Cyber Liability Insurance: It May Surprise You

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cyber Liability Insurance: It May Surprise You"

Transcription

1 Cyber Liability Insurance: It May Surprise You Moderator Eugene Montgomery, President & CEO Community Financial Insurance Center Panelists Antonio Trotta, Senior Claim Counsel, CNA Specialty William Heinbokel, Fidelity Product Leader, CNA Pro Charles Higham, VP, Diversified Financial Group - Zurich Barbara Ewing, VP, CUO, Fidelity & Mgmt. Liab. Berkley FinSecure Lisa Micciche, Product Manager, ABA Insurance Services

2 Regulations Affecting Banks Regulation Requirements Consequences Graham-Leach Bliley Payment Card Industry Data Security Standards (In the Works) NY Contractual Regs for Vendors Must assure the security and confidentiality of customer records and information 12 Separate security requirements in transmission and storage of data. Will place required cybersecurity regulations on vendor contracts that involve PII US attorney general action, penalties up to $100,000 for each violation, D&O liability up to $10,000 per violation. Criminal Penalties Fines up to $500,000, loss of business.???

3 Guidance Affecting Banks Institution/Agency Federal Financial Institutions Examination Counsel (FFIEC) FDIC FFIEC Summary Authentication systems for internet banking should be multifaceted and require something a user: a) knows, b) has, and c) is. Instituting and expanding employee training on risks of spy/malware. Dedication of software, controls and policies to prevent loss from same. Each institution is expected to monitor web traffic, have and activate response plan in the event of DDoS, and staff appropriately during attack.

4 Common Themes in Regulatory and Industry Guidance Guidance and Rules need to account for the Resources of the Operation. YET, critical and sensitive information needs to be given priority protection. Risk Assessments are usually the First Step. Cybersecurity protocols must be scaleable, adaptable and reviewed on a consistent basis. Crisis response plans and drilling are essential components. Employee Education and Vendor Security are critical.

5 Cyber/Privacy Coverage Under Errors & Omissions Network Security Privacy Injury Privacy Event Expenses Privacy Regulation Fines

6 Hack, Employee Negligence, Employee Theft (Rogue), Vendor Negligence/Misconduct The Perfect Storm Consumer Complaints Contract Claims Attorney Reviews, Forensics, Notice Costs, Business Interruption, Extortion DATA BREACH DATA BREACH Regulatory Investigations, Proceedings and Fines

7 Privacy Event Expense Reimbursement First Party Coverage for: Reasonable and necessary fees, costs and expenses in connection with a Privacy Event (failure of hardware or software designed to protect information on Insured s Network, or of business policies to prevent wrongful disclosure of third party trade secrets, NPI or NCI). Some forms impose time requirements to incur expenses.

8 Privacy Event Expense Reimbursement Includes forensics, attorney reviews, costs of notices, call centers and public relations firms. Usually does not include cost to remediate security (patches, new software/equipment) Expense Coverage: Two Types Voluntary (best coverage) Limited to required Security Breach Notice Laws.

9 Coverage for Third Party Claims Resulting from Cyber Events Forms generally cover lawsuits and demands involving a defined Privacy Injury or Network Security compromise

10 Coverage for Third Party Claims Resulting from Cyber Events Privacy Injury usually defined as unauthorized disclosure of Nonpublic Corporate Information or Nonpublic Personal Information. Some forms include inability to access such information as additional coverage. Network Security includes DDoS; Unauthorized Access; destruction, deletion or alteration of information on a Network; Network Interruption; Transmission of viruses

11 Coverage for Regulatory Actions Many forms provide coverage for Regulatory Actions from any governmental agency involving a Privacy Breach or failure to comply with Security Breach Notice Laws. Very Limited Coverage for Investigations. Forms that provide such coverage also usually provide coverage for the Fines involved in such actions, but may require a separate retention for such fines.

12 Electronic Theft Covers Disbursement or transfer of the Insured s Money, Securities, or Intangible Property to a person or entity not authorized to receive them. Money must exist in electronic format, and includes cash, notes, negotiable instruments and records of credit. Securities means negotiable and non-negotiable instruments, and their digital equivalents Intangible Property usually defined by Endorsement.

13 Extortion Covers payments necessary to protect Insured and/or pay ransom for credible threats of loss or damage to the Network, Confidential Information, Money, Securities, Intangible Property or defacement of Insured s website.

14 Common Exclusions Bodily Injury, although most forms provide carve back for emotional distress and mental anguish arising from a Privacy Injury. Deliberate Acts. Many forms provide carve back for Rogue Employees. Natural Catastrophe/Mechanical Breakdown Unsolicited Communications (Spam/TCPA) Power failure caused by third parties causing service interruptions. Governmental Actions (the NSA exclusion )

15 Case Study Miami Bank, May 2014 Discovered in May, 2014 from a review of network logs. The Bank retained 3 different forensic firms in succession. Third firm finally had the expertise to identify and deal with the issue. Trojan Horse carried through phishing attack compromised 72,500 account numbers, names, SS#s but no passwords. Required PR firm, corrective action and notification to 14 different Ags. Total Costs over 500,000, not including reputational damage.

16 Fidelity Bond Coverage For Cyber and Computer Related Losses Computer Crime Coverage is offered to Financial Institutions in two ways: Computer Fraud/Wire Transfer Riders added to the FI Bond Stand alone Computer Crime Policy Over-simplification of Computer Crime coverage afforded by Bonds in general: If the bond has a specified verification/authentication procedure, and that procedure is in fact followed, but the loss nonetheless occurs, then the bond pays for the loss.

17 Computer Systems Fraud Rider Additional Insuring Agreement for Loss resulting directly from: (1) entry of Electronic Data or Computer Program into, or (2) change of Electronic Data or Computer Program within any Computer System operated by the Insured, that causes: (i) Property to be transferred, paid or delivered, (ii) an account of the Insured, or of its customer, to be added, deleted, debited or credited, or (iii) an unauthorized account or a fictitious account to be debited or credited. o

18 Telefacsimile Transfer Fraud Loss resulting directly from the Insured having, in good faith, transferred or delivered Funds, Certificated Securities or Uncertificated Securities through a Computer System covered under the terms of the Computer System Fraud Insuring Agreement in reliance upon a fraudulent instruction received through a Telefacsimile Device, and which instruction 1. purports and reasonably appears to have originated from: (a) (b) (c) a Customer of the Insured, another financial institution, or another office of the Insured but, in fact, was not originated by the Customer or entity whose identification it bears and 2. contains a valid test code which proves to have been used by a person who was not authorized to make use of it and, 3. contains the name of a person authorized to initiate such transfer; and provided that, if the transfer was in excess of $ XXXXXX, instruction was verified by a call-back according to a prearranged procedure. In this Insuring Clause, Customer means an entity or individual which has a written agreement with the Insured authorizing the Insured to rely on Telefacsimile Device instructions to initiate transfers and has provided the Insured with the names of persons authorized to initiate such transfers, and with which the Insured has established an instruction verification mechanism, and Funds means money on deposit in an account.

19 Computer Crime Policy For Financial Institutions Includes Coverage For: COMPUTER SYSTEMS FRAUD VOICE INITIATED TRANSFER FRAUD TELEFACSIMILE TRANSFER FRAUD TRANSFER FRAUD DESTRUCTION OF DATA OR PROGRAMS BY HACKER DESTRUCTION OF DATA OR PROGRAMS BY VIRUS VOICE COMPUTER SYSTEMS FRAUD

20 Funds Transfer Insuring Agreements The Voice Initiated Transfer, Telefacsimile Transfer, and the Transfer Insuring Agreements provide coverage for: Transferring paying or delivering funds or property from a customers account through a Computer System in reliance upon a fraudulent instruction (Voice, Telefacsimile, ) that was purportedly and reasonably appears to have originated from: A customer of the insured An employee of the Insured in another office of the Insured Typical Conditions Precedent for Coverage: Call back to the customer according to a prearranged procedure The Insured followed a commercially reasonable security procedure set forth in a written funds transfer agreement.

21 Funds Transfer Insuring Agreements What are Commercial Reasonable Security Procedures? Article 4A of the Uniform Commercial Code 4A-201. SECURITY PROCEDURE. "Security procedure" means a procedure established by agreement of a customer and a receiving bank for the purpose of (i) verifying that a payment order or communication amending or cancelling a payment order is that of the customer, or (ii) detecting error in the transmission or the content of the payment order or communication. A security procedure may require the use of algorithms or other codes, identifying words or numbers, encryption, callback procedures, or similar security devices. Comparison of a signature on a payment order or communication with an authorized specimen signature of the customer is not by itself a security Federal Financial Institution Examination Council (FFIEC) standards FDIC Authentication Guidance Examples: Call Back, Out of Band Authentication Passwords, Personal Identification Numbers (PIN), Public Key Infrastructure (PKI) Tokens Biometric Identifier

22 Key Exclusions Mechanical Failure of Computer System Potential Income o Interest and dividends o Unrealized gains Indirect Loss or Consequential Loss o Loss of investment opportunity, o Increases in market share o Legal settlements with third parties Loss of Intangible Property o Customer Information o Trade Secrets Contractual Liability

23 Claim Scenarios: Wire transfers requested via vs. voice initiated vs. online banking access. Claims involving ATMs skimming devices. Claims arising from underlying lawsuits and demands for Court Costs and Attorneys fees. Claims where Claims Expense Coverage is sought. Claims covered under 2 policies if other insurance clause can t be asserted.

24 ???QUESTIONS???

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently

More information

Joe A. Ramirez Catherine Crane

Joe A. Ramirez Catherine Crane RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Cyber and data Policy wording

Cyber and data Policy wording Please read the schedule to see whether Breach costs, Cyber business interruption, Hacker damage, Cyber extortion, Privacy protection or Media liability are covered by this section. The General terms and

More information

Tools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited

Tools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited Tools Conference Toronto November 26, 2014 Insurance for NFP s Presented by Paul Spark HUB International HKMB Limited Topics Insurance Policies Basics Directors and Officers Liability Insurance Commercial

More information

Cyber Liability. What School Districts Need to Know

Cyber Liability. What School Districts Need to Know Cyber Liability What School Districts Need to Know Data Breaches Growing In Number Between January 1, 2008 and April 4, 2012 314,216,842 reported records containing sensitive personal information have

More information

Managing Cyber & Privacy Risks

Managing Cyber & Privacy Risks Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past

More information

THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY.

THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY. THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY. NETWORK SECURITY ENDORSEMENT INTEGRATED TECH CLAIMS MADE CLAIM EXPENSES INCLUDED WITHIN THE LIMITS OF INSURANCE This endorsement modifies

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

DATA BREACH COVERAGE

DATA BREACH COVERAGE THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000

More information

Understanding the Business Risk

Understanding the Business Risk AAPA Cybersecurity Seminar Andaz Savannah Hotel March 11, 2015 10:30 am Noon Understanding the Business Risk Presenter: Joshua Gold, Esq. (212) 278-1886 jgold@andersonkill.com Disclaimer The views expressed

More information

(1) Commercial Crime Insurance or Employee Fidelity Bond

(1) Commercial Crime Insurance or Employee Fidelity Bond INSURANCE (A) GENERAL CONSIDERATIONS This document presents the minimum insurance requirements as set forth by the United States Trustee Program (USTP). A standing trustee must purchase property insurance

More information

COMPUTER CRIME POLICY FOR FINANCIAL INSTITUTIONS Edition of December, 1993

COMPUTER CRIME POLICY FOR FINANCIAL INSTITUTIONS Edition of December, 1993 DECLARATIONS COMPUTER CRIME POLICY FOR FINANCIAL INSTITUTIONS Edition of December, 1993 BOND NO. Westchester Fire Insurance Company (Herein called Company) Item 1. Name of Insured (herein called Insured):

More information

Cyber and CGL Insurance Coverage for Data Breach Claims

Cyber and CGL Insurance Coverage for Data Breach Claims Cyber and CGL Insurance Coverage for Data Breach Claims Paula Weseman Theisen, Partner Data breach overview Definition of data breach/types Data breach costs Data breach legal claims and damages Cyber-insurance

More information

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures

More information

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in

More information

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ APIP - Cyber Liability Insurance Coverages, Limits, and FAQ The state of Washington purchases property insurance from Alliant Insurance Services through the Alliant Property Insurance Program (APIP). APIP

More information

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Cyber Liability Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Today s Agenda What is Cyber Liability? What are the exposures? Reality of a

More information

Insuring Innovation. CyberFirst Coverage for Technology Companies

Insuring Innovation. CyberFirst Coverage for Technology Companies Insuring Innovation. CyberFirst for Technology Companies TECHNOLOGY IS EVERYWHERE. SO ARE THE THREATS. protection that goes well beyond a traditional general liability policy. CyberFirst CyberFirst is

More information

Enterprise PrivaProtector 9.0

Enterprise PrivaProtector 9.0 IRONSHORE INSURANCE COMPANIES 75 Federal St Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING FOR A CLAIMS

More information

Service Agreement. UltraBranch Business Edition. alaskausa.org AKUSA 02952 R 05/15

Service Agreement. UltraBranch Business Edition. alaskausa.org AKUSA 02952 R 05/15 Service Agreement UltraBranch Business Edition Your savings federally insured to at least $250,000 and backed by the full faith and credit of the United States Government. National Credit Union Administration,

More information

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the

More information

Cyber-insurance: Understanding Your Risks

Cyber-insurance: Understanding Your Risks Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some

More information

Cyber Exposure for Credit Unions

Cyber Exposure for Credit Unions Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of

More information

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information

More information

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 TOPICS 1. Threats to your business s data 2. Legal obligations

More information

Insurance for Data Breaches in the Hospitality Industry

Insurance for Data Breaches in the Hospitality Industry The Academy of Hospitality Industry Attorneys The Pl Palmer House Hilton Chicago, IL April 25, 2014 Insurance for Data Breaches in the Hospitality Industry Presenters: David P. Bender, Jr. dbender@andersonkill.com

More information

Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks

Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks Hacks, breaches, stolen data, trade secrets hijacked, privacy violated, ransom demands made; how can you protect your data

More information

Cyber-Crime Protection

Cyber-Crime Protection Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

Cyber Threats: Exposures and Breach Costs

Cyber Threats: Exposures and Breach Costs Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals

More information

Specimen. Crime Coverage Part. I. What is covered We will pay (in excess of the retention and up to the Crime Coverage Limit stated in the

Specimen. Crime Coverage Part. I. What is covered We will pay (in excess of the retention and up to the Crime Coverage Limit stated in the I. What is covered We will pay (in excess of the retention and up to the Crime Coverage Limit stated in the II. Coverage enhancements Declarations) for loss of or damage to money, securities, or other

More information

Rogers Insurance Client Presentation

Rogers Insurance Client Presentation Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com

More information

Electronic Funds Transfer Agreement and Disclosures

Electronic Funds Transfer Agreement and Disclosures Electronic Funds Transfer Agreement and Disclosures ELECTRONIC FUNDS TRANSFER AGREEMENT AND DISCLOSURES Agreement 1. Issuance of Card or Personal Identification Number. In this Agreement and Disclosures

More information

4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015

4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015 CYBER LIABILITY AND AVIATION Presented by Hal Hunt May 3, 2015 AGENDA Introduction Leaning Objectives Threat Examples Underwriting Protection/Cyber Policy Summary 2 LEARNING OBJECTIVES Understand Key Terms

More information

$194 per record lost* 3/15/2013. Global Economic Crime Survey. Data Breach Costs. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP

$194 per record lost* 3/15/2013. Global Economic Crime Survey. Data Breach Costs. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Global Cyber Crime is the fastest growing economic crime Cyber Crime is more lucrative than trafficking drugs!

More information

Attachment A. Identification of Risks/Cybersecurity Governance

Attachment A. Identification of Risks/Cybersecurity Governance Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING

More information

Business Merchant Capture Agreement. A. General Terms and Conditions

Business Merchant Capture Agreement. A. General Terms and Conditions Business Merchant Capture Agreement A. General Terms and Conditions Merchant Capture (MC), the Service, allows you to deposit checks to your LGE Business Account from remote locations by electronically

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP

More information

Funds Transfer Agreement

Funds Transfer Agreement Funds Transfer Agreement Your Lifetime Financial Partner This Funds Transfer Authorization Agreement & Notice ( Agreement ) applies to all domestic or international Wire Transfers and Automated Clearing

More information

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014

More information

ALTA Title Insurance & Settlement Company Best Practices

ALTA Title Insurance & Settlement Company Best Practices ALTA Title Insurance & Settlement Company Best Practices N e w C a s t l e T i t l e 7 5 0 N o r t h 3 r d S t r e e t, S u i t e B ( 6 0 8 ) 7 8 3-9 2 6 5 ( 6 0 8 ) 7 8 3-9 2 6 6 5 / 2 2 / 2 0 1 5 0 5/22/15

More information

MISCELLANEOUS MEDICAL PROFESSIONAL AND GENERAL LIABILITY INSURANCE POLICY CLAIMS MADE AND REPORTED COVERAGE ENDORSEMENT

MISCELLANEOUS MEDICAL PROFESSIONAL AND GENERAL LIABILITY INSURANCE POLICY CLAIMS MADE AND REPORTED COVERAGE ENDORSEMENT MISCELLANEOUS MEDICAL PROFESSIONAL AND GENERAL LIABILITY INSURANCE POLICY CLAIMS MADE AND REPORTED COVERAGE ENDORSEMENT e-md E1857BA-0712 In consideration of the premium charged, it is understood and agreed

More information

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Data Breach Cost. Risks, costs and mitigation strategies for data breaches Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,

More information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information

FINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies

More information

Acceptable Use Policy

Acceptable Use Policy Introduction This Acceptable Use Policy (AUP) sets forth the terms and conditions for the use by a Registrant of any domain name registered in the top-level domain (TLD). This Acceptable Use Policy (AUP)

More information

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,

More information

ISO? ISO? ISO? LTD ISO?

ISO? ISO? ISO? LTD ISO? Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet

More information

DATA PROTECTION LAWS OF THE WORLD. India

DATA PROTECTION LAWS OF THE WORLD. India DATA PROTECTION LAWS OF THE WORLD India Date of Download: 6 February 2016 INDIA Last modified 27 January 2016 LAW IN INDIA There is no specific legislation on privacy and data protection in India. However,

More information

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics

More information

Cyber Insurance Presentation

Cyber Insurance Presentation Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance

More information

CYBER & PRIVACY LIABILITY INSURANCE GUIDE

CYBER & PRIVACY LIABILITY INSURANCE GUIDE CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,

More information

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime? Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP A Note discussing written information security programs (WISPs)

More information

Insurance for Professionals

Insurance for Professionals Insurance for Professionals Adam E. Gwaltney, Agent, Cyber Liability Insurance Managing Cyber and Crime Risks Through Insurance Presented by: Adam E. Gwaltney, Agent Specializing in Professional Liability

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

Commercial Online Banking

Commercial Online Banking These terms form the agreement between us, Metro Bank PLC and you, a business customer and apply to the Commercial Online Banking Service (Commercial Online Banking) provided by us. Commercial Online Banking

More information

FFIEC CONSUMER GUIDANCE

FFIEC CONSUMER GUIDANCE FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their

More information

Risk Management of Outsourced Technology Services. November 28, 2000

Risk Management of Outsourced Technology Services. November 28, 2000 Risk Management of Outsourced Technology Services November 28, 2000 Purpose and Background This statement focuses on the risk management process of identifying, measuring, monitoring, and controlling the

More information

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014

More information

Cyber-Technology Policy Comparisons

Cyber-Technology Policy Comparisons Cyber-Technology Policy Comparisons ABA Insurance Internet/Electronic Banking Liability Insurance Policy (04/01) January, 2011 Endorsements Topic ACE Computer & Technology Products and Services Professional

More information

Cyber Insurance: How to Investigate the Right Coverage for Your Company

Cyber Insurance: How to Investigate the Right Coverage for Your Company 6-11-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

BUSINESS ONLINE BANKING AGREEMENT

BUSINESS ONLINE BANKING AGREEMENT BUSINESS ONLINE BANKING AGREEMENT This Business Online Banking Agreement ("Agreement") establishes the terms and conditions for Business Online Banking Services ( Service(s) ) provided by Mechanics Bank

More information

First State Bank, Belmond

First State Bank, Belmond First State Bank, Belmond Online Banking Agreement These are the current terms of your Agreement with First State Bank for accessing your accounts and making use of other services via the Internet through

More information

1. (a) Full name of proposer including trading names if any (if not a limited company include full names of partners) Date established

1. (a) Full name of proposer including trading names if any (if not a limited company include full names of partners) Date established Network Security ProPosal Form Important Please answer all questions from each section and complete in block capitals. Tick the appropriate boxes where necessary and supply any further information requested.

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("BA AGREEMENT") supplements and is made a part of any and all agreements entered into by and between The Regents of the University

More information

Understanding Professional Liability Insurance

Understanding Professional Liability Insurance Understanding Professional Liability Insurance Definition Professional liability is more commonly known as errors & omissions (E&O) and is a form of liability insurance that helps protect professional

More information

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Today s agenda Introductions Cyber exposure overview Cyber insurance market and coverages Captive cyber insurance

More information

COVERAGE SECTION 3. FIDELITY COVERAGE

COVERAGE SECTION 3. FIDELITY COVERAGE COVERAGE SECTION 3. FIDELITY COVERAGE I. EMPLOYEE DISHONESTY COVERAGE - BLANKET The Insurer will pay for loss of, and loss from damage to, Covered Property resulting directly from the Covered Cause of

More information

Commercial Internet Banking Agreement and Disclosures

Commercial Internet Banking Agreement and Disclosures Rev. 4/2015 Commercial Internet Banking Agreement and Disclosures 1. Coverage. This Agreement applies to your use of our commercial Internet Banking Service, which permits you to access your accounts with

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Pam Townley, AVP / Eastern Zonal Manager AIG Professional Liability Division Jennifer Bolling, Account Executive Gallagher Management Liability Division

More information

Chambers Bank Business Internet Banking Agreement

Chambers Bank Business Internet Banking Agreement Chambers Bank Business Internet Banking Agreement 1. INTRODUCTION. Chambers Bank Business Online Banking is a banking and information service that allows its Business Banking clients, via the Internet,

More information

SPECIMEN. (1) advising, counseling or giving notice to employees, participants or beneficiaries with respect to any Plan;

SPECIMEN. (1) advising, counseling or giving notice to employees, participants or beneficiaries with respect to any Plan; In consideration of payment of the premium and subject to the Declarations, limitations, conditions, provisions and other terms of this Policy, the Company and the Insureds agree as follows: I. INSURING

More information

Online Account Takeover. Roger Nettie

Online Account Takeover. Roger Nettie Online Account Takeover Roger Nettie CUNA Mutual Group Proprietary Reproduction, Adaptation or Distribution Prohibited CUNA Mutual Group 2013 Session Outline Types of attacks Movement of funds Consumer

More information

Cyberinsurance: Insuring for Data Breach Risk

Cyberinsurance: Insuring for Data Breach Risk View the online version at http://us.practicallaw.com/2-588-8785 Cyberinsurance: Insuring for Data Breach Risk JUDY SELBY AND C. ZACHARY ROSENBERG, BAKER HOSTETLER LLP, WITH PRACTICAL LAW INTELLECTUAL

More information

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection

More information

The potential legal consequences of a personal data breach

The potential legal consequences of a personal data breach The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.

More information

MOBILE DEPOSIT AGREEMENT AND DISCLOSURE ONLINE BANKING AGREEMENT ADDENDUM

MOBILE DEPOSIT AGREEMENT AND DISCLOSURE ONLINE BANKING AGREEMENT ADDENDUM MOBILE DEPOSIT AGREEMENT AND DISCLOSURE ONLINE BANKING AGREEMENT ADDENDUM This Addendum ( Addendum ) to the Citizens State Bank of Paola Online Banking Agreement between you and Citizens State Bank of

More information

Beazley presentation master

Beazley presentation master The Art of Breach Management Beazley presentation master February 2008 A Brief Review of Data Breaches What is a Data Breach? Actual release or disclosure of information to an unauthorized individual/entity

More information

CYBER LIABILITY AND PRIVACY CRISIS MANAGEMENT EXPENSE APPLICATION

CYBER LIABILITY AND PRIVACY CRISIS MANAGEMENT EXPENSE APPLICATION CYBER LIABILITY AND PRIVACY CRISIS MANAGEMENT EXPENSE APPLICATION THIS APPLICATION IS FOR A FIRST DISCOVERY POLICY. COVERAGE IS FOR EVENTS FIRST DISCOVERED DURING THE "POLICY PERIOD" OR ANY APPLICABLE

More information

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123 Cybersecurity: A Growing Concern for Small Businesses Copyright Materials This presentation is protected by US and International Copyright

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

CyberSecurity for Law Firms

CyberSecurity for Law Firms CyberSecurity for Law Firms Cracking the Cyber Code: Recent Headlines, Reinforcing the Need and Response Planning July 16, 2013 Making the Case Matthew Magner Senior Underwriting Officer Chubb & Son, a

More information

PC Teller Consumer Agreement & Disclosures

PC Teller Consumer Agreement & Disclosures PC Teller Consumer Agreement & Disclosures I. Introduction II. Accessing Your CINCO Accounts through PC Teller A. Requirements B. Electronic Mail (email) C. Fees D. New Services E. Benefits of Using PC

More information

Fidelity Land Title, Ltd. Title Insurance and Settlement Company Best Practices

Fidelity Land Title, Ltd. Title Insurance and Settlement Company Best Practices Fidelity Land Title, Ltd. Title Insurance and Settlement Company Best Practices Title Insurance and Settlement Company Best Practices Mission Statement ALTA seeks to guide its membership on best practices

More information

Cyber and Data Security. Proposal form

Cyber and Data Security. Proposal form Cyber and Data Security Proposal form This proposal form must be completed and signed by a principal, director or a partner of the proposed insured. Cover and Quotation requirements Please indicate which

More information

This Agreement shall be governed by and construed in accordance with the laws of the State of Wyoming.

This Agreement shall be governed by and construed in accordance with the laws of the State of Wyoming. Online Agreement: Online Banking Agreement. By submitting this form, you agree that you have read and agree to all terms herein. If you would like to talk with us about your enrollment, please call 307-732-BOJH

More information

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :

More information

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone: Company or Trading Name: Address: Post Code: Telephone: E-mail: Website: Date Business Established Number of Employees Do you have a Chief Privacy Officer (or Chief Information Officer) who is assigned

More information

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 Cybersecurity: A Growing Concern for All Businesses RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 RLI Design Professionals is a Registered Provider with The American

More information

ELECTRONIC SERVICES AGREEMENT

ELECTRONIC SERVICES AGREEMENT ELECTRONIC SERVICES AGREEMENT Electronic Disclosure and Consent To the extent that you have given your e-sign consent, if such consent is required, you agree to receive this covering consumer online banking

More information

Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online.

Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online. Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online. FFIEC BUSINESS ACCOUNT GUIDANCE New financial standards will assist credit

More information

GREAT AMERICAN TITLE OF HOUSTON, LLC D/B/A GREAT AMERICAN TITLE COMPANY EXAMINATION REPORT NOVEMBER 24, 2015

GREAT AMERICAN TITLE OF HOUSTON, LLC D/B/A GREAT AMERICAN TITLE COMPANY EXAMINATION REPORT NOVEMBER 24, 2015 GREAT AMERICAN TITLE OF HOUSTON, LLC D/B/A GREAT AMERICAN TITLE COMPANY EXAMINATION REPORT NOVEMBER 24, 2015 INDEPENDENT ACCOUNTANTS' REPORT To the Board of Directors of Great American Title of Houston,

More information

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today

More information

Cyber Insurance: How to Investigate the

Cyber Insurance: How to Investigate the 10-26-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

BUSINESS ON-LINE BANKING AGREEMENT

BUSINESS ON-LINE BANKING AGREEMENT BUSINESS ON-LINE BANKING AGREEMENT THIS BUSINESS ON-LINE BANKING AGREEMENT (this Agreement ) is for Business On-Line Banking Services provided by First National Bank of Northern California, ( Bank or we

More information