2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage"

Transcription

1 2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage Chris Reese Vice President, Director of Underwriting Connie Rivas Asst. Vice President, Contracts and Legal Services Overview Introduction In the News Regulatory Oversight Current Data on Breaches Review of Best Practices Current Security and Privacy measures Summary of Cyber Insurance Coverage 2 1

2 A Data Breach Is Not ADisaster. Mishandling It Is. 3 Introduction: Complexity of Cyber Threats has Grown Dramatically US Business face increasingly sophisticated threats that outstrip traditional defenses Economics of cyber cybersecurity favor the attackers Reputational harm is significant Competing pressures within organizations Deploy IT resources to risk mitigation Deploy IT resources to advance the required business technologies to service and compete 4 2

3 What is a Breach? A breach is defined as an event in which an individual name plus Social Security Number (SSN), driver s license number, medical record or a financial record/credit/debit card is potentially put at risk Paper or Electronic Potential Security Threats Compromises the integrity, security or confidentiality of information Circumstances where a data breach may have happened or could happen in the future. (e.g. lost flash drive with PII) 5 In the News In 2013 and 2014, the Identity Theft Resource Center (ITRC) documented nearly 1,400 data breaches in the US, including: ( Target 110,000,000 Records Compromised Anthem Breach 78,800,000 Records Compromised (source: USA Today April 14, Home Depot 56,000,000 Records Compromised Excellus Blue Cross Blue Shield 10,000,000 Records Compromised (source: Privacy Rights Clearinghouse ) IRS 1,400,000 Records Compromised Saint Joseph Health System 405,000 Records Compromised University of Maryland 309,079 Records Compromised 6 3

4 In the News cont. In 2013 and 2014, the Identity Theft Resource Center (ITRC) documented nearly data breaches in the US, including: ( Touchstone Medical Imaging (TN) 307,528 Records Compromised Sutherland Healthcare Solutions 168,500 Records Compromised Indiana University 146,000 Records Compromised Orthopedic Specialty Institute (AL) Iron Mountain 49,714 Records Compromised Office of Nisar Quraishi (NY) 20,000 Records Compromised Office of Dennis Flynn, M.D. (IL) 13,646 Records Compromised 7 Regulatory Oversight Privacy and Cyber Gramm Leach Bliley Act; Federal Law passed in 1999 Oversight of insurance companies is delegated to state insurance authorities to enforce If a state insurance authority fails to adopt regulations, then the state shall not be eligible to override Federal oversight The NAIC (National Assoc. of Ins. Commissioners) published a model law for individual states to adopt. States took the following actions: Adopted the model law in a substantially similar manner Related State Activity have not adopted the current model but have an earlier version of the model or have legislation derived from other sources No current activity; includes states that have repealed legislation or never adopted legislation SOURCE: National Association OF Insurance Commissions

5 Regulatory Oversight Privacy and Cyber NAIC (National Assoc. of Ins. Commissioners) has adopted the Principles for Effective Cybersecurity Insurance Regulatory Guidance. State insurance regulators have a responsibility to ensure that personally identifiable consumer information held by insureds is protected from cybersecurity risks Confidential and/or personally identifiable financial information should be appropriately safeguarded State insurance regulators have a responsibility to protect information inside/outside of an insurance department or at the NAIC Cybersecurity regulatory guidance for insureds must be flexible, scalable, proactive, and consistent with nationally recognized efforts such as NIST framework Regulatory guidance must be risk based and must consider the resources of the insurer with a caveat of a minimum set of cybersecurity standards State insurance regulators should provide appropriate regulatory oversight, which includes but is not limited to, conducting risk based financial examination and/or market conduct examinations regarding cybersecurity SOURCE: National Association OF Insurance Commissions Regulatory Oversight Privacy and Cyber (continued) NAIC Principles for Effective Cybersecurity Insurance Regulatory Guidance [continued] Planning for incident response is an essential component to an effective cybersecurity program Insurers.should take appropriate steps to ensure that 3 rd parties and service providers have controls in place to protect PII Cybersecurity risks should be incorporated and part of an enterprise risk management process; transcends the IT department IT internal audit findings that present a material risk to an insurer should be reviewed with the board of directors or appropriate committee thereof It is essential to use information sharing and analysis organization (ISAO) to share information and stay informed of emerging threats, as well as physical threats intelligence sharing Period and timely training, paired with an assessment, for employees regarding cybersecurity issues is essential SOURCE: National Association OF Insurance Commissions

6 Regulatory Oversight Privacy and Cyber (continued) NIST National Institute of Standards and Technology Federal government framework for standards benchmark Standards, methodologies, procedures and processes that aligns policy, business and tech issues to address cyber risks SOURCE: National Association OF Insurance Commissions NAIC Cyber Security Bill of Rights Presented for Court July 2015, Final version, not yet Approved. 12 6

7 Cybersecurity Bill of Rights As an insurance consumer, you generally have the right to: 1. Know what type of personally identifiable information is being collected and how long that personally identifiable information is kept by an insurer 2. Expect that an insurer is adequately protecting the personally identifiable information from disclosure to unauthorized persons. 3. Receive notice from an insurer if your personally identifiable information was, or is reasonably believed to have been, acquired by an unauthorized person and could result in identity theft or fraud to you. 4. Receive notice from an insurer, insurance producer, or other state regulated entity in the event of a data breach. 13 Cybersecurity Bill of Rights 5. Receive notification, from health insurers regarding a data breach of protected health information that is held by a health plan, under federal HIPAA laws. 6. Receive notice from an insurer information on any relevant payment card/bank account number breach, if the breach involves a breach of the payment card/bank account numbers. 7. Receive notice from an insurer in the event of a data breach of their security system, maintained by a third party service provider that has been contracted to maintain, store, or process personally identifiable information in electronic or paper form. 8. Receive a general description of the actions taken by the insurer restore the security and confidentiality of the personally identifiable information involved in a data breach. 9. Receive a minimum of two years of identity theft protection from the insurer, insurance producer, or other state regulated entity in the event of a data breach. 14 7

8 Cybersecurity Bill of Rights 10. Receive a summary of the rights of victims of identity theft prepared under the Fair Credit Reporting Act, fair creditreporting act.pdf, in the event of a data breach that involves personally identifiable information. Your rights under the Fair Credit Reporting Act include: The right to ask the three nationwide consumer reporting agencies to place fraud alerts in your file to let potential creditors and others know that you may be a victim of identity theft. o An initial fraud alert remains in your file for at least 90 days; o An extended fraud alert remains in your file for seven years; The right to obtain free copies of your credit report; o An initial fraud alert entitles you to a copy of all information in your file for each of the three nationwide consumer reporting agencies: Equifax; Experian; and TransUnion.. 15 Cybersecurity Bill of Rights 11. Request all three nationwide consumer reporting agencies to place a security freeze on your credit report ( credit freeze faqs). A security freeze will limit the consumer reporting agency from releasing your credit report or any information from your credit report without your authorization. 12. Receive an insurer, insurance producer, or other regulated entity s privacy policy regarding the data they collect on you. The regulated entity should provide a clear and conspicuous notice to you that accurately reflects its privacy policies and practices on an annual basis. Note: Your specific data rights are based on and subject to state and federal law. For more details regarding protections in your state, contact your state insurance department. The contact information can be found on the NAIC s web page,

9 Number of Breaches is on the Rise Identity Theft Resource Center (ITRC) documented 783 U.S. data breaches in 2014, representing a 27.5% increase over the number of breaches reported in 2013 * Hacking incidents represented the leading cause of data breach incidents, accounting for 29% of the breaches tracked by the ITRC This was followed for the second year in a row by breaches involving Subcontractor/Third Party at 15.1 %. * Cyber Claims Study PII was the most frequently exposed data (41% of breaches), followed by PHI (21%) and PCI (19%). Hackers were the most frequent cause of loss (30%), followed by Staff Mistakes (14%). Healthcare was the sector most frequently breached (23%), followed closely by Financial Services (22%). Small Revenue ($300M $2B), Micro Revenue ($50M $300M) and Nano Revenue (<$50M) companies experienced the most incidents (25%, 24% and 23% respectively). (SOURCE: NetDiligence 2014 Cyber Claims Study

10 2014 Cyber Claims Study Third parties accounted for 20% of the claims submitted. There was insider involvement in 32% of the claims submitted. The median number of records lost was 3,500. The average number of records lost was 2.4 million. Non zero claim payouts in this year s study ranged from $600 to almost $6.5 million. Typical claims, however ranged from $30,000 to $400,000. (SOURCE: NetDiligence 2014 Cyber Claims Study Cyber Claims Study Median claim payout was $144,000. Average claim payout was $733,109. Healthcare sector $1.3 million. Median per record cost was $ Average per record cost was $ Median cost for Crisis Services (forensics, notification, legal guidance and miscellaneous other) was $110,594. Average cost for Crisis Services was $366,484. Median cost for legal defense was $283,300. Average cost for legal defense was $698,797. Median cost for legal settlement was $150,000. Average cost for legal settlement was $558,520. (SOURCE: NetDiligence 2014 Cyber Claims Study

11 MISSION: CRITICAL Highly valuable information to cyber criminals Cyber Threat Map 1 21 Economic Motivation Estimate of 95% of attacks are economically motivated Attempting to steal data Corporate trade secrets client list Personal information on insureds (Name/address/SS#/banking info) Employee records Insurance Company financial assets cyber crime 22 11

12 Advanced Persistent Threats High End Attacks Ultra sophisticated teams of cyber criminals Deploy increasingly targeted malware in multi staged stealth attacks Goal penetrate all of the perimeter defense systems Intruders look at multiple avenues to exploit all layers of security vulnerabilities until they reach their goal Cyber security field consensus criminals are ahead of the corporations that need to defend themselves 23 Vulnerability is not limited to External Threats Low End Attacks Employees poorly trained, not following required protocols, disgruntled Subcontractors and independent contractors BYOD bring your own device Any party that the company connects to electronically creates a vulnerability vendor and partner management 24 12

13 Balance Risk Management And Use of New Technology Mobile technology, cloud computing and smart devices need appropriate risk management to minimize risk 25 Four Basic Security Controls Restricting user installation of applications ( whitelisting ) Ensuring that the operations system is patched with current updates Ensuring software applications have current updates Restricting Administrative privileges 26 13

14 5 Steps Corporate Boards Should Consider to Enhance Oversight of Corporate Risks Cyber security is an enterprise wide risk management issue, not just IT Directors are responsible to understand the legal risks of cyber security Boards should be adequately informed of cyber security risk / risk management; entire board; not just the audit committee Directors and management work together to have an adequate enterprise wide risk management plan/budget Board management discussions include identification of risk and agreement re: avoidance, mitigation, acceptance and transfer. Including plans for each. Source: Cyber Risk Oversight, Director s Handbook Series, NACD ( National Association of Corporate Directors) 27 Boards Show be Adequately Informed of Cyber Security Risks / Risk Management Schedule educational sessions Participate in company privacy training Consider whether the company should have a cyber and/or IT expert serve on the board Regular reporting to the board by company management on cyber risk security and incidents; quarterl (Source: Cyber Risk Oversight, Director s Handbook Series, NACD)

15 Compliance Basics Assign ultimate privacy and data security responsibility to 1 person Prepare for data security incidents (Additional resources provided) Determine where Personal Information is stored (Additional resources provided) Conduct a risk assessment 29 Compliance Basics Continued Mitigate against identified risks Control your vendors and business partners Implement a continuous workforce training and awareness program Review and Update Procedures 30 15

16 Manage Breach Responding to an Incident Immediate Response Breach Notification Requirements Report Data Breach 31 A Simplified View Data Breach Insurance Response Evaluation of the Data Breach Managing the Short Term Crisis Handling the Long Term Consequences Class Action Lawsuits Discovery of a Data Breach Forensic Investigation and Legal Review Notification and Credit Monitoring Public Relations Regulatory Fines, Penalties, and Consumer Redress Reputational Damage Income Loss 32 16

17 Costs of a Data Breach Our results show that the cost to respond to a data breach is usually between $10 $30 per record for breach response services that include some legal expenses, patient notification letters, call center support, and credit monitoring services. (Keep in mind this number is an average. Costs can exceed $30 a record in some cases. IT costs, Legal fees, and government fines are additional costs.) 33 Coverage Considerations Balance Sheet Protection When considering the limits of insurance Resource Allocation Competing IT demands; insurance = risk transfer Risk Tolerance level Sleep at night 34 17

18 Available Insurance Coverage Multimedia Liability Coverage for third party claims alleging copyright/trademark infringement, libel/slander, advertising, plagiarism, and personal injury. Covers both online and offline media. Security & Privacy Liability Coverage for third party claims alleging liability resulting from a security or privacy breach, including the failure to safeguard online or offline information, or the failure to prevent virus attacks, denial of service of attacks or the transmission of malicious code. 35 Available Insurance Coverage (Continued) Privacy Regulatory Defense & Penalties Coverage for defense costs and fines/penalties incurred in defending against regulatory investigations of privacy or security breaches. Privacy Breach Responses Costs, Customer Notification Expenses and Customer Support and Credit Monitoring Expenses Coverage includes all reasonable legal, public relations, advertising, IT forensic, call center, credit monitoring and postage expenses incurred by the insured in response to a privacy breach

19 Available Insurance Coverage (Continued) BrandGuard Coverage for lost revenue directly resulting from an adverse media report and/or notification to customers of a security or privacy breach. Network Asset Protection Coverage for amounts incurred to recover and/or replace data that is compromised, damaged, lost, erased or corrupted due to accidental damage or destruction of electronic media or computer hardware, administrative or operational mistakes in the handling of electronic data, or computer crime/attacks. Coverage also extends to business income loss and interruption expenses incurred as a result of a total or partial interruption of the insured s computer system directly caused by any of the above events. 37 Available Insurance Coverage (Continued) Cyber Extortion Covers extortion expenses incurred, and extortion monies paid, as a direct result of a credible cyber extortion threat. Cyber Terrorism Coverage for income loss and business interruption expenses directly resulting from a total or partial interruption, degradation in service or failure of the insured s computer system due to a cyber terrorism attack

20 Possible Uninsured Exposures Intentional violation of law damages Prior Act exposures check retroactive date Wear/Tear/Gradual Deterioration Representations made regarding maintaining a certain level of cyber security Damages to data resulting from a Natural Event (may not be covered by Property Insurance either) Loss resulting from power outages Use of programs that are unlicensed or not operational 39 Coverage Features New Cyber Crime PCI Coverage Cyber Terrorism Voluntary Notification Cost Pre Breach cost 40 20

21 Fair Use Disclaimer FAIR USE DISCLAIMER: The following presentation contains copyrighted materials the use of which has not always been specifically authorized by the copyright owner. We are making the information available for education, news reporting, research, teaching and discussion purposes and to advance awareness and understanding of issues relating to personally identifiable information and associated risks. We believe this constitutes fair use of any such copyrighted material as provided for under the Fair Use exemptions of Title 17 U.S.C. Section 107 of the U.S. Copyright Law. Further use is prohibited. If you wish to use copyrighted material from this presentation for purposes of your own that go beyond fair use, you must obtain permission from the copyright owner. 41 Copyrighted Materials List Page 6 & 7 Identity Theft Resource Center Data Breach Source: Identity Theft Resource Center (ITRC) Page 6 Anthem Breach Source: USA Today April 14, Page 6 Excellus Blue Cross Blue Shield Source: Privacy Right Clearinghouse Page 8 11 Regulatory Oversight Privacy and Cyber Source: National Associate of Insurance Commissions Page Cybersecurity Bill of Rights Source: National Associate of Insurance Commissions Page 17 ITRC Data Breaches Source: Identity Theft Resource Center (ITRC) Surveys Studies/2014databreaches.html Page Cyber Claims Study Source: NetDiligence Page 21 $50 Million Class Action Lawsuit Against Long Island Health System Source: Modern Healthcare, Feb Page 21 $400,00 Penalty in HIPAA Case Source: Government Information Security, May penalty in hipaa case a 5782 Page 21 Page 28 Page 29 Three laptops stolen from New York podiatry office 5 Steps Corporate Boards Should Consider to Enhance Oversight of Corporate Risks Boards Show be Adequately Informed of Cyber Security Risks / Risk Management Source: Sims and Associates Podiatry, Important Security and Protection Notification, April, laptops stolen from new york podiatry office 6475 atrisk/article/343644/ Source: Cyber Risk Oversight, Director s Handbook Series, NACD (National Association of Corporate Directors) Source: Cyber Risk Oversight, Director s Handbook Series, NACD (National Association of Corporate Directors)

22 NAS INSURANCE THANK YOU Chris Reese Vice President, Director of Underwriting Connie Rivas Assistant Vice President, Contracts and Legal Services

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the

More information

Managing Cyber & Privacy Risks

Managing Cyber & Privacy Risks Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past

More information

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

Cyber Exposure for Credit Unions

Cyber Exposure for Credit Unions Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of

More information

Privacy Rights Clearing House

Privacy Rights Clearing House 10/13/15 Cybersecurity in Education What you face as educational organizations How to Identify, Monitor and Protect Presented by Jamie Gershon Sr. Vice President Education Practice Group 1 Privacy Rights

More information

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former

More information

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures

More information

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics

More information

Cyber/ Network Security. FINEX Global

Cyber/ Network Security. FINEX Global Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over

More information

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :

More information

CYBER RISK SECURITY, NETWORK & PRIVACY

CYBER RISK SECURITY, NETWORK & PRIVACY CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies

More information

Beyond Data Breach: Cyber Trends and Exposures

Beyond Data Breach: Cyber Trends and Exposures Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in

More information

Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind

Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind Page1 Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind The use of electronic medical records (EMRs) to maintain patient information is encouraged today and

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

Information Security Handbook

Information Security Handbook Information Security Handbook Adopted 6/4/14 Page 0 Page 1 1. Introduction... 5 1.1. Executive Summary... 5 1.2. Governance... 5 1.3. Scope and Application... 5 1.4. Biennial Review... 5 2. Definitions...

More information

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information

More information

Cyber Liability. What School Districts Need to Know

Cyber Liability. What School Districts Need to Know Cyber Liability What School Districts Need to Know Data Breaches Growing In Number Between January 1, 2008 and April 4, 2012 314,216,842 reported records containing sensitive personal information have

More information

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently

More information

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today

More information

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

Cyber Insurance: How to Investigate the Right Coverage for Your Company

Cyber Insurance: How to Investigate the Right Coverage for Your Company 6-11-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

Understanding. your Cyber Liability coverage

Understanding. your Cyber Liability coverage Understanding your Cyber Liability coverage TEXAS MEDICAL LIABILITY TRUST 901 S. Mopac Expressway Barton Oaks Plaza V, Suite 500 Austin, TX 78746-5942 P.O. Box 160140 Austin, TX 78716-0140 800-580-8658

More information

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS RRD Donnelley SEC Hot Topics Institute May 21, 2014 1 MANAGING CYBERSECURITY RISK AND DISCLOSURE OBLIGATIONS Patrick J. Schultheis Partner Wilson

More information

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION

More information

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection

More information

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING

More information

Law Firm Cyber Security & Compliance Risks

Law Firm Cyber Security & Compliance Risks ALA WEBINAR Law Firm Cyber Security & Compliance Risks James Harrison CEO, INVISUS Breach Risks & Trends 27.5% increase in breaches in 2014 (ITRC) Over 500 million personal records lost or stolen in 2014

More information

CYBER SECURITY SPECIALREPORT

CYBER SECURITY SPECIALREPORT CYBER SECURITY SPECIALREPORT 32 The RMA Journal February 2015 Copyright 2015 by RMA INSURANCE IS AN IMPORTANT TOOL IN CYBER RISK MITIGATION Shutterstock, Inc. The time to prepare for a potential cyber

More information

Cyber Threats: Exposures and Breach Costs

Cyber Threats: Exposures and Breach Costs Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals

More information

cyber invasions cyber risk insurance AFP Exchange

cyber invasions cyber risk insurance AFP Exchange Cyber Risk With cyber invasions now a common place occurrence, insurance coverage isn t found in your liability policy. So many different types of computer invasions exist, but there is cyber risk insurance

More information

CAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance

CAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance Fundamentals of Cyber Risk Brad Gow June 9th, 2015 Endurance But consider the kickoff chuckle to a speech given to the Wharton School in March 1977 by Sidney Homer of Salomon Brothers, the leading bond

More information

Joe A. Ramirez Catherine Crane

Joe A. Ramirez Catherine Crane RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract

More information

Privacy and Data Breach Protection Modular application form

Privacy and Data Breach Protection Modular application form Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while

More information

DATA BREACH COVERAGE

DATA BREACH COVERAGE THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000

More information

Cyber-Crime Protection

Cyber-Crime Protection Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living

More information

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014

More information

Cyber Liability. AlaHA Annual Meeting 2013

Cyber Liability. AlaHA Annual Meeting 2013 Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages

More information

Cyber Insurance Presentation

Cyber Insurance Presentation Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance

More information

NZI LIABILITY CYBER. Are you protected?

NZI LIABILITY CYBER. Are you protected? NZI LIABILITY CYBER Are you protected? Any business that operates online is vulnerable to cyber attacks and data breaches. From viruses and hackers to employee error and system damage, your business is

More information

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem.

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem. Cybersecurity: Minimizing Risk & Responding to Breaches March 5, 2015 Andy Chambers Michael Kelly Jimmie Pursell Scope of Problem Data Breaches A Daily Phenomenon Anthem JP Morgan / Chase Sony Home Depot

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Data Breach Cost. Risks, costs and mitigation strategies for data breaches Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,

More information

Cybersecurity: Protecting Your Business. March 11, 2015

Cybersecurity: Protecting Your Business. March 11, 2015 Cybersecurity: Protecting Your Business March 11, 2015 Grant Thornton. All LLP. rights All reserved. rights reserved. Agenda Introductions Presenters Cybersecurity Cybersecurity Trends Cybersecurity Attacks

More information

CyberSecurity for Law Firms

CyberSecurity for Law Firms CyberSecurity for Law Firms Cracking the Cyber Code: Recent Headlines, Reinforcing the Need and Response Planning July 16, 2013 Making the Case Matthew Magner Senior Underwriting Officer Chubb & Son, a

More information

Anatomy of a Privacy and Data Breach

Anatomy of a Privacy and Data Breach Anatomy of a Privacy and Data Breach Understanding the Risk and Managing a Crisis Adam Kardash: Partner, Heenan Blaikie LLP Robert Parisi: Senior Vice President, Marsh Leadership, Knowledge, Solutions

More information

Cyber Liability & Data Breach Insurance Claims

Cyber Liability & Data Breach Insurance Claims Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011 Last year, privacy breaches ran about 1-2 per week. This

More information

Cyber Risks in the Boardroom

Cyber Risks in the Boardroom Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing

More information

Cyber Insurance: How to Investigate the

Cyber Insurance: How to Investigate the 10-26-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

SMB Data Breach Risk Management Best Practices. By Mark Pribish February 19, 2015

SMB Data Breach Risk Management Best Practices. By Mark Pribish February 19, 2015 SMB Data Breach Risk Management Best Practices By Mark Pribish February 19, 2015 Presentation Agenda About Mark Pribish Information Governance The Threat Landscape Data Breach Trends Legislative and Regulatory

More information

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014

More information

Rogers Insurance Client Presentation

Rogers Insurance Client Presentation Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com

More information

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become

More information

Cyber and data Policy wording

Cyber and data Policy wording Please read the schedule to see whether Breach costs, Cyber business interruption, Hacker damage, Cyber extortion, Privacy protection or Media liability are covered by this section. The General terms and

More information

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Cyber Liability Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Today s Agenda What is Cyber Liability? What are the exposures? Reality of a

More information

Cyber Risks and Insurance Solutions Malaysia, November 2013

Cyber Risks and Insurance Solutions Malaysia, November 2013 Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare

More information

Cybersecurity. Are you prepared?

Cybersecurity. Are you prepared? Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data

More information

Understanding Professional Liability Insurance

Understanding Professional Liability Insurance Understanding Professional Liability Insurance Definition Professional liability is more commonly known as errors & omissions (E&O) and is a form of liability insurance that helps protect professional

More information

Cyber Risks in Italian market

Cyber Risks in Italian market Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends

More information

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd Lessons Learned from Recent HIPAA and Big Data Breaches Briar Andresen Katie Ilten Ann Ladd Recent health care breaches Breach reports to OCR as of February 2015 1,144 breaches involving 500 or more individual

More information

Cyber/Information Security Insurance. Pros / Cons and Facts to Consider

Cyber/Information Security Insurance. Pros / Cons and Facts to Consider 1 Cyber/Information Security Insurance Pros / Cons and Facts to Consider 2 Presenters Calvin Rhodes, Georgia Chief Information Officer Ron Baldwin, Montana Chief Information Officer Ted Kobus, Partner

More information

4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015

4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015 CYBER LIABILITY AND AVIATION Presented by Hal Hunt May 3, 2015 AGENDA Introduction Leaning Objectives Threat Examples Underwriting Protection/Cyber Policy Summary 2 LEARNING OBJECTIVES Understand Key Terms

More information

Insulate Your Company from a Cyber Breach: Proactive Steps to Minimize Breach Risks & Impact. February 10, 2015

Insulate Your Company from a Cyber Breach: Proactive Steps to Minimize Breach Risks & Impact. February 10, 2015 Insulate Your Company from a Cyber Breach: Proactive Steps to Minimize Breach Risks & Impact February 10, 2015 Overview 1 The Legal Risks And Issues/The Role Of Legal Counsel: The Breach Coach The Slippery

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Pam Townley, AVP / Eastern Zonal Manager AIG Professional Liability Division Jennifer Bolling, Account Executive Gallagher Management Liability Division

More information

Network Security and Data Privacy Insurance for Physician Groups

Network Security and Data Privacy Insurance for Physician Groups Network Security and Data Privacy Insurance for Physician Groups February 2014 Lockton Companies While exposure to medical malpractice remains a principal risk MIKE EGAN, CPCU Senior Vice President Unit

More information

Enterprise PrivaProtector 9.0

Enterprise PrivaProtector 9.0 IRONSHORE INSURANCE COMPANIES 75 Federal St Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING FOR A CLAIMS

More information

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Thank you for joining us. We have a great many participants in today s call. Your phone is currently

More information

Ed McMurray, CISA, CISSP, CTGA CoNetrix

Ed McMurray, CISA, CISSP, CTGA CoNetrix Ed McMurray, CISA, CISSP, CTGA CoNetrix AGENDA Introduction Cybersecurity Recent News Regulatory Statements NIST Cybersecurity Framework FFIEC Cybersecurity Assessment Questions Information Security Stats

More information

Delaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP

Delaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP Changing Legal Landscape in Cybersecurity: Implications for Business Delaware Cyber Security Workshop September 29, 2015 William R. Denny, Esquire Potter Anderson & Corroon LLP Agenda Growing Cyber Threats

More information

Protecting Your Employees from Identity Theft

Protecting Your Employees from Identity Theft Protecting Your Employees from Identity Theft Date: May 16, 2016 Presentation Outline Data breach Identity Theft Impact on public employers, employees Risk management considerations GALLAGHER BENEFIT SERVICES,

More information

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10) MIT s Information Security Program for Protecting Personal Information Requiring Notification (Revision date: 2/26/10) Table of Contents 1. Program Summary... 3 2. Definitions... 4 2.1 Identity Theft...

More information

ISO? ISO? ISO? LTD ISO?

ISO? ISO? ISO? LTD ISO? Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet

More information

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Linda Vincent, R.N., P.I., CITRMS Vincent & Associates Founder The Identity Advocate San Pedro, California The opinions expressed

More information

Big Data, Big Risk, Big Rewards. Hussein Syed

Big Data, Big Risk, Big Rewards. Hussein Syed Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data

More information

Data Security Incident Response Plan. [Insert Organization Name]

Data Security Incident Response Plan. [Insert Organization Name] Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security

More information

Cyber Risk Insurance for Agents. Frequently Asked Questions

Cyber Risk Insurance for Agents. Frequently Asked Questions Cyber Risk Insurance for Agents Frequently Asked Questions 1 Cyber Risk Insurance About Great American Insurance Great American Insurance Group s roots go back to 1872 with the founding of its flagship

More information

CYBER & PRIVACY LIABILITY INSURANCE GUIDE

CYBER & PRIVACY LIABILITY INSURANCE GUIDE CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,

More information

Adding Cloud Solutions to Customer Contracts Robert J. Scott

Adding Cloud Solutions to Customer Contracts Robert J. Scott Adding Cloud Solutions to Customer Contracts Robert J. Scott MSP vs. Cloud Who owns the hardware? Where does the data reside? Dedicated vs. Multi tenant? Who contracts with 3 rd parties? How are services

More information

The Data Breach: How to stay defensible before, during and after the incident. Alex Ricardo, CIPP/US Breach Response Services

The Data Breach: How to stay defensible before, during and after the incident. Alex Ricardo, CIPP/US Breach Response Services The Data Breach: How to stay defensible before, during and after the incident. Alex Ricardo, CIPP/US Breach Response Services What we are NOT doing today Providing Legal Advice o Informational Purposes

More information

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 TOPICS 1. Threats to your business s data 2. Legal obligations

More information

Stay ahead of insiderthreats with predictive,intelligent security

Stay ahead of insiderthreats with predictive,intelligent security Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent

More information

Navigating the Waters of Incident Response and Recovery

Navigating the Waters of Incident Response and Recovery Navigating the Waters of Incident Response and Recovery Lee Kim, Esq. Tucker Arensberg, P.C. CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013 2013 Lee Kim

More information

Standard: Information Security Incident Management

Standard: Information Security Incident Management Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of

More information

Adopting a Cybersecurity Framework for Governance and Risk Management

Adopting a Cybersecurity Framework for Governance and Risk Management The American Hospital Association s Center for Healthcare Governance 2015 Fall Symposium Adopting a Cybersecurity Framework for Governance and Risk Management Jim Giordano Vice Chairman & Chair of Finance

More information

Cybersecurity Workshop

Cybersecurity Workshop Cybersecurity Workshop February 10, 2015 E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. 150 West Main Street, Suite 2100 Norfolk, VA 23510 (757) 624-3153

More information

Discussion on Network Security & Privacy Liability Exposures and Insurance

Discussion on Network Security & Privacy Liability Exposures and Insurance Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter

More information

AHLA. N. HIPAA Security Breaches: What Should We Be Doing to Keep Us Out of the Headlines? Diane E. Felix Armstrong Teasdale LLP Saint Louis, MO

AHLA. N. HIPAA Security Breaches: What Should We Be Doing to Keep Us Out of the Headlines? Diane E. Felix Armstrong Teasdale LLP Saint Louis, MO AHLA N. HIPAA Security Breaches: What Should We Be Doing to Keep Us Out of the Headlines? Diane E. Felix Armstrong Teasdale LLP Saint Louis, MO Anthony J. Munns Brown Smith Wallace LLC Saint Louis, MO

More information

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title

More information

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Investment in cyber insurance Lockton Companies

More information

Zip It! Feds, State Strengthen Privacy Protection. Practice Management Feature July 2012. Tex Med. 2012;108(7):33-37.

Zip It! Feds, State Strengthen Privacy Protection. Practice Management Feature July 2012. Tex Med. 2012;108(7):33-37. Zip It! Feds, State Strengthen Privacy Protection Practice Management Feature July 2012 Tex Med. 2012;108(7):33-37. By Crystal Conde Associate Editor When it comes to enforcing HIPAA data security and

More information

GRC/Cyber Insurance. February 18, 2014. Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London. Join the conversation: #ISSAWebConf

GRC/Cyber Insurance. February 18, 2014. Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London. Join the conversation: #ISSAWebConf GRC/Cyber Insurance February 18, 2014 Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London Join the conversation: 1 Generously sponsored by: 2 Welcome Conference Moderator Allan Wall ISSA Web Conference

More information

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Today s agenda Introductions Cyber exposure overview Cyber insurance market and coverages Captive cyber insurance

More information

Cyber-insurance: Understanding Your Risks

Cyber-insurance: Understanding Your Risks Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some

More information

Cyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014

Cyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014 Cyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014 2014, Mika Meyers Beckett & Jones PLC All Rights Reserved Presented by: Jennifer A. Puplava

More information

Why Lawyers? Why Now?

Why Lawyers? Why Now? TODAY S PRESENTERS Why Lawyers? Why Now? New HIPAA regulations go into effect September 23, 2013 Expands HIPAA safeguarding and breach liabilities for business associates (BAs) Lawyer is considered a business

More information

10 Smart Ideas for. Keeping Data Safe. From Hackers

10 Smart Ideas for. Keeping Data Safe. From Hackers 0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000

More information