

Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data

MANAGING DATA BREACH

STEPPING INTO THE A GUIDE TO CYBER AND DATA INSURANCE BREACH

2017 Cyber Security and Data Privacy Study

CYBER LIABILITY INSURANCE: CLAIMS ISSUES AND TRENDS THAT AUDITORS NEED TO KNOW

Cyber Liability & Data Breach Insurance Nikos Georgopoulos Oracle Security Executives Breakfast 23 April Cyber Risks Advisor

Insurance Requirement Provisions in Technology Contracts: Mitigating Risk, Maximizing Coverage

CYBER CLAIMS BRIEF A SEMI-ANNUAL PUBLICATION FROM YOUR WNA FINEX CLAIMS & LEGAL GROUP

Cybersecurity Privacy and Network Security and Risk Mitigation

CYBER INSURANCE IN IF - with a touch of Casualty - August 18 th 2017 Kristine Birk Wagner

Personal Information Protection Act Breach Reporting Guide

Electronic Commerce and Cyber Risk

Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do

Cyber Incident Response When You Didn t Have a Plan

CYBER INSURANCE GUIDE

DEBUNKING MYTHS FOR CYBER INSURANCE

CyberRisk: What we know and what we don't know

An Overview of Cyber Insurance at AIG

BROKER-DEALER GUARD FIDELITY BOND

XL Eclipse 2.0 Renewal Application

ARE YOU HIP WITH HIPAA?

Cyber Security Liability:

INSURING CYBER RISKS WITH A CAPTIVE: IS IT WORTH IT?

Whitepaper: Cyber Liability Insurance Overview

Slide 1. Slide 2. Slide 3. Identity Theft Coverage. Today s Agenda. What is Identity Theft? What is Identity Theft?

FORM 14 BROKER-DEALER FIDELITY BOND

CYBERSECURITY AND PRIVACY: REDUCING YOUR COMPANY S LEGAL RISK. By: Andrew Serwin

SENIOR CARE CYBER-LIABILITY, CRISIS MANAGEMENT AND REPUTATIONAL HARM SUPPLEMENTAL APPLICATION

HIPAA PRIVACY AND SECURITY RULES APPLY TO YOU! ARE YOU COMPLYING? RHODE ISLAND INTERLOCAL TRUST LINN F. FREEDMAN, ESQ. JANUARY 29, 2015.

Chubb Cyber Enterprise Risk Management

Cyber Liability A New Must Have Coverage for Your Soccer Organization

Directors & Officers Insurance 101

Combined Liability Insurance for Financial Technology Companies Proposal Form

HOW TO INSURE CYBER RISKS? Oulu Industry Summit

DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY

APPLICATION FOR DATA BREACH AND PRIVACY LIABILITY, DATA BREACH LOSS TO INSURED AND ELECTRONIC MEDIA LIABILITY INSURANCE

FORM 14 BROKER-DEALER FIDELITY BOND New York

FM Global. First-Party Property Cyber Coverage

OLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE

HEALTHCARE INDUSTRY SESSION CYBER IND 011

Does the Applicant provide data processing, storage or hosting services to third parties? Yes No

Cyberinsurance: Necessary, Expensive and Confusing as Hell. Presenters: Sharon Nelson and Judy Selby


APPLICATION for: TechGuard Liability Insurance Claims Made Basis. Underwritten by Underwriters at Lloyd s, London

Robinsue Frohboese Acting Director and Principal Deputy Director Office for Civil Rights United States Department of Health and Human Services

Crawford & Company (Canada) Inc. Cyber Loss Management Program

Add our expertise to yours Protection from the consequences of cyber risks

Protecting Yourself from Fraud including Identity Theft Advanced Level

Transcription:

Cyber Risks & Cyber Insurance Terry Quested Executive Director Associated Risk Managers of Ohio Darren Faye Vice President Leonard Insurance / Assured Partners

Legal Disclaimer The views, information and content expressed herein are those of the authors and presenters and do not necessarily represent the views of any insurance company, insurance broker or risk manager. This presentation is advisory in nature and necessarily general in content. No liability is assumed by reason of the information provided. Whether or not or to what extent a particular loss is covered depends on the facts and circumstances of the loss and the terms and conditions of an insurance policy as issued. The precise coverage afforded is subject to the terms and conditions of the policies as issued. The information provided should not be relied on as legal advice or a definitive statement of the law in any jurisdiction. For such advice, an applicant, insured, listener or reader should consult their own legal counsel. Slide 2

Today s Agenda Part One: Part Two: What Is Cyber Risk? Security Breaches & Privacy Part Three: Security Breaches & Theft of Funds Part Four: Security Breaches & Business Interruption Part Five: Part Six: Other Cyber Risks Concluding Thoughts Slide 3

Part I: What Is Cyber Risk - And, Cyber Insurance? Slide 4

Different Risks to Different People Retailer - Loss of Customer Information (e.g. credit card numbers) Bank - Loss of Customers Funds (e.g. cash from accounts) Electric Utility - Interruption of the system and loss of revenue. Slide 5

Cyber Insurance Policies Expense Coverage Crisis Management Expense: Notification expenses, credit monitoring expenses; Related legal & forensic expenses. Business Interruption & Extra Expense. Extortion. Vandalism. Liability Coverage Failure to keep data secure. Failure to keep network secure from malicious interruption. Intellectual property infringement. Libel/slander through on-line activities. Slide 6

Part Two Slide 7

Slide 8

Slide 9

A Few Statistics Between January 10 th, 2005 and January 7th, 2015, there were 4,478 Data Breaches, allowing unauthorized access to 932,729,111 Records. Source: Privacy Rights Clearinghouse, Chronology of Data Breaches, February 2nd, 2015.

Data Breach Causes 2005-2014 Stationary Device 6% Unkown 3% Unintended Disclosure 18% Source: Privacy Rights Clearing House; www.privacyrights.org/databreach/new Portable Device 25% Physical Loss 8% Insider 13% Hacking or Malware 26% Payment Card Fraud 1% Slide 11

Dumps For Sale! Slide 12

What Is Data? Data when used in the context of a data breach generally means: A person s name in conjunction with: A Social Security Number; A Driver s License Number or State ID Number; A Financial Account Number, in conjunction with the security code, password or other mechanism needed to access the account; or Medical Information, when such information is not encrypted or redacted. But, different States may define it differently! Slide 13

State Breach Notification Statutes California was the first state to enact security breach notification legislation July 1, 2003 [SB 1386]. Currently, 46 additional states have enacted some type of security breach notification legislation, plus: The District of Columbia, Puerto Rico and the U.S. Virgin Islands. Slide 14

The Reach Of The Laws Slide 15

The Breach Response Cycle Breach Coach Consultation Forensic Analysis Breach Coach Consultation Notification Design & Mailing Public Relations Credit/Fraud Monitoring Call Center Operations Slide 16

Cyber Insurance Policies Expense Coverage Crisis Management Expense: Notification expenses, credit monitoring expenses; Related legal & forensic expenses. Business Interruption & Extra Expense. Extortion. Vandalism. Liability Coverage Failure to keep data secure. Failure to keep network secure from malicious interruption. Intellectual property infringement. Libel/slander through on-line activities. Slide 17

Notification, If Not Done Correctly... May Invite Notification Litigation Slide 18

Slide 19

Litigation Various Types Civil Litigation Brought by affected natural persons, individually or as a class. Brought by affected organizations (e.g. banks) individually or as a class. Regulatory Actions Brought by: Federal Trade Commission; Other Federal or State Regulators (e.g. HHS) State Consumer Protection Departments; and/or State Attorneys General. Slide 20

Cyber Insurance Policies Expense Coverage Crisis Management Expense: Notification expenses, credit monitoring expenses; Related legal & forensic expenses. Business Interruption & Extra Expense. Extortion. Vandalism. Liability Coverage Failure to keep data secure. Failure to keep network secure from malicious interruption. Intellectual property infringement. Libel/slander through on-line activities. Slide 21

Part Three Slide 22

Slide 23

Slide 24

Account Takeover - A significant and growing threat for banks and their BUSINESS CUSTOMERS. A. Crooks target small to medium size businesses. B. Utilizing increasingly sophisticated types of malware or phishing techniques they either take control of the victim s computer, or they obtain the victim s online banking information. C. Once they have control of the computer, or they have the necessary log-in information, they loot the victim s demand deposit account by sending wire or ACH instructions to the bank. Slide 25

Who s Responsible - The Business Customer... Or, the Bank? Slide 26

Alternative Policies May Apply For the Bank: Electronic Computer Crime Policy. For the Customer: Commercial Crime Policy. Slide 27

Part Four Slide 28

Slide 29

Principal Causes of E-Business Interruption Employee or someone with authorized access corrupts, deletes or destroys Data, or otherwise impairs the operation of the System. Hacker corrupts, deletes or destroys Data, or otherwise impairs the operation of the System. Distributed Denial of Service [DDoS] Attacks Slide 30

Cyber Insurance Policies Expense Coverage Crisis Management Expense: Notification expenses, credit monitoring expenses; Related legal & forensic expenses. Business Interruption & Extra Expense. Extortion. Vandalism. Liability Coverage Failure to keep data secure. Failure to keep network secure from malicious interruption. Intellectual property infringement. Libel/slander through on-line activities. Slide 31

Part Five Slide 32

Slide 33

Cyber Insurance Policies Expense Coverage Crisis Management Expense: Notification expenses, credit monitoring expenses; Related legal & forensic expenses. Business Interruption. Extortion. Vandalism. Liability Coverage Failure to keep data secure. Failure to keep network secure from malicious interruption. Intellectual property infringement. Libel/slander through on-line activities. Slide 34

The hackers who stole millions of credit and debit card numbers from Target may have used a Pittsburgh-area heating and refrigeration business as the back door to get in. Fazio Mechanical Services Inc., a contractor that does business with Target, issued a statement Thursday saying it was the victim of a "sophisticated cyberattack operation," just like Target. It said it is cooperating with the Secret Service and Target to figure out what happened. Slide 35

Cyber Insurance Policies Expense Coverage Crisis Management Expense: Notification expenses, credit monitoring expenses; Related legal & forensic expenses. Business Interruption. Extortion. Vandalism. Liability Coverage Failure to keep data secure. Failure to keep network secure from malicious interruption. Intellectual property infringement. Libel/slander through on-line activities. Slide 36

Part Six Slide 37

What Do You Do? Slide 38

Incident Response Plans Critical for an effective and efficient response to an intrusion or data breach; Should be tested using tabletop exercises; and Should be updated to reflect any changes in the organization. Slide 39

And, Please Consider Insurance - Risk Identify Assess Control Transfer Slide 40

Are There Any - Slide 41

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback