Managing E-Risks in today s cyberspace: Growth of Cyber Liability Insurance
|
|
- Jason Porter
- 7 years ago
- Views:
Transcription
1 WHITEPAPER MARCH Managing E-Risks in today s cyberspace: Growth of Cyber Liability Insurance
2 Abstract With cyber-attacks becoming increasingly sophisticated and frequent, and with IT data volumes growing at an unprecedented rate, data breaches have become inevitable. Leading organizations across the world are failing to deal with cyber threats in their risk management strategies. These threats will become considerably more acute for organizations as a result of growing dependence on technology and web-based solutions such as cloud computing. While cyber risks are sometimes thought of as online or Internet risks, a massive information theft recently occurred at Target s brick-and-mortar stores when customers swiped cards and entered PINs while making in-store purchases. Currently, most buyers are high risk entities such as financial institutions, healthcare providers and retail companies. But as these larger businesses develop a better understanding of the risks associated with holding private data electronically and take measures to protect themselves, hackers will turn their attention towards smaller organizations. Whilst the rewards might not be as high, SMEs are often less secure and less prepared in the event of a privacy breach. Therefore cyber cover will be seen as an essential component of any commercial insurance program for every size of business operating in every market and industry. Average total cost of data breach( 000 USD) Average cost per capita of data breach (USD)
3 Am I exposed to cyber risk? What risk do I face in case of an attack? Any company that stores personal data, are reliant on computer or telephone network, digital information or the internet face cyber risks. In short, every business in the world today faces cyber risks, some of the core cyber exposures include. Risk Types Costs Involved First Party Network Loss Privacy Breach and Security Liability Loss of business income Costs to restore the network Costs to replicate/replace lost data Increased cost of working 3rd Party damages Regulatory fines and penalties PR costs Costs to notify affected individuals Identity Theft monitoring costs Forensics costs Legal fees Reputational Loss Loss in sales revenue PR costs Cyber Extortions Extortion expenses PR costs Legal fees Target store s recent data breach involves many issues, such as reputational damage, legal and PR issues, potential legal liability for fraudulent charges, customer lawsuits, shareholder lawsuits, bank and credit union lawsuits, PCI DSS penalties/fines, regulatory fines, POS network security failure, potential drop in share price, impacted P&L reports and investigations by State Attorneys General, the Secret Service, FBI and Federal Trade Commission. Target has already announced to offer free credit report monitoring to affected consumers in order to salvage the situation on PR front.
4 Changing Regulatory Landscape imposing greater risks New data privacy bills are being introduced around the globe, with the United States and European Union at the forefront. Mandatory encryption of all sensitive personal information globally. Privacy breach fines will increase significantly from current levels. Statutory damages, a fixed cost per record breached, will be brought in for loss of personal data. Risk Transfer Options There are generally four accepted ways of dealing with business risk: Acceptance, Mitigation, Avoidance and Transfer. Typically, some combination of these strategies is implemented, depending on the particular risk. In case of Cyber-attacks following measures were mostly used: Acceptance: budgeting for expected losses. Mitigation: deploying processes or technologies to reduce risk such as information security and breach response plan, physical security measures, network security measures, device security measures and data, e-publishing and social media policies. However lately, insurance carriers are witnessing uptake in avoidance and transfer strategies such as: Contractual obligation in case of outsourcing or hedging third party risks. Cyber coverage on a primary basis with breach response and coverage varying based on insurer and policy structure. Additional insurers for consideration of excess limits. Self-insure against data breaches through non-traditional captive underwriting (1% of captive risk coverage currently) especially among retail and consumer product companies. Cyber Liability Insurance and Cyber coverage The marketplace has evolved to provide cyber specific services solution, including loss control resources; data breach coaches, dedicated claims resources, pre-approved panels of vendors and service providers to address each element of breach response. Following chart shows difference in cyber coverage to traditional policies.
5 Coverage Type General Liability Property/Business Interruption Professional Liability Cyber Liability First Party Cyber Losses Network Interruption Restoration, Recollection, Recreation of Digital Assets Cyber Extortions Data Privacy and Security Third Party Losses Breach of Sensitive third Party Information Intellectual Property Infringement, Plagiarism and Defamation Data Breach Caused by a Third Party Outsourcer Distributed Denial of Service or Lost/Stolen Laptop or Hardware Data Breach due to a Security Breach Data Privacy and Security First Party Losses Data Protection Fines and Penalties Data Protection Investigation and Defense Expenses Public Relations Costs Data Protection Legal Expenses Credit/Identity Theft Monitoring Expenses Data Breach Notification Expenses Industry Adoption The number of United States companies purchasing cyber insurance has increased with the availability of the insurance products. Services industry, which includes professional, business, legal, accounting and personal services firms, experienced the largest uptick in the number of clients purchasing cyber insurance.
6 ACE, AIG, Beazley and Hiscox are the biggest insurer in the market having large books of claims and are handling several claims per week. Market Outlook Annual Gross Written Premium: Industry revenue is expected to grow at an average annual rate of 11.8% to 1.5 billion USD because of the rising percentage of services conducted online. Market Concentration: Concentration in the Cyber Liability Insurance industry is low. Most insurance providers operate within metropolitan areas and provide services to a wide range of clients, which includes Fortune 500 corporations and start-up companies. Market share of insurers in major markets like US and Europe has decreased in the last five years to 2013 due to increasing competition. As a result, larger companies have started looking to expand their footprint in more profitable areas where such threats are most prominent. Purchasing Models Stakeholder Involvement Brokerage Primary purchasing evaluation and decision making in selecting and obtaining cyber risk policies is typically handled, by risk management teams, compliance leaders or, CSO/CISO with secondary input from general counsels, CFOs and other C-Level or business unit executives. A good specialist broker is usually preferred. However, this may or may not be the incumbent broker for non-cyber risks. Specialist brokers will not only help in getting the most appropriate coverage and favorable policy terms for the organization but will also help in the overall IT and security risk assessment required by the insurer during application.
7 Coverage Model: Regional coverage model is the most widely adopted model in the industry due to various factors: Geographical Limitation: Currently insurers have not expanded globally in their offerings on cyber insurance. Buyers find it difficult to obtain consistent coverage on their requirements globally. Underwriting Capabilities: High premium rates, coverage deductions are major reasons for low uptake of the insurance among buyers. Low market capacities, risk averseness of the insurers make it difficult for insured and brokers to structure cyber liability insurance for a corporation globally. Regulations: Regulation is a big constraint in the market. Major matured markets vary diversely from the developing markets in their data privacy laws and regulations. Also policy triggers, breach costs varies with region. Regional policy helps buyers to be consistent with the local laws and regulations. Purchase Recommendations Exposure Analysis: The first step in buying cyber insurance is to understand the nature and the extent of the risks facing the organization. For some businesses, like banks and retailers, the primary concern is the theft of personal financial information. On the other hand, the major risk to a utility or energy company is the disruption of critical businesses or physical operations through attacks on networks. Businesses should tailor their coverage to the risks that they face.
8 Analyze Coverage Model: Revenue loss due to network business interruption, information asset loss, first party data breach mitigation Financial damages or loss due to failure of technology or software to perform as intended, third party financial damages from a data breach, data breach-related regulatory fines and penalties, contingent regulatory losses, recall costs where no tangible damage in end product occurs. Revenue loss due to property damage events 3rd party recall costs associated with tangibly damaged goods or products Revenue loss due to theft of trade secrets/ intellectual capital and introduction of competing products into marketplace, criminal fines and penalties 3rd party property damage or bodily injury losses where insured s products directly cause loss. Should be covered under GL products/recall policies. Covered under property, general workers comp programs liability, and Contingent bodily injury and property damage losses due to the failure of technology or software products (no direct damage) Other recommendations: Negotiate Retroactive Coverage: Cyber policies sometimes restrict coverage to breaches or losses that occur after a specific date. In some forms, this is the inception date of the policy. This means that there would be no coverage for breaches that occurred before the inception of the policy. Because breaches may go undetected for some period of time, it is important to purchase coverage with the earliest possible retroactive date. Triggers: It is important to understand what activates coverage under your cyber policy. Some policies are triggered on the date the loss occurs, while others are triggered on the date that a claim is made against the insured. In order to provide proper notice, you need to understand how coverage applies under each policy you purchase. Cyber Insurance with Indemnity Agreements: Organizations should ensure that their company s indemnity agreements work hand-in-hand with cyber insurance. For example, many cyber insurance policies have retentions and require that the retention be satisfied by the insured. Insurers may interpret that the insured pay the retention out of its own pocket and that a payment by a third party under an
9 indemnity agreement would not satisfy the retention. This is a subject for negotiation with the insurer during the underwriting process. Sublimit: Most cyber insurance policies impose sublimit on some coverage, such as for crisis management expenses, notification costs and regulatory investigations. These sublimits are often inadequate, but many carriers are willing to negotiate on the size of the sublimit, often with no increase in premium. Security Infrastructure and Cyber Insurance Upon application of cyber insurance policy, most insurers will undertake either a security audit or review of disaster plan as part of its risk assessment for actuarial purposes. Large corporations are generally assessed by independent third-parties, usually at their own expense. The assessment covers security configurations, documentation of security plans, password management, backup procedures and more. Industry best practices in securing data such as encryption, PCI DSS; installation of firewall and antivirus is some bare requirements depending upon industry type. For example, Travelers application asks whether multi-factor authentication process (multiple security measures used to reliably authenticate/verify the identity of a customer or other authorized user) or a layered security approach is required to access secure areas of Applicant's website. Obviously, the risk assessment of security practices will impact not only the organizations qualification but also its premiums. Through periodic security evaluation, cyber insurance forces insured to review its practices and encourage making them better either by putting additional security technologies in place or training employees to handle private information safely. Improving data security will help lower premium payment. Carriers have started offering risk management services and loss control program to help clients in area of security plan development, data security training to employees, detailed vulnerability assessments and many more. Some carriers have web portals providing free security advice, free services like privacy training, or discounted products and services. Industry Benchmarks:
10 Insurance Limits Widely Purchased Limit Average Limit Maximum Limit US Business (Single Policy) 1-5 Million USD 16.8 Million USD Million USD (single insurer) US Business (Multiple tower policy) Million USD Deductibles Widely Purchased Limit Average Limit Maximum Limit Small and Medium Enterprise ,000 USD - - Large Companies 250, Million+ USD. - - Premiums Average Premium Small and Medium Enterprise 10,000 to 35,000 USD for 1 million USD in coverage Large Companies 10,000 50,000 USD for 1 million USD in coverage Premium Growths Network, Information Security, and Private 5% decrease to 5% increase Flat to 5% increase With increase in availability of cyber insurance, insurers have developed understanding of these risks. Some carriers have good underwriting experience in the market compared to others. As a result, insurers face difficulty in pricing these insurance structures, and large variances (as much as 25 percent) in premiums can be observed by different insurers to insure the same risk. When should you consider Cyber Insurance? Decision whether to hedge cyber risks through insurance depends on various factors such Client industry (Certain industries are at high risk than others) Exposure to third party sensitive data (such as credit card details, personal details etc.) IT infrastructure management and dependence on cloud or hosted services Involvement of outsourcing partners.
11 However there are two major ways to determine the impact: Risk Assessment: Comparing Data Breach costs (financial and reputational impact) to deductible offered by the insurer and premiums charged. In case, Data Breach Cost <= Deductible offered by Insurer. (No insurance taken, internal IT infrastructure and security is strengthened and enhanced) Gap Analysis: Assess security strength against any potential threat. In case threat posed is low or manageable many organizations opt for self-insurance and purchase a re-insurance cover against it. Success Stories Client Industry Client Name Information stored Breach Incident Insurance Coverage HealthCare Partner s Healthcare Health care records, personal details, credit card payment details (130 Million USD) Employee left records of 192 Massachusetts General Hospital patients on an MBTA train. Separate cyber insurance coverage was purchased, instead of relying on an umbrella policy. The hospital paid a 1 million USD fine to the US Department of Health and Human Services, which was covered by the cyber insurance. Client Industry Client Name Information stored Breach Incident Insurance Coverage Retail Target Personal details, credit card details Data breach of 70 million customer s credit card details. 100 million of cyber insurance, including self-insured retentions, and 65 million USD of directors and officer s liability coverage. Target is self-insured for the first 10 million USD of cyber coverage. Additional cyber insurance through: o 15 million USD of excess coverage with Ace Ltd. o 15 million USD layer with AIG Inc. o 10 million USD layer with Bermuda-based Axis Capital Holdings Ltd o 10 million USD coverage layer with AIG o Quota share for the next $40 million of cyber insurance divided among four unidentified insurers.
12 Client Industry Client Name Information stored Breach Incident Insurance Coverage Financial Services BNY Mellon Customer account details Loss of Backup Tapes containing encrypted customer details. Cyber liability insurance bought 5 years ago for 10 million USD Since purchasing the initial policy, the bank has increased limit to 50 million USD limit. Policy s coverage terms and conditions have also broadened to include victim notification of a breach. Conclusion Cyber threats are increasing globally and with enactment of various laws and regulations, various industries (existing and new) are facing enhanced risks and financial impact in case of data breaches. High premium rates and coverage exclusions were major constraints to the product s growth; insurers in recent years have increased both capacity and coverage to make the product more relevant to its buyers. Prices currently offered by insurers are much comprehensive compared to coverage s offered 10 years back when the product was launched. But with cyber related claims frequency and severity increasing in the last few years premium are expected to remain flat or increase slightly. Cyber liability insurance has become a less discretional spend in recent years. It is already a part of board discussions and with the increase in the product and supplier market maturity; it is expected to become a mandatory purchase for certain industries.
Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements
Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President
More informationDiscussion on Network Security & Privacy Liability Exposures and Insurance
Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter
More informationCYBER RISK SECURITY, NETWORK & PRIVACY
CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread
More informationRISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION
RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former
More informationCYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS
CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become
More informationCyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor
Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationJoe A. Ramirez Catherine Crane
RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract
More informationManaging Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal
Managing Cyber Threats Risk Management & Insurance Solutions Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal Overview Recent Trends and Loss Exposures Risk Management Strategies
More informationCyber/ Network Security. FINEX Global
Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over
More informationBest practices and insight to protect your firm today against tomorrow s cybersecurity breach
Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently
More informationNZI LIABILITY CYBER. Are you protected?
NZI LIABILITY CYBER Are you protected? Any business that operates online is vulnerable to cyber attacks and data breaches. From viruses and hackers to employee error and system damage, your business is
More informationMANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS
MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS RRD Donnelley SEC Hot Topics Institute May 21, 2014 1 MANAGING CYBERSECURITY RISK AND DISCLOSURE OBLIGATIONS Patrick J. Schultheis Partner Wilson
More informationISO? ISO? ISO? LTD ISO?
Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet
More informationCyber Risk: Global Warning? by Cinzia Altomare, Gen Re
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in
More informationGALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability
GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the
More informationCyber Threats and the Insurance Response
Cyber Threats and the Insurance Response Scott Reeves & Laurence Yan Munich Reinsurance Company This presentation has been prepared for the Actuaries Institute 2014 General Insurance Seminar. The Institute
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Investment in cyber insurance Lockton Companies
More informationZurich Security And Privacy Protection Policy Application
Zurich Security And Privacy Protection Policy Application COVERAGE A. AND COVERAGE F. OF THE POLICY FOR WHICH YOU ARE APPLYING IS WRITTEN ON A CLAIMS FIRST MADE AND REPORTED BASIS. ONLY CLAIMS FIRST MADE
More informationData Breach and Senior Living Communities May 29, 2015
Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs
More informationDon t Wait Until It s Too Late: Top 10 Recommendations for Negotiating Your Cyber Insurance Policy
Privacy, Data Security & Information Use Insurance Recovery & Advisory Cyber Insurance June 17, 2015 Don t Wait Until It s Too Late: Top 10 Recommendations for Negotiating Your Cyber Insurance Policy By
More informationCyber Risk Management
Cyber Risk Management A short guide to best practice Insight October 2014 So what exactly is 'cyber risk'? In essence, cyber risk means the risk connected to online activity and internet trading but also
More informationWhat would you do if your agency had a data breach?
What would you do if your agency had a data breach? 80% of businesses fail to recover from a breach because they do not know this answer. Responding to a breach is a complicated process that requires the
More informationCYBER & PRIVACY LIABILITY INSURANCE GUIDE
CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,
More informationProtecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks
Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks Hacks, breaches, stolen data, trade secrets hijacked, privacy violated, ransom demands made; how can you protect your data
More informationCyber Exposure for Credit Unions
Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of
More informationCyber Liability & Data Breach Insurance Claims
Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011 Last year, privacy breaches ran about 1-2 per week. This
More informationHow To Cover A Data Breach In The European Market
SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to
More informationCyberinsurance: Insuring for Data Breach Risk
View the online version at http://us.practicallaw.com/2-588-8785 Cyberinsurance: Insuring for Data Breach Risk JUDY SELBY AND C. ZACHARY ROSENBERG, BAKER HOSTETLER LLP, WITH PRACTICAL LAW INTELLECTUAL
More informationCYBER/ NETWORK SECURITY
CYBER/ NETWORK SECURITY FINEX AUSTRALIA ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over
More informationManaging Cyber Risk through Insurance
Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes
More informationCyber Insurance as one element of the Cyber risk management strategy
Cyber Insurance as one element of the Cyber risk management strategy Stéphane Hurtaud Partner Governance, Risk & Compliance Thierry Flamand Partner Insurance Leader Laurent de la Vaissière Director Governance,
More informationINFORMATION SECURITY CYBER LIABILITY RISK MANAGEMENT. October 2013. Sponsored by:
2013 INFORMATION SECURITY CYBER LIABILITY RISK MANAGEMENT & October 2013 & INFORMATION SECURITY CYBER LIABILITY RISK MANAGEMENT: The Third Annual Survey on the Current State of and Trends in Information
More informationCyber Risks and Insurance Solutions Malaysia, November 2013
Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare
More informationCyber-insurance: Understanding Your Risks
Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some
More informationBe Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance
Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Today s agenda Introductions Cyber exposure overview Cyber insurance market and coverages Captive cyber insurance
More informationAirmic Review of Recent Developments in the Cyber Insurance Market. & commentary on the increased availability of cyber insurance products GUIDE
Airmic Review of Recent Developments in the Cyber Insurance Market & commentary on the increased availability of cyber insurance products GUIDE 1. Executive summary Airmic members have become increasingly
More informationTen Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder
Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system
More informationNetwork Security & Privacy Landscape
Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies
More informationDemystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature
Demystifying Cyber Insurance Jamie Monck-Mason & Andrew Hill Introduction What is cyber? Nomenclature 1 What specific risks does cyber insurance cover? First party risks - losses arising from a data breach
More informationCyber-Crime Protection
Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living
More informationData breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC
Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you
More informationSTATE of the market ON CYBER RISK
STATE of the market ON CYBER RISK TABLE OF CONTENTS The Takeaway 1 The Overview 2 Review & Outlook 5 Placements & Considerations 7 Summary 9 Notes 10 THE TAKEAWAY Year-over-year increases in the frequency
More informationEmbracing Cyber Risk: Insurance Solutions
Embracing Cyber Risk: Insurance Solutions ANZIIF Risk Rendezvous 15 Ian Pollard, Managing Director, Delta Insurance New Zealand Limited Agenda Risk Management Risk Transfer and Insurance Cyber attacks
More informationData Breach Cost. Risks, costs and mitigation strategies for data breaches
Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,
More informationAirmic review of the supply chain insurance market Review of recent developments in the supply chain insurance market
REPORT Airmic review of the supply chain insurance market Review of recent developments in the supply chain insurance market 1. Executive summary Increasingly complex supply chains, together with greater
More informationCyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029
Cyber Liability Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Today s Agenda What is Cyber Liability? What are the exposures? Reality of a
More informationWillis Healthcare Practice 11 th Annual Forum July 10,2007. Managing and Insuring Risks in Network Privacy/Cyber Risk
Willis Healthcare Practice 11 th Annual Forum July 10,2007 Managing and Insuring Risks in Network Privacy/Cyber Risk What is Network Security & Privacy Insurance? Created to cover gaps in traditional insurance
More informationAPIP - Cyber Liability Insurance Coverages, Limits, and FAQ
APIP - Cyber Liability Insurance Coverages, Limits, and FAQ The state of Washington purchases property insurance from Alliant Insurance Services through the Alliant Property Insurance Program (APIP). APIP
More informationCyber/Information Security Insurance. Pros / Cons and Facts to Consider
1 Cyber/Information Security Insurance Pros / Cons and Facts to Consider 2 Presenters Calvin Rhodes, Georgia Chief Information Officer Ron Baldwin, Montana Chief Information Officer Ted Kobus, Partner
More informationCyber and Data Security. Proposal form
Cyber and Data Security Proposal form This proposal form must be completed and signed by a principal, director or a partner of the proposed insured. Cover and Quotation requirements Please indicate which
More informationYOUR TRUSTED PARTNER IN A DIGITAL AGE. A guide to Hiscox Cyber and Data Insurance
YOUR TRUSTED PARTNER IN A DIGITAL AGE A guide to Hiscox Cyber and Data Insurance 2 THE CYBER AND DATA RISK TO YOUR BUSINESS This digital guide will help you find out more about the potential cyber and
More informationState of the Cyber Insurance Market
State of the Cyber Insurance Market Ten Lessons Learned From Major Retailer Breaches August 2014 Lockton Companies There has been extensive adverse publicity surrounding what has become EMILY FREEMAN Lockton
More informationCYBER INSURANCE. Cyber Insurance and Gaps in Traditional Insurance. Cyber and E&O Team Willis FINEX North America
CYBER INSURANCE Cyber Insurance and Gaps in Traditional Insurance Cyber and E&O Team Willis FINEX North America Privacy & Network Security (Cyber) Insurance COVERAGE MODULES Privacy Expense Consumer Notification
More informationData breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd
Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures
More informationCoverage is subject to a Deductible
Frank Cowan Company Limited 75 Main Street North, Princeton, ON N0J 1V0 Phone: 519-458-4331 Fax: 519-458-4366 Toll Free: 1-800-265-4000 www.frankcowan.com CYBER RISK INSURANCE DETAILED APPLICATION Notes:
More informationPrivacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec
Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,
More informationCyber Risks in Italian market
Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends
More informationCyber Insurance Presentation
Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance
More informationData Privacy, Security, and Risk Management in the Cloud
Data Privacy, Security, and Risk Management in the Cloud Diana S. Hare, Associate General Counsel and Chief Privacy Counsel, Drexel University David W. Opderbeck, Counsel, Gibbons P.C. Robin Rosenberg,
More informationCAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance
Fundamentals of Cyber Risk Brad Gow June 9th, 2015 Endurance But consider the kickoff chuckle to a speech given to the Wharton School in March 1977 by Sidney Homer of Salomon Brothers, the leading bond
More informationGALLAGHER CYBER LIABILITY PRACTICE. Cyber Risk Exposures and Solutions
GALLAGHER CYBER LIABILITY PRACTICE Cyber Risk Exposures and Solutions Cyber Risk Exposures and Solutions Arthur J. Gallagher & Co. s Cyber Liability Practice has the expertise and the desire to deliver
More informationPreparing for the Inevitable Data Breach: What to Do Before Sensitive Customer and Employee Data is Breached, Stolen or Compromised
ACE USA Podcast Released February 3, 2010 Preparing for the Inevitable Data Breach: What to Do Before Sensitive Customer and Employee Data is Breached, Stolen or Compromised Moderator: Richard Tallo Senior
More informationDon t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks
Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Thank you for joining us. We have a great many participants in today s call. Your phone is currently
More informationPrivacy and Data Breach Protection Modular application form
Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while
More informationSOCIAL MEDIA MOBILE DEVICES CLOUD SERVICES INTERNET OF THINGS (IOT)
INFORMATION SECURITY AND CYBER LIABILITY RISK MANAGEMENT THE FIFTH ANNUAL SURVEY ON THE CURRENT STATE OF AND TRENDS IN INFORMATION SECURITY AND CYBER LIABILITY RISK MANAGEMENT Sponsored by October 2015
More informationHit ratios are still very low for Security & Privacy coverage: What are companies waiting for?
Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Authored by Neeraj Sahni and Tim Stapleton Neeraj Sahni is Director, Insurance Channel at Kroll Cyber Investigations
More informationCyber Insurance: How to Investigate the Right Coverage for Your Company
6-11-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)
More informationEnterprise PrivaProtector 9.0
IRONSHORE INSURANCE COMPANIES 75 Federal St Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING FOR A CLAIMS
More informationPolicy Considerations for Covering Special Exposures. Claire Lee Reiss Program Director National League of Cities Risk Information Sharing Consortium
Policy Considerations for Covering Special Exposures Claire Lee Reiss Program Director National League of Cities Risk Information Sharing Consortium Special exposures Coverage that targets a loss with
More informationDelaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP
Changing Legal Landscape in Cybersecurity: Implications for Business Delaware Cyber Security Workshop September 29, 2015 William R. Denny, Esquire Potter Anderson & Corroon LLP Agenda Growing Cyber Threats
More informationIRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411
IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING
More informationCyber Liability Insurance
Annual Board of Directors Conference 29 April 2014 TOC - 1 The Cyber Risk Landscape 2 Regulation Changes 3 Case Study Why to insure 4 Page 2 The Cyber Risk Landscape 2013 Lloyds Risk Index : Cyber Risk
More informationCyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:
Company or Trading Name: Address: Post Code: Telephone: E-mail: Website: Date Business Established Number of Employees Do you have a Chief Privacy Officer (or Chief Information Officer) who is assigned
More informationMichael Gaudet 2015 PHC 7/23/2015. Key Broker Challenges
Cyber 2015: The Market, Choosing Coverages and AEGIS Update Broker s Perspective Michael Gaudet Marsh FINPRO Energy, Power & Utility Industry Leader Marsh USA, Inc. Key Broker Challenges Coverage consistency
More informationCyber Security Issues - Brief Business Report
Cyber Security: Are You Prepared? This briefing provides a high-level overview of the cyber security issues that businesses should be aware of. You should talk to a lawyer and an IT specialist for a complete
More information4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015
CYBER LIABILITY AND AVIATION Presented by Hal Hunt May 3, 2015 AGENDA Introduction Leaning Objectives Threat Examples Underwriting Protection/Cyber Policy Summary 2 LEARNING OBJECTIVES Understand Key Terms
More informationCyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day
Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014
More informationBeyond Data Breach: Cyber Trends and Exposures
Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in
More informationOECD PROJECT ON CYBER RISK INSURANCE
OECD PROJECT ON CYBER RISK INSURANCE Introduction 1. Cyber risks pose a real threat to society and the economy, the recognition of which has been given increasingly wide media coverage in recent years.
More informationerisks Policyholder s Guide to Privacy & Security Breach Response Planning
erisks Policyholder s Guide to Privacy & Security Breach Response Planning Professional Indemnity Financial Institutions Directors & Officers Management Liability Medical Malpractice Media Liability Level
More informationCyber Liability Insurance Data Security, Privacy and Multimedia Protection
Page 1 of 5 Cyber Liability Insurance Data Security, Privacy and Multimedia Protection What is a Cyber Risk? Technology is advancing at such an alarming rate and business is more and more reliant on IT
More informationCyber Liability. AlaHA Annual Meeting 2013
Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages
More informationThe promise and pitfalls of cyber insurance January 2016
www.pwc.com/us/insurance The promise and pitfalls of cyber insurance January 2016 2 top issues The promise and pitfalls of cyber insurance Cyber insurance is a potentially huge but still largely untapped
More informationTHE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS
THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.
More information2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: A SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN THE ASIA-PACIFIC REGION
2014 NETWORK SECURITY & CYBER RISK MANAGEMENT: A SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN THE ASIA-PACIFIC REGION April 2014 Sponsored by: 2014 Network Security & Cyber Risk Management:
More informationManaging Cyber & Privacy Risks
Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past
More informationCyber and data Policy wording
Please read the schedule to see whether Breach costs, Cyber business interruption, Hacker damage, Cyber extortion, Privacy protection or Media liability are covered by this section. The General terms and
More informationWho s next after TalkTalk?
Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many
More informationNetwork Security and Data Privacy Insurance for Physician Groups
Network Security and Data Privacy Insurance for Physician Groups February 2014 Lockton Companies While exposure to medical malpractice remains a principal risk MIKE EGAN, CPCU Senior Vice President Unit
More informationCyber Liability Insurance Data Security, Privacy and Multimedia Protection
Page 1 of 5 Cyber Liability Insurance Data Security, Privacy and Multimedia Protection What is a Cyber Risk? Technology is advancing at such an alarming rate and business is more and more reliant on IT
More informationThird Annual Study: Is Your Company Ready for a Big Data Breach?
Third Annual Study: Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute
More informationCyber Risk State of the Art
Proudly presents Cyber Risk State of the Art Matthew Davies, Chubb Insurance Catherine Dowdall, Canada Post Mike Petersen, Marsh 1 Agenda 1. Who is At Risk? 2. New/Emerging Risk and Trends 3. Canada Post
More informationIs Cyber Insurance the Next Big Think? 2nd Digital Payments Summit - May 2016. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor
Is Cyber Insurance the Next Big Think? 2nd Digital Payments Summit - May 2016 Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Cromar Insurance Brokers Historical Development of Cyber (Re)Insurance
More information8 2014/2015 INSURANCE COVERAGE RENEWAL
Clause No. 8 in Report No. 12 of the was adopted, without amendment, by the Council of The Regional Municipality of York at its meeting held on June 26, 2014. 8 2014/2015 INSURANCE COVERAGE RENEWAL recommends
More informationCYBER LIABILITY INSURANCE MARKET TRENDS: SURVEY
CYBER LIABILITY INSURANCE MARKET TRENDS: SURVEY October 2015 CYBER LIABILITY INSURANCE MARKET TRENDS: SURVEY Global reinsurer PartnerRe has once again collaborated with Advisen to conduct a comprehensive
More informationPrivacy Insurance. Avoiding the HMO Experience. cyber. More Differences. By Toby Merrill
Privacy Insurance Avoiding the HMO Experience By Toby Merrill Privacy, as it relates to an individual s personally identifiable information, such as Social Security numbers, credit card and healthcare
More informationHow To Buy Cyber Insurance
10-26-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)
More informationCyber and Privacy Risk What Are the Trends? Is Insurance the Answer?
Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information
More informationReducing Risk. Raising Expectations. CyberRisk and Professional Liability
Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today
More information