Cyber Liability. What School Districts Need to Know
|
|
- Pearl Atkins
- 8 years ago
- Views:
Transcription
1 Cyber Liability What School Districts Need to Know
2 Data Breaches Growing In Number Between January 1, 2008 and April 4, ,216,842 reported records containing sensitive personal information have been involved in security breaches! Source: Privacy Rights Clearinghouse A Chronology of Data Breaches Updated as of April 4,
3 Data Breaches Categories Lost or stolen laptops, computers, flash drives or other computer storage devices Backup tapes misplaced or lost in transit Hackers Rogue employees Poor business practices Internal security failures Viruses, malware Information in dumpsters 3
4 Sources of Data Breaches Privacy Rights Clearinghouse Chronology of Data Breaches 1/1/08 4/4/12 4
5 Breaches Education Sector In the First half of % of reported breaches were in the education sector and exposed 1,676,901 records. Source: Ponemon Institute and Symantec 5
6 Causes of Breaches Negligence 39% Employees Contractors Malicious/Criminal Attacks 37% External and internal System Glitches 24% Including a combination of both IT and business process failures Source: Ponemon Institute, LLC 2011 Annual Study: U.S. Cost of a Data Breach 6
7 Office Computers Stolen October 2010 Farmers Insurance San Diego, CA. Theft of office computers compromised policyholder information: names, addresses, social security numbers, telephone numbers, and drivers license numbers. 7
8 Documents in Dumpster January 2011 Thousands of MetLife client documents with names, addresses, social security numbers, birth dates, and account balances were disposed of into dumpsters when an office was moving locations. MetLife has been ordered to provide credit fraud protection for everyone affected. They were also required to pay $75,000 to the State of Illinois Director of Insurance. The error was caused by a printer malfunction. At least 50 customers reported a problem with their accounts. 8
9 Custodial Renegade December 2011 An owner of a cleaning company was arrested for stealing personal information from Eagle Harbor Country Club members. Stolen information was used to open fraudulent credit cards and bank accounts. 9
10 Hackers February 2012 DHI Mortgage of Dallas, TX became aware of a software security breach that occurred on its internet loan prequalification system. Individuals who provided their information online may have had their names, social security numbers, dates of birth, employment, and income/asset information exposed. 10
11 A Simple Mistake January 31, 2012 Ernst & Young auditor mailed a flash drive and decryption code containing information of current and former Regions Financial employees. The envelope arrived with the decryption code, but no flash drive. The data included names, info regarding 401K retirement plans, social security numbers, and possible birthdates. Regions employs about 27,000 people. 11
12 Robin Hood Hacktivists December 24, 2011 Global intelligence company Stratfor was targeted by hacktivist collective Anonymous. Data stolen included 68,000 credit card numbers (36,000 were not expired), 860,000 usernames and passwords, and 5 million s that could contain information on Fortune 500 companies who subscribe to Stratfor. Hackers claim to have made $1M in donations to charities. 12
13 Sneaky Student Evergreen Public Schools Had a data breach that cost the school district $62,000 when a former student was able to obtain an administrative login and password to the district s system. Upon obtaining these he gained access to the teach payroll system and used the bank account information it contained in order to make fraudulent charges and sign up for credit cards. 13
14 Intruder Beverton School District Lost 1,600 current and former employees personal information when an intruder stole overtime payment receipts from the district s storage sheds. In response, the district contracted a security firm who advised them to offer a years worth of credit monitoring to the affected teachers. 14
15 A Costly Oops! Seattle School District Accidentally disclosed half of their workforce s information when it included Social security numbers and home addresses in information it sent to a local teacher s union. As a result it agreed to pay for credit monitoring services to the 5,000 individuals who were affected. 15
16 Cyber Crackdown Houston School District Involved the FBI when they discovered a hacker had compromised their network and gained access to employee bank account numbers as well as student grades. After the incident the superintendent realized the serious threat that hackers pose to their information systems and put forward a plan to spend $10 $15 million dollars in order to enhance their cyber security systems. 16
17 Snatched Laptop Reynoldsburg City School District Had a laptop stolen from a network technician s car, resulting in 4,200 students personal information, including Social Security numbers, being stolen. In response, the district negotiated a contact with a credit monitoring services to provide credit monitoring for a year to all the affected students. This had an approximate cost of $46,
18 What is the Average Direct Cost After a Breach Occurs? Notification Costs Detection and Escalation Costs Other Costs Direct Cost = $59 per record Total costs average $194 per record for all industry classes Source: Ponemon Institute, LLC 2011 Annual Study: U.S. Cost of a Data Breach 18
19 Breach = Potential Cascade of Losses First Party Loss of Private Data Notification Costs Cost to Change Account Numbers Publicity Costs Third Party Customer Suits Suits from Customers alleging invasion of privacy and other causes of action Cyber Extortion Ransom Payment Other Expenses, including fees of an independent negotiator or consultant Other Suits Suits from prospective customers alleging invasion of privacy. 19
20 Where s The Coverage Commercial Crime Form? General Liability? Professional Liability Policy? D&O Liability Policy? 20
21 Surety Association Computer Crime Computer Crime Policy has three (3) major exclusions: Loss resulting directly or indirectly from theft of confidential information; Indirect or consequential loss of any nature; Potential income, including but not limited to interest and dividends. 21
22 ISO Commercial Crime Policy Computer Fraud We will pay for loss of or damage to money, securities and other property resulting directly from the use of any computer to fraudulently cause a transfer of that property from inside the premises or banking premises : To a person (other than a messenger ) outside those premises ; or To a place outside those premises. 22
23 ISO Commercial Crime Policy, cont. Other Property Any tangible property other than money and securities that has intrinsic value but does not include any property excluded under this policy. Exclusion Indirect Costs Loss that is an indirect result of any act or occurrence covered by this policy including, but not limited to, loss resulting from: 1. Your inability to realize income that you would have realized had there been no loss of or damage to money, securities or other property. 2. Payment of damages of any type for which you are legally liable. But, we will pay compensatory damages arising directly from a loss covered under this policy. 3. Payment of costs, fees or other expenses you incur in establishing either the existence or the amount of loss under this policy. 23
24 General Liability Personal Injury Coverage B Personal and Advertising Injury Liability Insuring Agreement We will pay those sums that the insured becomes legally obligated to pay as damages because of personal and advertising injury to which this insurance applies. We will have the right and duty to defend the insured against any suit seeking those damages. Personal and advertising injury means, oral or written publication, in any manner, of material that violates a person s right of privacy; Source: ISO CG
25 GL Insurers Seek to Avoid Cyberliability In a move to eliminate exposure to data breaches, insurers of general liability coverage have been excluding advertising injury and personal injury on policies of insureds who maintain a significant amount of personal and/or financial data. 25
26 D&O Liability Insurance Data breach is predominantly a corporate liability exposure. Invasion of privacy is typically excluded. Coverage for mental anguish/emotional distress is limited to employment practices claims. Public company D&O only protects the entity against claims relating to the company s securities. 26
27 Cyber Liability Insurance Coverage A risk management option that mitigates exposure to data breaches First party coverage Third party (liability) coverage 27
28 First Party Coverage Computer forensic costs Legal costs to determine legal compliance requirements Privacy notification of data breach, including credit monitoring expenses required by applicable law Crisis Management expense, including law firm and public relations firm Extortion payment and expenses E vandalism cost of blank media and cost of reproduction Business interruption coverage loss of business income during impairment of operations due to fraudulent access or transmission as to the insured s system 28
29 Computer Forensic Experts Critical to helping determine the extent of a breach and leaving breach evidence intact Computer evidence has been the smoking gun in many high profile cases Surveys show that insureds who proceed with notification prior to having forensic validation of scope of breach pay 54% more in notification costs Average fees run from $250 to $350 per hour, and time incurred depends on scope of breach 29
30 Legal Representation to Determine Compliance Requirements Notification and consumer protection laws vary from state to state as to who must be notified and the manner of notification 46 states have breach laws in place as of 2/6/2012 It is critical to have experienced counsel to review the forensic expert results, and determine appropriate notification and breach remediation actions Counsel may also be required to negotiate with regulators and state attorneys general Credit monitoring may be required by applicable state law 30
31 South Carolina Code Ann Applies to breaches of encrypted personal indentifying information in both paper and electronic records. First name or last name plus social security number, drivers license, financial account number, credit card or debit card number in combination with any required code, access code or password. Law does not require notification in the event of an unauthorized but good faith acquisition of personal indentifying information by an employee of the entity for the purposes of it s business if the personal identifying information is not used or subject to further unauthorized disclosure. 31
32 Notification Costs Maximizing coverage for notification costs is a priority, and these costs are a primary reason that organizations purchase cyber coverage There are two options for this coverage that are available: Specified dollar limit Maximum number of individuals to be notified 32
33 Claims Arising from Rogue Employees and Independent Contractors Most policies include coverage that extends to loss resulting from a breach of data that is held or processed by an independent contractor. Malicious insider breaches by employees tend to be harder to detect and remediate. The average time to contain such breaches is more than 45 days.* *Experian Data Breach Resolution Blog 33
34 Privacy and Security Insurance Coverage Third Party Coverage Broad definition of claim to include demands for monetary and non monetary relief; civil, regulatory and criminal proceedings. Coverage for loss, defense costs, punitive damages, and fines/penalties. Require coverage that extends to mental anguish and emotional distress allegations. 34
35 Cyber Liability Polices Vary Significantly Discuss your operations and all privacy and security exposures with your insurance professional. Seek broad coverage for all of your operations, including those that are decentralized. Purchase coverage that extends to your paper files, website, computers, laptops, and other peripheral devices. Consider policy limits on first party coverages, regulatory actions, fines/penalties. 35
36 Make Informed Decisions as to Risk Management Options Review technology, best practices and insurance for your optimal defense and protection. Assess your exposures, including employees, vendors, independent contractors and clients. Assess your potential costs and liabilities in connection with a breach. Understand that poor economic conditions may increase your exposure. 36
37 Don t forget the Human Element! 37
38 Contact Info Tommy Suggs President & CEO KeenanSuggsSC 38
Privacy Rights Clearing House
10/13/15 Cybersecurity in Education What you face as educational organizations How to Identify, Monitor and Protect Presented by Jamie Gershon Sr. Vice President Education Practice Group 1 Privacy Rights
More informationManaging Cyber & Privacy Risks
Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past
More informationInsurance Considerations Related to Data Security and Breach in Outsourcing Agreements
Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President
More informationManaging Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec
Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics
More informationPROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS
PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS The following claim scenarios are hypothetical and are offered solely to illustrate the types of situations that may result in claims. Although sorted by industry,
More informationUnderstanding Professional Liability Insurance
Understanding Professional Liability Insurance Definition Professional liability is more commonly known as errors & omissions (E&O) and is a form of liability insurance that helps protect professional
More informationGALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability
GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the
More informationSINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry
SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :
More informationData Breach and Senior Living Communities May 29, 2015
Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs
More informationCyber and CGL Insurance Coverage for Data Breach Claims
Cyber and CGL Insurance Coverage for Data Breach Claims Paula Weseman Theisen, Partner Data breach overview Definition of data breach/types Data breach costs Data breach legal claims and damages Cyber-insurance
More informationCyber Liability. AlaHA Annual Meeting 2013
Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages
More informationInternet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler
Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in
More informationCyber and Privacy Risk What Are the Trends? Is Insurance the Answer?
Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information
More informationDon t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks
Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Thank you for joining us. We have a great many participants in today s call. Your phone is currently
More informationPrivacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014
Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014
More informationCyber-Crime Protection
Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living
More informationCyber and data Policy wording
Please read the schedule to see whether Breach costs, Cyber business interruption, Hacker damage, Cyber extortion, Privacy protection or Media liability are covered by this section. The General terms and
More informationData breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd
Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures
More informationReducing Risk. Raising Expectations. CyberRisk and Professional Liability
Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today
More informationCyber Liability Insurance: It May Surprise You
Cyber Liability Insurance: It May Surprise You Moderator Eugene Montgomery, President & CEO Community Financial Insurance Center Panelists Antonio Trotta, Senior Claim Counsel, CNA Specialty William Heinbokel,
More informationData breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC
Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you
More informationDATA BREACH COVERAGE
THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000
More informationNetwork Security & Privacy Landscape
Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies
More information4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015
CYBER LIABILITY AND AVIATION Presented by Hal Hunt May 3, 2015 AGENDA Introduction Leaning Objectives Threat Examples Underwriting Protection/Cyber Policy Summary 2 LEARNING OBJECTIVES Understand Key Terms
More informationNetwork Security & Privacy Landscape
Network Security & Privacy Landscape Presented By: Pam Townley, AVP / Eastern Zonal Manager AIG Professional Liability Division Jennifer Bolling, Account Executive Gallagher Management Liability Division
More informationCyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029
Cyber Liability Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Today s Agenda What is Cyber Liability? What are the exposures? Reality of a
More informationInsuring Innovation. CyberFirst Coverage for Technology Companies
Insuring Innovation. CyberFirst for Technology Companies TECHNOLOGY IS EVERYWHERE. SO ARE THE THREATS. protection that goes well beyond a traditional general liability policy. CyberFirst CyberFirst is
More informationInsurance for Data Breaches in the Hospitality Industry
The Academy of Hospitality Industry Attorneys The Pl Palmer House Hilton Chicago, IL April 25, 2014 Insurance for Data Breaches in the Hospitality Industry Presenters: David P. Bender, Jr. dbender@andersonkill.com
More informationCyber Exposure for Credit Unions
Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of
More informationJoe A. Ramirez Catherine Crane
RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract
More information(1) Commercial Crime Insurance or Employee Fidelity Bond
INSURANCE (A) GENERAL CONSIDERATIONS This document presents the minimum insurance requirements as set forth by the United States Trustee Program (USTP). A standing trustee must purchase property insurance
More informationCyber Liability & Data Breach Insurance Claims
Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011 Last year, privacy breaches ran about 1-2 per week. This
More informationISO? ISO? ISO? LTD ISO?
Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet
More informationINFORMATION SECURITY AND PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY COVERAGE. I. GENERAL INFORMATION Full Name:
INFORMATION SECURITY AND PRIVACY INSURANCE WITH ELECTRONIC MEDIA LIABILITY COVERAGE NOTICE: COVERAGE UNDER THIS POLICY IS PROVIDED ON A CLAIMS MADE AND REPORTED BASIS AND APPLIES ONLY TO CLAIMS FIRST MADE
More informationCYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014
CYBER LIABILITY Network Security and Privacy Bring on tomorrow May 15, 2014 1 AGENDA I. Identify Exposures II. Identify how a breach can occur III. The Coverage (Third Party Liability + First Party Losses)
More informationHow-To Guide: Cyber Security. Content Provided by
How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses
More information2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage
2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage Chris Reese Vice President, Director of Underwriting Connie Rivas Asst. Vice President, Contracts and
More informationWhy Lawyers? Why Now?
TODAY S PRESENTERS Why Lawyers? Why Now? New HIPAA regulations go into effect September 23, 2013 Expands HIPAA safeguarding and breach liabilities for business associates (BAs) Lawyer is considered a business
More informationData Security Incident Response Plan. [Insert Organization Name]
Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security
More informationBest practices and insight to protect your firm today against tomorrow s cybersecurity breach
Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently
More informationAftermath of a Data Breach Study
Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath
More informationRogers Insurance Client Presentation
Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com
More informationHow To Cover A Data Breach In The European Market
SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to
More informationINFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES
INFORMATION SECURITY & PRIVACY INSURANCE WITH BREACH RESPONSE SERVICES NOTICE: INSURING AGREEMENTS I.A., I.C. AND I.D. OF THIS POLICY PROVIDE COVERAGE ON A CLAIMS MADE AND REPORTED BASIS AND APPLY ONLY
More informationCyber Risk in Healthcare AOHC, 3 June 2015
Cyber Risk in Healthcare AOHC, 3 June 2015 Kopiha Nathan, Senior Healthcare Risk Management and Data Specialist James Penafiel, Underwriting Supervisor, Insurance Operations CFPC Conflict of Interest -
More informationData Security Breaches: Learn more about two new regulations and how to help reduce your risks
Data Security Breaches: Learn more about two new regulations and how to help reduce your risks By Susan Salpeter, Vice President, Zurich Healthcare Risk Management News stories about data security breaches
More informationCyberSecurity for Law Firms
CyberSecurity for Law Firms Cracking the Cyber Code: Recent Headlines, Reinforcing the Need and Response Planning July 16, 2013 Making the Case Matthew Magner Senior Underwriting Officer Chubb & Son, a
More informationPrivacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec
Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,
More informationAPIP - Cyber Liability Insurance Coverages, Limits, and FAQ
APIP - Cyber Liability Insurance Coverages, Limits, and FAQ The state of Washington purchases property insurance from Alliant Insurance Services through the Alliant Property Insurance Program (APIP). APIP
More informationCyber Risk: Global Warning? by Cinzia Altomare, Gen Re
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in
More informationCyber Risk Insurance for Agents. Frequently Asked Questions
Cyber Risk Insurance for Agents Frequently Asked Questions 1 Cyber Risk Insurance About Great American Insurance Great American Insurance Group s roots go back to 1872 with the founding of its flagship
More informationStandard: Information Security Incident Management
Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of
More informationDiscussion on Network Security & Privacy Liability Exposures and Insurance
Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter
More informationCyber Threats: Exposures and Breach Costs
Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals
More informationBeazley presentation master
The Art of Breach Management Beazley presentation master February 2008 A Brief Review of Data Breaches What is a Data Breach? Actual release or disclosure of information to an unauthorized individual/entity
More informationRISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION
RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former
More informationplantemoran.com What School Personnel Administrators Need to know
plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of
More informationPolicy Considerations for Covering Special Exposures. Claire Lee Reiss Program Director National League of Cities Risk Information Sharing Consortium
Policy Considerations for Covering Special Exposures Claire Lee Reiss Program Director National League of Cities Risk Information Sharing Consortium Special exposures Coverage that targets a loss with
More informationLaptop Data Breaches: Mitigating Risks Through Encryption and Liability Insurance. By Julie Machal-Fulks and Robert J. Scott
Laptop Data Breaches: Mitigating Risks Through Encryption and Liability Insurance By Julie Machal-Fulks and Robert J. Scott Laptop Data Breaches: Mitigating Risks Through Encryption And Liability Insurance
More informationCyber Insurance Presentation
Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance
More informationCyber Risks in Italian market
Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends
More informationCyber Liability & Data Breach Insurance Claims
Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011 Last year, privacy breaches ran about 1-2 per week. This
More informationLessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd
Lessons Learned from Recent HIPAA and Big Data Breaches Briar Andresen Katie Ilten Ann Ladd Recent health care breaches Breach reports to OCR as of February 2015 1,144 breaches involving 500 or more individual
More informationThe Future of Data Breach Risk Management Response and Recovery. The Cybersecurity Forum April 14, 2016
The Future of Data Breach Risk Management Response and Recovery Increasing electronic product life and reliability The Cybersecurity Forum April 14, 2016 Today s Topics About Merchants Information Solutions,
More informationCYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS
CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become
More informationIRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411
IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING
More informationStudent Data Breaches: Is Your District Prepared?
Student Data Breaches: Is Your District Prepared? Colleen A. Sloan, Esq., Manager, Labor Relations and Associate School Attorney JoAnn Balazs, Director, Management Services Janell Hallgren, Manager, Policy
More informationCyber/Information Security Insurance. Pros / Cons and Facts to Consider
1 Cyber/Information Security Insurance Pros / Cons and Facts to Consider 2 Presenters Calvin Rhodes, Georgia Chief Information Officer Ron Baldwin, Montana Chief Information Officer Ted Kobus, Partner
More informationCAMBRIDGE PROPERTY & CASUALTY SPECIAL REPORT
CAMBRIDGE PROPERTY & CASUALTY SPECIAL REPORT INSURANCE COVERAGES FOR TECHNOLOGY COMPANIES This Special Report was written by Daniel P. Hale, J.D., CPCU, ARM, CRM, LIC, AIC, AIS, API. Mr. Hale is Vice President
More informationAdministrative Procedures Memorandum A1452
Page 1 of 11 Date of Issue February 2, 2010 Original Date of Issue Subject References February 2, 2010 PRIVACY BREACH PROTOCOL Policy 2197 Management of Personal Information APM 1450 Management of Personal
More informationWhat A Nonprofit Organization Needs To Know About Insurance. Susan R. Smith. Beehive Insurance Agency, Inc.
the the the GOOD UGLY BAD& What A Nonprofit Organization Needs To Know About Insurance Susan R. Smith Beehive Insurance Agency, Inc. c o n t e n t s Introduction 1 General Liability 2 Professional Liability
More informationTools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited
Tools Conference Toronto November 26, 2014 Insurance for NFP s Presented by Paul Spark HUB International HKMB Limited Topics Insurance Policies Basics Directors and Officers Liability Insurance Commercial
More informationPRIVACY BREACH MANAGEMENT POLICY
PRIVACY BREACH MANAGEMENT POLICY DM Approval: Effective Date: October 1, 2014 GENERAL INFORMATION Under the Access to Information and Protection of Privacy Act (ATIPP Act) public bodies such as the Department
More informationPrivacy and Data Breach Protection Modular application form
Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while
More informationUnderstanding the Business Risk
AAPA Cybersecurity Seminar Andaz Savannah Hotel March 11, 2015 10:30 am Noon Understanding the Business Risk Presenter: Joshua Gold, Esq. (212) 278-1886 jgold@andersonkill.com Disclaimer The views expressed
More informationJefferson Glassie, FASAE Whiteford, Taylor & Preston
Jefferson Glassie, FASAE Whiteford, Taylor & Preston 2 * 3 PII = An individuals first name and last name or first initial and last name in combination with any one or more of the following data elements
More informationBeazley Group Beazley Breach Response. A data breach isn t always a disaster Mishandling it is.
Beazley Group Beazley Breach Response A data breach isn t always a disaster Mishandling it is. A world of risk 932.7m Personal records breached in the U.S. since 2005 3 51% The proportion of breaches attributable
More informationEnterprise PrivaProtector 9.0
IRONSHORE INSURANCE COMPANIES 75 Federal St Boston, MA 02110 Toll Free: (877) IRON411 Enterprise PrivaProtector 9.0 Network Security and Privacy Insurance Application THE APPLICANT IS APPLYING FOR A CLAIMS
More informationNonProfit 101. Notes: Session 1B: Insurance, What you do not know can hurt you! From Survivability to Sustainability. June 10, 2015 Session 1B page 1
Session 1B: Insurance, What you do not know can hurt you! Notes: June 10, 2015 Session 1B page 1 Session 1B: Insurance, What you do not know can hurt you! Notes: June 10, 2015 Session 1B page 2 June 10,
More informationA Proposal of Employee Benefits. Innovations in IDENTITY THEFT
A of Employee Benefits Innovations in IDENTITY THEFT Innovations in IDENTITY THEFT Name or Logo 2 Innovations in IDENTITY THEFT A Complete Identity Theft Solution Prevention to Prosecution Solution
More informationcyber invasions cyber risk insurance AFP Exchange
Cyber Risk With cyber invasions now a common place occurrence, insurance coverage isn t found in your liability policy. So many different types of computer invasions exist, but there is cyber risk insurance
More informationIdentity Theft Security and Compliance: Issues for Business
Identity Theft Security and Compliance: Issues for Business The Facts Six Common Uses for Stolen Information Financial Criminal Medical DMV Social Security Terrorist The Facts A Chronology of Data Breaches
More informationHow to Prepare for a Data Breach
IT Forum How to Prepare for a Data Breach Expediting Response and Minimizing Losses Presentation for SURA IT Committee November 5,,2014 Laura Whitaker, Senior Research Director eab.com Getting to Know
More informationCYBER LIABILITY INSURANCE
CYBER LIABILITY INSURANCE CONTINUING EDUCATION CLASS MARCH 6, 2013 PRESENTED BY COUSINO HARRIS STEWART V. NELSON, Senior Risk Advisor Stewart.Nelson@Kapnick.com 734 929 6057 Class Objectives Understand
More informationHow To Write A Network Security Endorsement
THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY. NETWORK SECURITY ENDORSEMENT INTEGRATED TECH CLAIMS MADE CLAIM EXPENSES INCLUDED WITHIN THE LIMITS OF INSURANCE This endorsement modifies
More informationTHE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS
THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.
More informationTen Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder
Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system
More informationACE Advantage PRIVACY & NETWORK SECURITY
ACE Advantage PRIVACY & NETWORK SECURITY SUPPLEMENTAL APPLICATION COMPLETE THIS APPLICATION ONLY IF REQUESTING COVERAGE FOR PRIVACY LIABILITY AND/OR NETWORK SECURITY LIABILITY COVERAGE. Please submit with
More informationData Breach Cost. Risks, costs and mitigation strategies for data breaches
Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,
More informationAPPLICATION FOR TECHNOLOGY & PRIVACY PROFESSIONAL LIABILITY
APPLICATION FOR TECHNOLOGY & PRIVACY PROFESSIONAL LIABILITY GENERAL INFORMATION 1. APPLICANT NAME: 2. PHONE: 3. MAILING ADDRESS: 4. WEB ADDRESS: 5. The following officer of the Applicant is designated
More informationPrivacy Liability & Data Breach Management Nikos Georgopoulos 1 st Athens Privacy & Data Breach Management Conference
Privacy Liability & Data Breach Management Nikos Georgopoulos 1 st Athens Privacy & Data Breach Management Conference N.G. Privacy Liability Insurance Presentation to Athens 1 st Privacy & Data Breach
More informationCYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131
CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 TOPICS 1. Threats to your business s data 2. Legal obligations
More informationBrief. The BakerHostetler Data Security Incident Response Report 2015
Brief The BakerHostetler Data Security Incident Response Report 2015 The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 the year of the
More informationTHE HARTFORD ASSET MANAGEMENT CHOICE sm POLICY NETWORK
THE HARTFORD ASSET MANAGEMENT CHOICE sm POLICY NETWORK SECURITY AND THEFT OF DATA COVERAGE APPLICATION Name of Insurance Company to which application is made NOTICE: THIS POLICY PROVIDES CLAIMS MADE COVERAGE.
More informationCommon Data Breach Threats Facing Financial Institutions
Last Updated: February 25, 2015 Common Data Breach Threats Facing Financial s Although exact figures are elusive, there is no question that the number of data security breaches both reported and unreported
More informationBOARD OF GOVERNORS MEETING JUNE 25, 2014
CYBER RISK UPDATE BOARD OF GOVERNORS MEETING JUNE 25, 2014 EXECUTIVE SUMMARY Cyber risk has become a major threat to organizations around the world, as highlighted in several well-publicized data breaches
More informationCyber threat reality check GLOBAL TECHNOLOGY S RISK ADVISOR SERIES TURN RISK INTO ADVANTAGE THE THREAT IS GROWING IGNORING IT CAN BE COSTLY
GLOBAL TECHNOLOGY S RISK ADVISOR SERIES TURN RISK INTO ADVANTAGE WHY COMPLACENCY IS UNWARRANTED > WHERE CYBER THREATS COME FROM > THREE STEPS TO MANAGING CYBER THREATS > Cyber threat reality check THE
More informationCyberinsurance: Insuring for Data Breach Risk
View the online version at http://us.practicallaw.com/2-588-8785 Cyberinsurance: Insuring for Data Breach Risk JUDY SELBY AND C. ZACHARY ROSENBERG, BAKER HOSTETLER LLP, WITH PRACTICAL LAW INTELLECTUAL
More informationInternet Stolen: The Fastest Growing White Collar Crime
Cyber Liability What you need to know! PRESENTED BY: GALLAGHER / CYBERRISK SERVICES MAY 2014 Most Common Reactions to Cyber Liability Questions: We don t need cyber liability coverage; we have tort immunity
More informationPRODUCT HIGHLIGHTS CYBER SECURITY LIABILITY
PRODUCT HIGHLIGHTS CYBER SECURITY LIABILITY Benefits of this Program Philadelphia Insurance Companies Cyber Security Liability program provides both First and Third Party coverage for numerous classes
More information