Cyber Liability & Data Breach Insurance Claims

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cyber Liability & Data Breach Insurance Claims"

Transcription

1 Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011

2 Last year, privacy breaches ran about 1-2 per week. This year, it is more like 6-8 per week.... this study is both timely and important because it... demonstrates the real dollars that are being spent both dealing with the event as well as ultimate damages... Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Executive Summary In 2010, some 16 million confidential records were exposed through more than 662 reported security breaches, according to the national nonprofit Identity Theft Resource Center (ITRC). Most recently, in a blog post that appeared on April 26, 2011, Sony Computer Entertainment America reported a security breach of its PlayStation Network in which hackers obtained personal information on some 100+ million subscribers, resulting in a security investigation so broad it suspended business operations, and resulted in multiple class action lawsuits. In cases like Sony s, insurers will help foot the bill for the data breach an amount that has been estimated at up to $2 billion and insurers are fielding increasing numbers of data breach-related claims. Last year, privacy breaches ran about 1-2 per week. This year, it is more like 6-8 per week, says Beth Diamond, Insurance Claims Focus Group Leader for Technology, Media and Business Services at Beazley Group. Diamond says the rising numbers are the result of increased legislation and companies heightened awareness about their legal obligations to report breach incidents. That cyber security breaches are now a painful reality for organizations of all kinds, at all levels, is well established. What insurers and corporate risk managers are looking for are more effective ways to predict and prevent these incidents while developing a greater understanding of their financial implications. This NetDiligence cyber liability claims study, the first of its kind, examines where the bulk of these breaches are occurring and what kind of impact they have had on affected organizations. Major underwriters of cyber liability provided information about 117 events that occurred between 2005 and 2010, which we analyzed for emerging patterns. Among our findings: PII (personal identification information) is the most typically exposed data type, followed by PHI (personal health information). Topping the list of the most frequently breached sectors are healthcare and financial services. The average cost per breach was $2.4 million, with the majority devoted to legal services. While previous studies have shed light on data breach events through anecdotal information, this study uses actual cyber liability insurance policy reported claims to illuminate the real costs of such incidents. It is our hope that actuaries, risk managers and others working in the field of data security will use this information to properly price policies, perform more accurate risk assessment and establish better safeguards and action plans to protect themselves from data breaches. Given the recent well-publicized events, this study is both timely and important because it sheds light on what is driving these incidents, demonstrates the real dollars that are being spent both dealing with the event as 1 erisk Hub Exclusive

3 well as ultimate damages, and dispels the myth that data breach events don t carry significant damages to organizations that are affected, commented Norm Rafsol, Executive Vice President of ACE Professional Risk. About this Study For this study, we asked insurance underwriters about data breaches and the claim losses they sustained. We looked at the type of data exposed, what caused the loss, and which business sector suffered the incident. We also looked at the number of records exposed and the associated crisis services (forensics, notification, credit monitoring, and legal counsel), legal damages (defense and settlement), business interruption costs, and fines (PCI & regulatory). Lastly, we asked leaders in the industry representing insurance carriers, law firms, general counsel and cyber breach consultants to offer their insights into recent developments and trends in breach events. This report summarizes our findings for a sampling of data breach insurance claims occurring between 2005 and 2010 in a variety of industries, including airlines, consulting, education, financial services, retail, manufacturing, information technology and healthcare. Study Methodology This study, although limited, is the first of its kind, focusing on covered events and actual claims payouts. We asked the major underwriters of cyber liability to submit claims payout information based on the following criteria: The incident occurred between 2005 and 2010 The victimized organization had some form of cyber or privacy liability coverage A legitimate claim was filed We received claims information for 117 events that fit our selection criteria. Of those, 77 events included a detailed breakout of what was paid on the claim. We used our entire sampling of 117 events to analyze the type of data breached, the cause of data loss and the business sectors affected. We used the smaller sampling (77 events) to evaluate the payouts associated with the events again based on type of data breached, the cause of data loss and the business sectors affected. As a result, readers should keep in mind the following: Our sampling is a small subset of all breaches Our numbers are lower than other studies because we focused on claims payouts rather than expenses incurred by the victimized organizations Our numbers are empirical as they were supplied directly by the underwriters who paid the claims 2 erisk Hub Exclusive

4 Findings Highlights The Big Picture From our perspective, the retail sector is a large target since retailers store PII data that is not always protected... We are starting to see an uptick in emotional distress cases as a result of increased public awareness of healthcare privacy issues since the passage of HITECH. Based on the claims payout data submitted for this study, the average cost for a data breach was $2.4 million. We calculated that average using 116 of the 117 events in our sampling. The one incident we excluded from our calculation was an outlier incident: a billion dollar business interruption event. The average cost per record was $1.36 when we considered all events in our sampling. However, when we excluded outlier events (those which exposed millions of records), the average cost per record was $5.00. The number of records exposed ranged from 100 to 12 million. While the average number of records exposed was 1.7 million, the typical number of records exposed was 100,000. Legal damages represented the single largest component of costs. The average cost for legal defense was $500,000. The average legal settlement was $1 million. Crisis services represented the second largest component of costs. The average cost for crisis services, including forensics, notification, call center and legal counsel, was $800,000. Type of Data Exposed More than half of the events involved the unauthorized disclosure of PII (personally identifiable information). Approximately 75 percent of the records exposed contained credit card information. From our perspective, the retail sector is a large target since retailers store PII data that is not always protected through firewalls or encryption, says Jason Krause, Assistant Vice President, Arch Insurance. With breach events such as TJ Maxx, however, which increased awareness, this has started to change. PHI (personal health information) accounted for the second largest type of data, comprising 21 percent of breach incidents. According to Elizabeth Kim, Head of Claims for Technology, Media and Telecommunications at Hiscox USA, increased regulations such as HITECH (Health Information Technology for Economic and Clinical Health) are driving the next wave of third-party liability lawsuits. We are starting to see an uptick in emotional distress cases as a result of increased public awareness of healthcare privacy issues since the passage of HITECH, said Kim. Although crisis services associated with PII, PHI and credit card data breaches were significant, much of the costs were due to legal damages awarded. 3 erisk Hub Exclusive

5 33% of our reported data breach incidents arose from lost or stolen items like laptops, backup tapes, USB drives and smartphones with another 7% arising from lost paper documents.... Cause of Data Loss The cause of loss varied in our sampling, but ninety-five percent of the breaches were caused by one of three things: hackers, rogue employees, and loss/theft of equipment. Hackers caused 32 percent of breach events and were responsible for 75 percent of all exposed records. Industry experts concur that these incidents can be directly attributed to increased use of malware. According to Diamond, 36 percent of the attacks her claims department sees are from hackers. With a hacking event you need forensics to determine the cause. In addition, you cannot underestimate the importance of a qualified attorney to advise you on compliance, crisis management and contingency planning. Although these expenses are increasing, they are necessary, Diamond says. Malicious breaches by rogue employees due to firings, downsizing, generally poor economic conditions or the relative ease of selling stolen information are another growing area. Our findings show rogue employees to be the second largest cause of breaches, comprising 19 percent of breach events. Lastly, loss or theft is right at the top of the list. According to Meredith Schnur, Vice President, Professional Risk Group, Wells Fargo Insurance Services, In the last six months, we ve had six to ten data breach claims reported from lost thumb drives, missing laptops and missing hard copy reports. Lost or stolen equipment made up 15 percent of data breach incidents in our sampling and accounted for 10 percent of all personal records exposed. Noting slightly more frequency in this category was Richard Sheridan, a Vice President of Professional Liability Claims for ACE, who noted, 33% of our reported data breach incidents arose from lost or stolen items like laptops, backup tapes, USB drives and smartphones with another 7% arising from lost paper documents. This demonstrates that many of these incidents are not protected by firewalls and require additional physical controls as well. 4 erisk Hub Exclusive

6 Business Sectors Affected More than 60 percent of breaches in our sampling occurred in financial services, healthcare and retail. A full 88 percent (122 million) of records exposed occurred in financial services alone. Costs across business sectors were fairly spread between crisis services, legal damages and first-party losses. However, the average cost for legal damages in these incidents was significantly higher than the average cost for crisis services. Average expenses per breach for crisis services were about $200,000 per service (forensics, notification, credit monitoring, and legal counsel), while legal damages ranged between $450,000 and $1,000, erisk Hub Exclusive

7 Detailed Findings Type of Data Exposed The type of data exposed included PII (personally identifiable information such as: social security number, credit card, and address), PHI (personal health information), credit card information only, financial information, and other. PII, PHI, credit card and financial information made up almost 80 percent of the number of incidents reported with a total of 138 million exposed records. PII Data PII was exposed in 37 percent of reported incidents and accounted for 13 percent (18 million) of records exposed. In one event, a website development company disabled security elements to apply customerrequested modifications to the website. Upon completion of the maintenance, the company failed to re-install security measures resulting in a breach that went unnoticed for five months. 6 erisk Hub Exclusive

8 In another incident, two hackers cracked the computer systems of a major business research firm and subsequently obtained confidential corporate records. With the help of cyber-crime investigators, the hackers were identified, apprehended and prosecuted. The research firm spent more than $1,000,000 in investigative and public relations fees. Crisis services 31% Legal damages 65% Associated fines 4% PHI Data PHI data comprised 21 percent of reported incidents, but less than one percent (1.2 million) of records exposed. In one incident, a doctor's practice sustained a network security breach. The attacker obtained patient records, including financial information and health benefits account data. The data was resold to individuals who used benefit information to fraudulently obtain medical services. As a result, the legitimate patients sued, seeking compensation for emotional distress and other consequential damages. In addition, the legitimate patients health insurance carriers sued the doctor's practice to recover reimbursements made for fraudulently obtained health services. Crisis services Legal damages Associated fines 40% 57% 3% Credit Card Data Credit card data accounted for only 16 percent of the actual data breach claim incidents but attributed to 75 percent (104 million records) of the records exposed. In one incident, a hacker penetrated an online retailer's network security to steal credit card information from a database containing stored transaction data. The information was then used to make purchases and fraudulently obtain loans in the cardholder's name. Cardholders sued the retailer to recover their cost to repair credit and discharge fraudulent loans, while also seeking damages for emotional distress. The banks that issued the cards also sued the retailer to recover card re-issuance and cardholder notification costs. Crisis services 24% Legal damages 41% First-party losses 35% 7 erisk Hub Exclusive

9 Other Financial Data Financial data comprised four percent of the reported incidents, with approximately 10 percent (13 million) of total records exposed. Crisis services 24% In one case, an offshore ID theft ring installed spyware on a bank's network. The spyware captured confidential information, including passwords, login data and account details exchanged between the bank and its customers. Harvested data was subsequently Legal damages First-party losses 41% 35% used to deplete the customers' bank accounts and fraudulently obtain loans in their names at other banks. Customers sued the bank for consequential damages resulting from a failure to protect their private financial information. 8 erisk Hub Exclusive

10 Cause of Data Loss The cause of loss included hackers, lost or stolen equipment, rogue employees, business interruption, and staff mistakes, among others. 95 percent (132 million) of all records exposed were attributable to hackers, rogue employees, and loss/theft of equipment. Hackers Hackers caused 32 percent of the reported incidents, but 76 percent (105 million) of records exposed. In one incident, a West Coast insurance company filed a civil lawsuit for $800,000 in damages caused by a former employee who hacked into the company s computer system to access confidential information. The employee devised an "industrial espionage" scheme to obtain intellectual property and confidential data that was forwarded to competitors. In another case, a non-profit charity accepted donations that were charged to the donor's credit card. 9 erisk Hub Exclusive

11 The charity retained donor information, including credit card numbers, to support pre-authorized recurring donations. A hacker penetrated the charity's network security and copied the retained card data, which enabled an ID theft ring to withdraw funds from donors' bank accounts. The donors sued the charity to recover stolen funds and the cost to repair their credit history. Crisis services 21% Legal damages 43% First-party losses 36% Rogue Employees Rogue employees caused 19 percent of reported incidents and were responsible for 10 percent (14 million) of records exposed. A recent example involved a disgruntled employee of a Fortune 1000 firm who downloaded malicious code onto the firm s network, plus the networks of the firm s clients and vendors. The code launched confidential information into the public domain and destroyed some critical corporate applications, resulting in more than $9,000,000 in third-party claims. Crisis services 29% Legal damages 71% Loss or Theft Lost or stolen equipment accounted for 15 percent of reported incidents and 10 percent (13 million) of records exposed. In one incident, an employee of a medical college lost an ipad while traveling from a teaching hospital to the college office. The ipad contained personally identifiable information of 1,800 applicants for hospital residency. The college alerted the hospital, notified the affected individuals and contacted credit and identity monitoring services. Credit monitoring costs for the breach totaled $57,000. Crisis services 87% Legal damages 13% 10 erisk Hub Exclusive

12 Staff Mistakes Staff mistakes caused seven percent of the breach events, but accounted for only two percent (2,749) of records exposed. One such incident involved a city school, where the confidential information of 98,000 students was accidentally published on the school s website. The school hired forensic experts to determine the number of students affected and the nature of data exposed. Additionally, the school sent notification letters to all affected students and established a call center to respond to their questions and concerns. Crisis services 89% Legal damages 5% First-party losses 6% Business Interruption Business interruption incidents comprised eight percent of the breach events, yet contributed nothing to the number of records exposed. One recent example involved a computer manufacturer that used its network to control production of custom chips. A virus infected the manufacturer's network, causing the firm s computer memory chips to also be infected. Before the problem was identified, the firm shipped virus-laden chips to its customers who subsequently installed the now-malicious components in their own products. The manufacturer's customers sued, seeking to recover the costs of product recall, product replacement, legal defense and damages awarded. Costs attributed to business interruption incidents were all first-party losses. 11 erisk Hub Exclusive

13 Business Sectors Affected There were five primary business sectors impacted by data breach incidents: healthcare, financial services, retail, IT/technology and education. Approximately 96 percent (133 million) of records exposed came from these five sectors. 12 erisk Hub Exclusive

14 Healthcare Twenty-four percent of the breach incidents occurred in the healthcare sector, yet less than one percent (463,000) records were exposed. Lost or stolen equipment made up the largest percentage of healthcare incidents including misplaced medical tapes, and lost or stolen laptops and thumb drives. Rogue employees accounted for almost a quarter of the incidents, with patient records illegally being resold to identity theft rings. In one example, 40,000 records were compromised. Hacking caused roughly 20 percent of incidents, including: slandering targeted employees through intrusions, introduction of malicious software, corruption of medical records databases, and theft of benefit information for the purposes of resale. Almost 15 percent of the healthcare breaches were due to inadequate security, system glitches, or employee negligence, including an inadvertent website posting and the delivery of patient records and data. In one of the incidents, the company failed to inform, through timely notification, that a breach occurred resulting in fines levied against the company. Crisis services Legal damages Associated fines 51% 46% 3% Financial Services Although only 22 percent of reported incidents occurred in financial services, this sector accounted for 88 percent (122 million) of records exposed. Most of the breaches occurred due to hackers, lost or stolen equipment, and rogue employees. Hacker incidents involved stolen credit cards, inflated balances on pre-paid debit cards and extortion. In one incident, hackers altered the allowable balance on 200 debit cards to $300,000 (each), and then performed 12,000 withdrawal transactions at hundreds of ATMs in 10 countries over a span of two weeks. In another case, customer information was stolen from a server while in the custody of a vendor who was investigating a breach. Other breaches in financial services were due to lost or stolen equipment that contained PII information. In one such incident, an employee stole 4 million identities off a thumb drive for the purpose of resale. In another, a lost laptop contained 40,000 personal records. Crisis services Legal damages First-party losses Associated fines 43% 43% 11% 3% 13 erisk Hub Exclusive

15 Retail The retail sector accounted for 15 percent of reported breaches and seven percent (10 million) of records exposed. Breach events in this sector affected both brick-and-mortar shops and online stores. Almost half the incidents in this sector were caused by rogue employees and hackers. In one incident, a rogue employee at a large consumer reporting agency stole four million customer records for resale purposes. In another incident, hackers gained access to the computer systems of a dozen hotel locations and were able to access the names and credit card numbers Crisis services Legal damages First-party losses 11% 34% 55% of approximately 500,000 individuals. The hotel chain incurred over $1 million in crisis management-related expenses. IT/Technology Hacking represented the bulk of breach activity in this sector, with business interruption second. A British ISP shut down its entire operation after a massive DoS attack crippled its network for several days. The ISP told its customers that because its insurance would not cover the cost of bringing its servers back online, it was forced to file for bankruptcy. In another incident, a hacker overwhelmed several large websites through multiple distributed denial of service (DDoS) attacks. The culprit hijacked various First-party losses Associated fines 98% 2% computers throughout the world to bombard target servers with seemingly legitimate requests for data. Education In the education sector, 75 percent of breaches were due to staff mistakes. One breach included the accidental disbursement of students PII through website and errors. Expenses incurred included forensics, notification and credit monitoring. Legal damages for one of the cases were $250,000. Crisis services 54% Legal damages 46% 14 erisk Hub Exclusive

16 Conclusion Despite increasing awareness around cyber security and the increasing frequency of data breach events, it has been difficult to assess the cost to companies when such incidents occur, due to the lack of hard data on the subject. This study lays the groundwork for risk management professionals and insurance underwriters to understand the true impact of data insecurity. An empirical look at actual data breach events that occurred between 2005 and 2010 in organizations that had cyber or privacy liability coverage reveals that companies spent on average $2.4 million per event. The healthcare, financial and retail sectors and records containing PII, PHI and credit card information were most at risk, with hackers and rogue employees and contractors responsible for the majority of data loss. While this small sample covers only 77 data breach incidents in that five-year span, it demonstrates the areas where companies can better focus their cyber risk management practices and use these findings to guide the development of their data breach policies and action plans to guard against these events in the future. 15 erisk Hub Exclusive

17 Mark Greisiger is president of Network Standard Corp., which does business as NetDiligence, a Philadelphia-based firm that provides cyber risk assessment services for chief financial officers and risk managers to help assess whether their organizations deploy reasonable and prudent safeguards to mitigate data breach losses and liability risk. Since 2001, NetDiligence services have been used by insurers in the United States and the United Kingdom that offer data and privacy risk insurance products, providing loss control services to their insured business clients. Prior to starting NetDiligence, Mr. Greisiger worked for more than a decade directly in the insurance industry where he developed and underewrote a hacker insurance product. NetDiligence s erisk Hub web portal helps companies respond to data breaches quickly, efficiently and costeffectively. For more information, visit NetDiligence A Company of Network Standard Corporation P.O. Box 204 Gladwyne, PA erisk Hub Exclusive

Cyber Liability & Data Breach Insurance Claims

Cyber Liability & Data Breach Insurance Claims Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011 Last year, privacy breaches ran about 1-2 per week. This

More information

Cyber Liability & Data Breach Insurance Claims

Cyber Liability & Data Breach Insurance Claims NetDiligence 2013 Cyber Liability & Data Breach Insurance Claims Authored by: Mark Greisiger Sponsored by: AllClear ID Faruki Ireland & Cox PLL Kivu Consulting Introduction The third annual NetDiligence

More information

Understanding Professional Liability Insurance

Understanding Professional Liability Insurance Understanding Professional Liability Insurance Definition Professional liability is more commonly known as errors & omissions (E&O) and is a form of liability insurance that helps protect professional

More information

PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS

PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS The following claim scenarios are hypothetical and are offered solely to illustrate the types of situations that may result in claims. Although sorted by industry,

More information

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the

More information

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Cyber Liability Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Today s Agenda What is Cyber Liability? What are the exposures? Reality of a

More information

How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised

How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised ACE USA Podcast Released June 24, 2010 How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised Moderator: Richard Tallo Senior Vice President, ACE North America Marketing

More information

Cyber Liability & Data Breach Insurance Claims

Cyber Liability & Data Breach Insurance Claims Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches A NetDiligence Whitepaper Mark Greisiger President NetDiligence October 2012 Cyber Liability & Data Breach

More information

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you

More information

CAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance

CAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance Fundamentals of Cyber Risk Brad Gow June 9th, 2015 Endurance But consider the kickoff chuckle to a speech given to the Wharton School in March 1977 by Sidney Homer of Salomon Brothers, the leading bond

More information

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures

More information

cyber invasions cyber risk insurance AFP Exchange

cyber invasions cyber risk insurance AFP Exchange Cyber Risk With cyber invasions now a common place occurrence, insurance coverage isn t found in your liability policy. So many different types of computer invasions exist, but there is cyber risk insurance

More information

Cyber Liability. What School Districts Need to Know

Cyber Liability. What School Districts Need to Know Cyber Liability What School Districts Need to Know Data Breaches Growing In Number Between January 1, 2008 and April 4, 2012 314,216,842 reported records containing sensitive personal information have

More information

Preparing for the Inevitable Data Breach: What to Do Before Sensitive Customer and Employee Data is Breached, Stolen or Compromised

Preparing for the Inevitable Data Breach: What to Do Before Sensitive Customer and Employee Data is Breached, Stolen or Compromised ACE USA Podcast Released February 3, 2010 Preparing for the Inevitable Data Breach: What to Do Before Sensitive Customer and Employee Data is Breached, Stolen or Compromised Moderator: Richard Tallo Senior

More information

Cyber/ Network Security. FINEX Global

Cyber/ Network Security. FINEX Global Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Cyber Insurance: How to Investigate the Right Coverage for Your Company

Cyber Insurance: How to Investigate the Right Coverage for Your Company 6-11-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today

More information

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014

More information

Cyber Liability. AlaHA Annual Meeting 2013

Cyber Liability. AlaHA Annual Meeting 2013 Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages

More information

Cyber-Crime Protection

Cyber-Crime Protection Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living

More information

The Growing Problem of Data Breaches in America

The Growing Problem of Data Breaches in America Continuity Insights The Growing Problem of Data Breaches in America Today s Questions to Cover 1. What is a Data Breach? 2. How Significant is the Problem? 3. How Do Thieves Steal the Data? 4. How Does

More information

Cyber Insurance: How to Investigate the

Cyber Insurance: How to Investigate the 10-26-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

Privacy Rights Clearing House

Privacy Rights Clearing House 10/13/15 Cybersecurity in Education What you face as educational organizations How to Identify, Monitor and Protect Presented by Jamie Gershon Sr. Vice President Education Practice Group 1 Privacy Rights

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Thank you for joining us. We have a great many participants in today s call. Your phone is currently

More information

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :

More information

Cyber Risks in Italian market

Cyber Risks in Italian market Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends

More information

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Data Breach Cost. Risks, costs and mitigation strategies for data breaches Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,

More information

plantemoran.com What School Personnel Administrators Need to know

plantemoran.com What School Personnel Administrators Need to know plantemoran.com Data Security and Privacy What School Personnel Administrators Need to know Tomorrow s Headline Let s hope not District posts confidential data online (Tech News, May 18, 2007) In one of

More information

Information Security Addressing Your Advanced Threats

Information Security Addressing Your Advanced Threats Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?

More information

Cyber Risks and Insurance Solutions Malaysia, November 2013

Cyber Risks and Insurance Solutions Malaysia, November 2013 Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare

More information

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics

More information

Managing Cyber & Privacy Risks

Managing Cyber & Privacy Risks Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past

More information

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ APIP - Cyber Liability Insurance Coverages, Limits, and FAQ The state of Washington purchases property insurance from Alliant Insurance Services through the Alliant Property Insurance Program (APIP). APIP

More information

DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT

DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT Advisor Article DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT By James R. Carroll, David S. Clancy and Christopher G. Clark* Skadden, Arps, Slate, Meagher & Flom Customer data security

More information

Updates within Network Security and Privacy Risk Management

Updates within Network Security and Privacy Risk Management Updates within Network Security and Privacy Risk Management RIMS Minneapolis Meeting Melissa Krasnow, Partner, Dorsey & Whitney LLP (Minneapolis, MN) Mario Paez, Midwest Practice Leader for Tech., Privacy,

More information

Cyber and CGL Insurance Coverage for Data Breach Claims

Cyber and CGL Insurance Coverage for Data Breach Claims Cyber and CGL Insurance Coverage for Data Breach Claims Paula Weseman Theisen, Partner Data breach overview Definition of data breach/types Data breach costs Data breach legal claims and damages Cyber-insurance

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

Cyber/Information Security Insurance. Pros / Cons and Facts to Consider

Cyber/Information Security Insurance. Pros / Cons and Facts to Consider 1 Cyber/Information Security Insurance Pros / Cons and Facts to Consider 2 Presenters Calvin Rhodes, Georgia Chief Information Officer Ron Baldwin, Montana Chief Information Officer Ted Kobus, Partner

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies

More information

CYBER SECURITY SPECIALREPORT

CYBER SECURITY SPECIALREPORT CYBER SECURITY SPECIALREPORT 32 The RMA Journal February 2015 Copyright 2015 by RMA INSURANCE IS AN IMPORTANT TOOL IN CYBER RISK MITIGATION Shutterstock, Inc. The time to prepare for a potential cyber

More information

CYBER CLAIMS STUDY SPONSORED BY:

CYBER CLAIMS STUDY SPONSORED BY: 2 0 1 5 CYBER CLAIMS STUDY SPONSORED BY: TABLE OF CONTENTS Introduction....................................... 1 Key Findings....................................... 3 A Look at the Overall Dataset..............................

More information

Cyber Security Best Practices

Cyber Security Best Practices Cyber Security Best Practices 1. Set strong passwords; Do not share them with anyone: They should contain at least three of the five following character classes: o Lower case letters o Upper case letters

More information

2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage

2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage 2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage Chris Reese Vice President, Director of Underwriting Connie Rivas Asst. Vice President, Contracts and

More information

Cybercrime: risks, penalties and prevention

Cybercrime: risks, penalties and prevention Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,

More information

10 Smart Ideas for. Keeping Data Safe. From Hackers

10 Smart Ideas for. Keeping Data Safe. From Hackers 0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000

More information

2011 Data Breach Notifications Report

2011 Data Breach Notifications Report 2011 Data Breach Notifications Report December 2011 2011 Report on Data Breach Notifications History, Laws and Regulations On October 31, 2007, the Commonwealth s Data Security Breach Law, Mass. Gen. Law

More information

Cybersecurity Workshop

Cybersecurity Workshop Cybersecurity Workshop February 10, 2015 E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. 150 West Main Street, Suite 2100 Norfolk, VA 23510 (757) 624-3153

More information

LIGC-ACC Presentation November 9, 2015

LIGC-ACC Presentation November 9, 2015 Bryan Frank, DDIS Info Sec Corp, panelist Jennifer M. Mone, Deputy General Counsel, Hofstra University, panelist Keith J. Frank, Partner, Forchelli, Curto, Deegan, Schwartz, Mineo & Terrana,. LLP, moderator

More information

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently

More information

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation By Marc Ostryniec, vice president, CSID The increase in volume, severity, publicity and fallout of recent data breaches

More information

Understanding. your Cyber Liability coverage

Understanding. your Cyber Liability coverage Understanding your Cyber Liability coverage TEXAS MEDICAL LIABILITY TRUST 901 S. Mopac Expressway Barton Oaks Plaza V, Suite 500 Austin, TX 78746-5942 P.O. Box 160140 Austin, TX 78716-0140 800-580-8658

More information

SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE

SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to

More information

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information

More information

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection

More information

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

Privacy and Data Breach Protection Modular application form

Privacy and Data Breach Protection Modular application form Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while

More information

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,

More information

CYBER RISK SECURITY, NETWORK & PRIVACY

CYBER RISK SECURITY, NETWORK & PRIVACY CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread

More information

Beyond Data Breach: Cyber Trends and Exposures

Beyond Data Breach: Cyber Trends and Exposures Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in

More information

Cyberinsurance: Insuring for Data Breach Risk

Cyberinsurance: Insuring for Data Breach Risk View the online version at http://us.practicallaw.com/2-588-8785 Cyberinsurance: Insuring for Data Breach Risk JUDY SELBY AND C. ZACHARY ROSENBERG, BAKER HOSTETLER LLP, WITH PRACTICAL LAW INTELLECTUAL

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

ISO? ISO? ISO? LTD ISO?

ISO? ISO? ISO? LTD ISO? Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet

More information

Beazley presentation master

Beazley presentation master The Art of Breach Management Beazley presentation master February 2008 A Brief Review of Data Breaches What is a Data Breach? Actual release or disclosure of information to an unauthorized individual/entity

More information

Data Security 101. Christopher M. Brubaker. A Lawyer s Guide to Ethical Issues in the Digital Age. cbrubaker@clarkhill.com

Data Security 101. Christopher M. Brubaker. A Lawyer s Guide to Ethical Issues in the Digital Age. cbrubaker@clarkhill.com Data Security 101 A Lawyer s Guide to Ethical Issues in the Digital Age Christopher M. Brubaker cbrubaker@clarkhill.com November 4-5, 2015 Pennsylvania Bar Institute 21 st Annual Business Lawyers Institute

More information

Cyber Insurance Presentation

Cyber Insurance Presentation Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance

More information

Embracing Cyber Risk: Insurance Solutions

Embracing Cyber Risk: Insurance Solutions Embracing Cyber Risk: Insurance Solutions ANZIIF Risk Rendezvous 15 Ian Pollard, Managing Director, Delta Insurance New Zealand Limited Agenda Risk Management Risk Transfer and Insurance Cyber attacks

More information

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in

More information

CYBER/ NETWORK SECURITY

CYBER/ NETWORK SECURITY CYBER/ NETWORK SECURITY FINEX AUSTRALIA ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over

More information

Cybercrime: Protecting Your Digital Assets in Today's Threat Landscape

Cybercrime: Protecting Your Digital Assets in Today's Threat Landscape Cybercrime: Protecting Your Digital Assets in Today's Threat Landscape Presented by Rachel Ratcliff OM03 Saturday, 10/5/2013 9:30 AM - 10:45 AM Cybercrime: Protecting Your Digital Assets in Today s Threat

More information

Cyber Insurance as one element of the Cyber risk management strategy

Cyber Insurance as one element of the Cyber risk management strategy Cyber Insurance as one element of the Cyber risk management strategy Stéphane Hurtaud Partner Governance, Risk & Compliance Thierry Flamand Partner Insurance Leader Laurent de la Vaissière Director Governance,

More information

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd Lessons Learned from Recent HIPAA and Big Data Breaches Briar Andresen Katie Ilten Ann Ladd Recent health care breaches Breach reports to OCR as of February 2015 1,144 breaches involving 500 or more individual

More information

Anatomy of a Privacy and Data Breach

Anatomy of a Privacy and Data Breach Anatomy of a Privacy and Data Breach Understanding the Risk and Managing a Crisis Adam Kardash: Partner, Heenan Blaikie LLP Robert Parisi: Senior Vice President, Marsh Leadership, Knowledge, Solutions

More information

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST Protecting Identities. Enhancing Reputations. IDT911 1 DATA BREACHES AND SUBSEQUENT IDENTITY THEFT AND FRAUD THREATEN YOUR ORGANIZATION

More information

Cyber Threats: Exposures and Breach Costs

Cyber Threats: Exposures and Breach Costs Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals

More information

T H E R E A L C O S T O F A D ATA B R E A C H

T H E R E A L C O S T O F A D ATA B R E A C H T H E R E A L C O S T O F A D ATA B R E A C H Hosted by AllClear ID www.allclearid.com/business WELCOME // QUICK NOTES Presentation is being recorded and will be available within 2-3 business days at www.allclearid.com/business

More information

Cyber Liability. What you need to know! PRESENTED BY: GALLAGHER / CYBERRISK SERVICES MAY 2014 2013 ARTHUR J. GALLAGHER & CO.

Cyber Liability. What you need to know! PRESENTED BY: GALLAGHER / CYBERRISK SERVICES MAY 2014 2013 ARTHUR J. GALLAGHER & CO. Cyber Liability What you need to know! PRESENTED BY: GALLAGHER / CYBERRISK SERVICES MAY 2014 Most Common Reactions to Cyber Liability Questions: We don t need cyber liability coverage; we have tort immunity

More information

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What

More information

Privacy Data Loss. Privacy Data Loss. Identity Theft. The Legal Issues

Privacy Data Loss. Privacy Data Loss. Identity Theft. The Legal Issues Doing Business in Oregon Under the Oregon Consumer Identity Theft Protection Act and Related Privacy Risks Privacy Data Loss www.breachblog.com Presented by: Mike Porter March 10, 2009 2 Privacy Data Loss

More information

Cyber Risk in Healthcare AOHC, 3 June 2015

Cyber Risk in Healthcare AOHC, 3 June 2015 Cyber Risk in Healthcare AOHC, 3 June 2015 Kopiha Nathan, Senior Healthcare Risk Management and Data Specialist James Penafiel, Underwriting Supervisor, Insurance Operations CFPC Conflict of Interest -

More information

Insuring Innovation. CyberFirst Coverage for Technology Companies

Insuring Innovation. CyberFirst Coverage for Technology Companies Insuring Innovation. CyberFirst for Technology Companies TECHNOLOGY IS EVERYWHERE. SO ARE THE THREATS. protection that goes well beyond a traditional general liability policy. CyberFirst CyberFirst is

More information

Joe A. Ramirez Catherine Crane

Joe A. Ramirez Catherine Crane RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract

More information

CyberSecurity for Law Firms

CyberSecurity for Law Firms CyberSecurity for Law Firms Cracking the Cyber Code: Recent Headlines, Reinforcing the Need and Response Planning July 16, 2013 Making the Case Matthew Magner Senior Underwriting Officer Chubb & Son, a

More information

Identifying Cyber Risks and How they Impact Your Business

Identifying Cyber Risks and How they Impact Your Business 10 December, 2014 Identifying Cyber Risks and How they Impact Your Business David Bateman, Partner, K&L Gates, Seattle Sasi-Kanth Mallela, Special Counsel, K&L Gates, London Copyright 2013 by K&L Gates

More information

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015

Cybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 Cybersecurity: A Growing Concern for All Businesses RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 RLI Design Professionals is a Registered Provider with The American

More information

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014

More information

DATA BREACH COVERAGE

DATA BREACH COVERAGE THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000

More information

Beazley Group Beazley Breach Response. A data breach isn t always a disaster Mishandling it is.

Beazley Group Beazley Breach Response. A data breach isn t always a disaster Mishandling it is. Beazley Group Beazley Breach Response A data breach isn t always a disaster Mishandling it is. A world of risk 932.7m Personal records breached in the U.S. since 2005 3 51% The proportion of breaches attributable

More information

4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015

4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015 CYBER LIABILITY AND AVIATION Presented by Hal Hunt May 3, 2015 AGENDA Introduction Leaning Objectives Threat Examples Underwriting Protection/Cyber Policy Summary 2 LEARNING OBJECTIVES Understand Key Terms

More information

Discussion on Network Security & Privacy Liability Exposures and Insurance

Discussion on Network Security & Privacy Liability Exposures and Insurance Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter

More information

I ve been breached! Now what?

I ve been breached! Now what? I ve been breached! Now what? THE AFTERMATH OF A BREACH & STEPS TO REDUCE RISK The number of data breaches in the United States in 2014 hit a record high. And 2015 is not looking any better. There have

More information

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in

More information

CYBER INSURANCE. Cyber Insurance and Gaps in Traditional Insurance. Cyber and E&O Team Willis FINEX North America

CYBER INSURANCE. Cyber Insurance and Gaps in Traditional Insurance. Cyber and E&O Team Willis FINEX North America CYBER INSURANCE Cyber Insurance and Gaps in Traditional Insurance Cyber and E&O Team Willis FINEX North America Privacy & Network Security (Cyber) Insurance COVERAGE MODULES Privacy Expense Consumer Notification

More information

Insurance for Data Breaches in the Hospitality Industry

Insurance for Data Breaches in the Hospitality Industry The Academy of Hospitality Industry Attorneys The Pl Palmer House Hilton Chicago, IL April 25, 2014 Insurance for Data Breaches in the Hospitality Industry Presenters: David P. Bender, Jr. dbender@andersonkill.com

More information

A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Meeting the Cyber Risk Challenge. Sponsored by

A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Meeting the Cyber Risk Challenge. Sponsored by A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Meeting the Cyber Risk Challenge Sponsored by ABOUT ZURICH INSURANCE GROUP Zurich Insurance Group (Zurich) is a leading multi-line insurance provider

More information

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become

More information

ENTIRE CONTENTS COPYRIGHT CRAIN COMMUNICATIONS INC. ALL RIGHTS RESERVED.

ENTIRE CONTENTS COPYRIGHT CRAIN COMMUNICATIONS INC. ALL RIGHTS RESERVED. ENTIRE CONTENTS COPYRIGHT CRAIN COMMUNICATIONS INC. ALL RIGHTS RESERVED. INTRODUCTION While cyber risks long have been associated with e-commerce firms, any firm that holds confidential information in

More information

What Data? I m A Trucking Company!

What Data? I m A Trucking Company! What Data? I m A Trucking Company! Presented by: Marc C. Tucker 434 Fayetteville Street, Suite 2800 Raleigh, NC, 27601 919.755.8713 marc.tucker@smithmoorelaw.com Presented by: Rob D. Moseley, Jr. 2 West

More information