THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS
|
|
- Eustace Peters
- 8 years ago
- Views:
Transcription
1 THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit MARSH
2 CYBER RISK: TRENDS AND SOLUTIONS SEPTEMBER 2013
3 CYBER RISKS: TRENDS AND SOLUTIONS CYBER RISK OVERVIEW Cyber Risk Segmentation 1. The harm caused by the insured 2. The harm that befalls the insured 3. Regulatory Requirements Stipulated by the government One event can trigger a loss that involves multiple risks. MARSH 2
4 CYBER RISKS: TRENDS AND SOLUTIONS CYBER RISK AND SUPPLY CHAINS Technology outages outpaced adverse weather in Data breaches and cyber attacks collectively were more disruptive than fire and civil unrest. MARSH 3
5 CYBER RISK CYBER INSURANCE POLICIES Cyber insurance policies: Fill many of the gaps in traditional insurance. Provide direct loss and liability protection for risks created by the use of technology and data in an organization s day-to-day operations. Risks Coverage Traditional Policies Cyber & Privacy Policy Legal liability to others for privacy breaches Privacy Liability: Harm suffered by others due to the disclosure of confidential information Legal liability to others for computer security breaches Network Security Liability: Harm suffered by others from a failure of your network security Loss or damage to data/information Property Loss: The value of data stolen, destroyed, or corrupted by a computer attack Loss of revenue due to a computer attack Loss of Revenue: Business income that is interrupted by a computer attack Extra expense to recover/respond to a computer attack Cyber Extortion: The cost of investigation and the extortion demand Loss or damage to reputation Identity theft Expenses resulting from identity theft Privacy notification requirements Cost to comply with privacy breach notification statues Regulatory actions Legal defense for regulatory actions Not typically covered May be covered Typically covered MARSH 4
6 CYBER RISKS: TRENDS AND SOLUTIONS CYBER RISK INSURANCE EVOLUTION Cyber insurance policies are able to address: Protection for claims arising from a failure of computer security to prevent or mitigate a computer attack. Protection for claims arising from a disclosure or mishandling of confidential information whether electronic or hard copy. Protection for the intentional acts of rogue employees and vicarious liability for a privacy breach by third-party vendors or business process outsourcing firms. Coverage for defense of regulatory actions, including affirmative coverage for assessed fines and penalties. Cyber policies can also include a fund for public relations and crisis management in connection with a crisis event relating to a failure of computer security or breach of privacy. MARSH 5
7 CYBER RISKS: TRENDS AND SOLUTIONS MIDSIZE BUSINESS EXPOSURE TO CYBER RISK Five things every small business should know about cyber crime: 1. Any size organization can fall victim. 2. Small businesses manage information that is of interest to cyber criminals. 3. Cyber criminals unleash 3.5 new threats every second targeting small businesses. 4. Compliance is costly, but noncompliance is costlier and can serve as a window to cybercrime. 5. As small businesses move to the cloud, cyber criminals are not far behind. Source: Trend Micro Inc. MARSH 6
8 CYBER RISKS: TRENDS AND SOLUTIONS CHANGING THREAT ENVIRONMENT Evolution of Cybercrime MARSH Copyright 2013 Trend Micro Inc. 7
9 CYBER RISKS: TRENDS AND SOLUTIONS TARGETED ATTACK TACTICAL TRENDS 1. Social and political events will be harbingers of attacks. 2. Localized attacks such as malware that will not execute unless certain conditions are met, such as language settings or even only specific netblocks. 3. The malware used in targeted attacks will have destructive capacity, either as its primary intent or as a cleanup mechanism to cover the attackers tracks. MARSH Copyright 2013 Trend Micro Inc. 8
10 CYBER RISK: TRENDS AND SOLUTIONS INSURANCE OPTIONS FOR MIDSIZE COMPANIES Insurance solutions have changed dramatically for midsize companies. Insurers have adapted products to fit the needs of all size companies. For example, crisis team approach for midsized firms. Easier for midsize organizations to apply for coverage. Still work to be done Marsh focused on breadth of coverage. Midsize organizations lack some of the bargaining clout, expertise, and time to negotiate terms and conditions. Marsh creating a platform to take advantage of coverage enhancements. MARSH 9
11 CYBER RISK: TRENDS AND SOLUTIONS RESPONDING TO A CYBER ATTACK: INITIAL STEPS NIST Depiction of Incident Response Life Cycle (NIST rev 2) MARSH 10
12 CYBER RISK: TRENDS AND SOLUTIONS RESPONDING TO A CYBER ATTACK: INITIAL STEPS Accurately identify scope and scale of incident. Contain the incident by immediately remediating vulnerabilities that facilitated the attack. Neutralize (but not necessarily destroy) malicious code. Remediate damage and recover from the breach and return to normal operations as quickly as possible. Review lessons learned. MARSH 11
13 CYBER RISK: TRENDS AND SOLUTIONS RESPONDING TO A CYBER ATTACK: DATA ANALYSIS External Data Breach Analysis Should Seek to Ascertain: The initial entry-point of the intruder. How long the intruder had access to victim s system. What areas of the network the intruder accessed. What, if any, sensitive information could have been exposed. What legal obligations arise from the breach. MARSH 12
14 CYBER RISK: TRENDS AND SOLUTIONS COMMON MISSTEPS IN ATTACK RESPONSE 1. Concluding that a breach has occurred before an investigation has been conducted. Investigation may reveal that the company has suffered an intrusion but that no breach of sensitive information has occurred. 2. Failure to preserve, collect, and analyze critical evidence. Companies often overlook log data and fail to collect vital information from volatile memory both of which can be key to accurately understanding the scope and scale of a breach. 3. Inability to accurately define the scope of the exposure. Initial assumptions can be misleading. It is important to determine whether data was actually lost or subjected to unauthorized access. A thorough investigation helps establish the universe of data that was compromised. MARSH 13
15 CYBER RISK: TRENDS AND SOLUTIONS COMMON MISSTEPS IN ATTACK RESPONSE 4. Ineffective communication between technology and legal staff. First responders can unknowingly damage or destroy critical information. It is important to collect and preserve evidence in the process of containing the event. 5. Rushing to notify before the full scope of the breach has been confirmed. 6. Failure to apply lessons learned from the event to prevent future incidents. Updating IRPs, performing vulnerability assessments, providing training these will help to improve data security posture. MARSH 14
16 CYBER RISK: TRENDS AND SOLUTIONS BUSINESS CONTINUITY Cyber-Related Business Interruption Risks: Public website outages. Customer portal outages. Internal operations systems disruption. Supply chain disruptions. Communication system disruption. Cleansing/replacing infected IT equipment. MARSH 15
17 CYBER RISKS: TRENDS AND SOLUTIONS BUSINESS CONTINUITY Risk Exposure Category Outage Power 2.25 Capacity 9 Internet Service 3 Risk Elements DOS Attack Physical Damages Upgrade/ Maintenance 4 CPE Outage 5.25 Performance Latency 6 Capacity congestion 8.75 Product Functionality 4 Compliance Global expansion 4 Industry standards 2 Unpr. reg. framework 4 Commercial Agreements 5.25 Data Breach Regulated Loss / corrupted 6 Leakage / compromise 10 Collection practices 9 Data Breach Non Regulated Loss / corrupted 4 Leakage / compromise 4 Collection practices 3 Integrity / Security Security design 5 Response to event 3.5 Lack of new capabilities 2 Lack of patches 5 Security coding 5 Malware 3.75 Infrastructure complexity 2 Relative Risk Exposure Spectrum and Scoring Scale Lowest Risk Exposure Lower Risk Exposure Medium Risk Exposure Higher Risk Exposure Highest Risk Exposure Scoring Scale (refer to appendix for details) Impact (1-5); Frequency (1-5) Risk = Impact x Frequency (1-25) MARSH 16
18 CYBER RISK: TRENDS AND SOLUTIONS INDUSTRY ISSUES Some industries with significant amount of activity: - Financial institutions (due to sheer volume). - Retail. - Hospitality. - Communication, media, and technology. MARSH 17
19 CYBER RISK: TRENDS AND SOLUTIONS PRE-LOSS ASSESSMENTS The potential financial exposures uncovered by pre-loss studies allow firms to assess the path towards managing the risk. Assess scenarios. Determine strength of contingency plans. Consider redundancies / improved network security and continuity. Desktop and professional studies: Understand financial exposure. Value stream mapping. Anticipated maximum business interruption loss (AMBIL) Ensure sufficient risk transfer: Property, cyber, fraud, and other insurance. Eliminate gaps in coverage. Know your exclusions. MARSH 18
20 CYBER RISKS: TRENDS AND SOLUTIONS MAKING AN INSURANCE CLAIM: COVERAGE Coverage Identify policy(ies) or endorsements that apply. Know your loss trigger (causation). You may receive a Reservation of Rights letter. Don t be shocked. Cyber losses can be difficult adjustments. Insurers will have their team amassed much more than an adjuster: Engineers to establish scope of loss and causation. Attorneys to support policy positions. Forensic accountants to audit claim. MARSH 19
21 CYBER RISKS: TRENDS AND SOLUTIONS MAKING AN INSURANCE CLAIM: QUANTIFICATION No Quantification For any material loss, best to retain experienced claim preparer. Many policies contain professional fees or claim preparation coverage that will reimburse for this expertise. Adjusters have their team of experts you need to put same expertise on your side of the table. You know your business: Forensic accounting claim preparers know proper measurement approach and the overall claim process. MARSH 20
22 CYBER RISKS: TRENDS AND SOLUTIONS MARSH FACS TYPICAL CLAIM PREPARATION PROCESS MARSH 21
23 CYBER RISKS: TRENDS AND SOLUTIONS MARSH FACS TYPICAL CLAIM PREPARATION PROCESS MARSH 22
24 This document and any recommendations, analysis, or advice provided by Marsh (collectively, the Marsh Analysis ) are not intended to be taken as advice regarding any individual situation and should not be relied upon as such. This document contains proprietary, confidential information of Marsh and may not be shared with any third party, including other insurance producers, without Marsh s prior written consent. Any statements concerning actuarial, tax, accounting, or legal matters are based solely on our experience as insurance brokers and risk consultants and are not to be relied upon as actuarial, accounting, tax, or legal advice, for which you should consult your own professional advisors. Any modeling, analytics, or projections are subject to inherent uncertainty, and the Marsh Analysis could be materially affected if any underlying assumptions, conditions, information, or factors are inaccurate or incomplete or should change. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Except as may be set forth in an agreement between you and Marsh, Marsh shall have no obligation to update the Marsh Analysis and shall have no liability to you or any other party with regard to the Marsh Analysis or to any services provided by a third party to you or Marsh. Marsh makes no representation or warranty concerning the application of policy wordings or the financial condition or solvency of insurers or reinsurers. Marsh makes no assurances regarding the availability, cost, or terms of insurance coverage. Marsh is one of the Marsh & McLennan Companies, together with Guy Carpenter, Mercer, and Oliver Wyman. MA Copyright 2013 Marsh Inc. All rights reserved. USDG 5657
Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?
Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information
More informationCyber Risk: Global Warning? by Cinzia Altomare, Gen Re
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in
More informationInsurance Considerations Related to Data Security and Breach in Outsourcing Agreements
Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President
More informationMARSH REPORT October 2015. International Business Resilience Survey 2015
MARSH REPORT October 2015 International Business Resilience Survey 2015 CONTENTS October 2015 CONTENTS 3 Introduction 4 Non-traditional risks top concerns, both in terms of likelihood and impact 7 Insurance
More informationGALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability
GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the
More informationMANAGEMENT AND PROFESSIONAL LIABILITY INSURANCE
U.S. FINPRO MANAGEMENT AND PROFESSIONAL LIABILITY INSURANCE ALTERNATIVE INVESTMENT FUNDS/HEDGE FUNDS In turbulent economic times, the importance of a well designed management and professional liability
More informationHEADWINDS FOR CALIFORNIA WORKERS COMPENSATION: TAKING THE HELM
HEADWINDS FOR CALIFORNIA WORKERS COMPENSATION: TAKING THE HELM February 2012 Colleen Britz Managing Director Tom Cammann Managing Director Jay Wesley Managing Director Los Angeles, CA Headwinds for California
More informationSINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry
SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :
More informationCOMPENSATION GUIDE FOR US CLIENTS
COMPENSATION GUIDE FOR US CLIENTS ABOUT MARSH Marsh is a global leader in insurance broking and risk management. Marsh helps clients succeed by defining, designing, and delivering innovative industry-specific
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationManaging Cyber Risk through Insurance
Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes
More informationCYBER & PRIVACY LIABILITY INSURANCE GUIDE
CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,
More informationSUSTAINING THE PROFESSIONAL: PROTECTING YOUR ASSETS
SUSTAINING THE PROFESSIONAL: PROTECTING YOUR ASSETS AUGUST 2, 2013 Denise K. Gibson, RPLU Vice President Graham M. Fuller Senior Vice President Urbandale, Iowa Marsh US Consumer, a service of Seabury &
More informationISO? ISO? ISO? LTD ISO?
Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet
More informationHOW TO REIN IN WORKERS COMPENSATION COSTS. October 2013
HOW TO REIN IN WORKERS COMPENSATION COSTS October 2013 COST DRIVERS: PREMIUMS AND CLAIMS COSTS Insurers pushing for workers compensation rate increases. Especially risks with unfavorable loss experience
More informationReducing Risk. Raising Expectations. CyberRisk and Professional Liability
Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today
More informationInternet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler
Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in
More informationCGI Cyber Risk Advisory and Management Services for Insurers
CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their
More informationData Breach and Senior Living Communities May 29, 2015
Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs
More informationLogging In: Auditing Cybersecurity in an Unsecure World
About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that
More informationCyber Risks and Insurance Solutions Malaysia, November 2013
Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare
More informationMarsh Private Client Life Insurance Services 10 REASONS TO REVIEW YOUR LIFE INSURANCE TODAY
Marsh Private Client Life Insurance Services 10 REASONS TO REVIEW YOUR LIFE INSURANCE TODAY 1. HAVE YOUR NEEDS CHANGED? Is the original reason you purchased your policies still applicable? Often, the need
More informationCyber Insurance Presentation
Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance
More informationCyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor
Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection
More informationData breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC
Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you
More informationRISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION
RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former
More informationPROCUREMENT AND THE INSURANCE INDUSTRY WHAT YOU NEED TO KNOW NOVEMBER 2015
PROCUREMENT AND THE INSURANCE INDUSTRY WHAT YOU NEED TO KNOW NOVEMBER 2015 National Practice Leader Public Entity Corporate Insurance Topics to be discussed: Corporate Insurance understanding the difference
More informationManaging Cyber & Privacy Risks
Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past
More informationcyber invasions cyber risk insurance AFP Exchange
Cyber Risk With cyber invasions now a common place occurrence, insurance coverage isn t found in your liability policy. So many different types of computer invasions exist, but there is cyber risk insurance
More informationManaging Cyber Security as a Business Risk: Cyber Insurance in the Digital Age
Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013
More informationCyber/ Network Security. FINEX Global
Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over
More informationCYBER SECURITY SPECIALREPORT
CYBER SECURITY SPECIALREPORT 32 The RMA Journal February 2015 Copyright 2015 by RMA INSURANCE IS AN IMPORTANT TOOL IN CYBER RISK MITIGATION Shutterstock, Inc. The time to prepare for a potential cyber
More informationExercising Your Enterprise Cyber Response Crisis Management Capabilities
Exercising Your Enterprise Cyber Response Crisis Management Capabilities Ray Abide, PricewaterhouseCoopers, LLP 2015 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved.
More informationRecent Court Rulings May Affect Protection Responsibilities
FINPRO Practice april 2013 Recent Court Rulings May Affect Companies Cyber and Data Protection Responsibilities Contents: Krottner v. starbucks corp. page 2 Clapper v. amnesty international page 3 Amgen,
More informationDATA BREACH COVERAGE
THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000
More informationCyber Insurance: How to Investigate the Right Coverage for Your Company
6-11-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)
More informationMANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS
MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS RRD Donnelley SEC Hot Topics Institute May 21, 2014 1 MANAGING CYBERSECURITY RISK AND DISCLOSURE OBLIGATIONS Patrick J. Schultheis Partner Wilson
More informationCyber Risk Insurance for Agents. Frequently Asked Questions
Cyber Risk Insurance for Agents Frequently Asked Questions 1 Cyber Risk Insurance About Great American Insurance Great American Insurance Group s roots go back to 1872 with the founding of its flagship
More informationCyber Exposure for Credit Unions
Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of
More informationWORKERS COMPENSATION WEBCAST SERIES CREATING SAFER WORKPLACES AND REDUCING COSTS THROUGH PREDICTIVE ANALYTICS AND TECHNOLOGY
WORKERS COMPENSATION WEBCAST SERIES CREATING SAFER WORKPLACES AND REDUCING COSTS THROUGH PREDICTIVE ANALYTICS AND TECHNOLOGY KEY WORKERS COMPENSATION AND WORKPLACE SAFETY OBJECTIVES FOR EMPLOYERS Employers
More informationOHIO ASSOCIATION OF COMMUNITY COLLEGES
OHIO ASSOCIATION OF COMMUNITY COLLEGES RISK MANAGEMENT AND INSURANCE PROGRAM Launched November 1, 2011 OACC is right for you if: You want to lower your total cost of risk; You want broader coverages, loss
More informationPrivacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec
Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,
More informationEnterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security
Enterprise Security Governance Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security Governance and Organisational Model Risk Mgmt & Reporting Digital Risk & Security
More informationData breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd
Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures
More informationISO General Liability Form Revisions
ISO General Liability Practice ISO General Liability Form Revisions Effective April 1, 2013 Content: caveats page 2 background page 2 exclusion c: liquor liability page 2 exclusion G: Aircraft, auto, or
More informationAPIP - Cyber Liability Insurance Coverages, Limits, and FAQ
APIP - Cyber Liability Insurance Coverages, Limits, and FAQ The state of Washington purchases property insurance from Alliant Insurance Services through the Alliant Property Insurance Program (APIP). APIP
More informationOctober 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches
October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title
More informationCYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS
CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become
More informationCyber Threats: Exposures and Breach Costs
Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals
More informationOCIE Technology Controls Program
OCIE Technology Controls Program Cybersecurity Update Chris Hetner Cybersecurity Lead, OCIE/TCP 212-336-5546 Introduction (Role, Disclaimer, Background and Speech Topics) SEC Cybersecurity Program Overview
More informationConstruction Webinar October 16, 2012. Stewart Roberts Claims Manager
Construction Webinar October 16, 2012 Stewart Roberts Claims Manager CURIE Property Policy 4.3 PROPERTY EXCLUDED This policy does not apply to: a) motor vehicles licensed for regular highway use b) New
More informationPrivacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014
Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014
More informationInsurance implications for Cyber Threats
Lillehammer Energy Claims Conference Lillehammer March 7, 2014 Insurance implications for Cyber Threats How enterprises need to prepare for the inevitable JLT is one of the world s largest providers of
More informationINSURANCE MARKETS AND RISK TRENDS IN 2014 JANUARY 2014
JANUARY 2014 UNITED STATES INSURANCE MARKET REPORT 2014 For a copy of Marsh s US Insurance Market Report 2014, please visit marsh.com or ask your Marsh representative. AVERAGE PROPERTY RATE CHANGES ALL
More informationHow To Buy Cyber Insurance
10-26-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)
More informationwww.pwc.co.uk Cyber security Building confidence in your digital future
www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in
More informationDiscussion on Network Security & Privacy Liability Exposures and Insurance
Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter
More informationAnatomy of a Privacy and Data Breach
Anatomy of a Privacy and Data Breach Understanding the Risk and Managing a Crisis Adam Kardash: Partner, Heenan Blaikie LLP Robert Parisi: Senior Vice President, Marsh Leadership, Knowledge, Solutions
More informationWhite Paper on Financial Institution Vendor Management
White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety
More informationBe Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance
Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Today s agenda Introductions Cyber exposure overview Cyber insurance market and coverages Captive cyber insurance
More informationData Security Incident Response Plan. [Insert Organization Name]
Data Security Incident Response Plan Dated: [Month] & [Year] [Insert Organization Name] 1 Introduction Purpose This data security incident response plan provides the framework to respond to a security
More informationMARINE CARGO CLAIMS GUIDEBOOK
Marsh Canada Limited MARINE CARGO CLAIMS GUIDEBOOK TO REPORT A CLAIM PLEASE GO TO WWW.MARSHCARGO.COM MARINE CARGO CLAIMS GUIDEBOOK i Marine Cargo Claims Guidebook This booklet has been prepared as a guide
More informationU.S. Casualty Practice U.S. Construction Practice. November 2012. NY Labor Law 240
U.S. Casualty Practice U.S. Construction Practice November 2012 NY Labor Law 240 NOVEMBER 2012 Scaffold Law Pressures Contractors in New York New York s so-called Scaffold Law Labor Law 240 has created
More informationTen Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder
Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system
More informationHit ratios are still very low for Security & Privacy coverage: What are companies waiting for?
Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Authored by Neeraj Sahni and Tim Stapleton Neeraj Sahni is Director, Insurance Channel at Kroll Cyber Investigations
More informationJoe A. Ramirez Catherine Crane
RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract
More informationPractical Cyber Law: Why the Standard of Care Requires Lawyers to Have a Basic Understanding of Cyber Insurance
Practical Cyber Law: Why the Standard of Care Requires Lawyers to Have a Basic Understanding of Cyber Insurance By Shawn Tuma & Katti Smith Data breaches have become far more common than most people realize.
More informationCyber Liability. AlaHA Annual Meeting 2013
Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages
More informationBeyond Data Breach: Cyber Trends and Exposures
Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in
More informationData Privacy and Gramm- Leach-Bliley Act Section 501(b)
Data Privacy and Gramm- Leach-Bliley Act Section 501(b) October 2007 2007 Enterprise Risk Management, Inc. Agenda Introduction and Fundamentals Gramm-Leach-Bliley Act, Section 501(b) GLBA Life Cycle Enforcement
More informationDON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS?
HEALTH WEALTH CAREER DON T BE A VICTIM! IS YOUR INVESTMENT PROGRAM PROTECTED FROM CYBERSECURITY THREATS? Gregg Sommer, CAIA Head of Operational Risk Assessments St. Louis MERCER 2015 0 CYBERSECURITY BREACHES
More informationCyber Risks in Italian market
Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends
More informationInformation Security Incident Management Policy and Procedure. CONTROL SHEET FOR Information Security Incident Management Policy
Bolsover District Council North East Derbyshire District Council & Rykneld Homes Ltd Information Security Incident Management Policy September 2013 Version 1.0 Page 1 of 13 CONTROL SHEET FOR Information
More informationAPPLICATION FOR TECHNOLOGY & PRIVACY PROFESSIONAL LIABILITY
APPLICATION FOR TECHNOLOGY & PRIVACY PROFESSIONAL LIABILITY GENERAL INFORMATION 1. APPLICANT NAME: 2. PHONE: 3. MAILING ADDRESS: 4. WEB ADDRESS: 5. The following officer of the Applicant is designated
More informationDATA BREACH, NETWORK SECURITY, CYBER LIABILITY, PRIVACY PROTECTION: ARE YOU INSURED?
DATA BREACH, NETWORK SECURITY, CYBER LIABILITY, PRIVACY PROTECTION: ARE YOU INSURED? February 3, 2012 Steve Brown, Agency Manager West Virginia Medical Insurance Agency How many in the audience today will
More informationCYBER RISK SECURITY, NETWORK & PRIVACY
CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread
More informationMEASURING AND MITIGATING REPUTATIONAL RISK SEPTEMBER 2014
SEPTEMBER 2014 DEFINING REPUTATIONAL RISK WHAT DO WE MEAN BY AN ORGANIZATION S REPUTATION? Everything an organization does or says creates an indelible impression in the minds of its key stakeholders senior
More informationCyber Risk State of the Art
Proudly presents Cyber Risk State of the Art Matthew Davies, Chubb Insurance Catherine Dowdall, Canada Post Mike Petersen, Marsh 1 Agenda 1. Who is At Risk? 2. New/Emerging Risk and Trends 3. Canada Post
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationRogers Insurance Client Presentation
Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com
More informationCyber-Crime Protection
Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living
More informationHow To Cover A Data Breach In The European Market
SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to
More informationFINAL May 2005. Guideline on Security Systems for Safeguarding Customer Information
FINAL May 2005 Guideline on Security Systems for Safeguarding Customer Information Table of Contents 1 Introduction 1 1.1 Purpose of Guideline 1 2 Definitions 2 3 Internal Controls and Procedures 2 3.1
More information2009 HIMSS Analytics Report: Evaluating HITECH s Impact on Healthcare Privacy and Security
2009 HIMSS Analytics Report: Evaluating HITECH s Impact on Healthcare Privacy and Security Commissioned by ID Experts November 2009 INTRODUCTION Healthcare breaches are on the rise; according to the 2009
More informationUSING DATA DISCOVERY TO MANAGE AND MITIGATE RISK: INSIGHT IS EVERYONE S JOB
USING DATA DISCOVERY TO MANAGE AND MITIGATE RISK: INSIGHT IS EVERYONE S JOB If you manage risk in your organization, you re probably surrounded by paper right now. After all, you need reports to help mitigate
More informationADVANCED CYBER ATTACKS ON GLOBAL ENERGY FACILITIES
MARSH RISK MANAGEMENT RESEARCH ADVANCED CYBER ATTACKS ON GLOBAL ENERGY FACILITIES MARCH 2014 CONTENTS 1 PROTECTING ENERGY FACILITIES AGAINST GROWING CYBER RISKS 2 ENERGY SECTOR TARGETED DISPROPORTIONATELY
More information2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage
2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage Chris Reese Vice President, Director of Underwriting Connie Rivas Asst. Vice President, Contracts and
More informationCyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?
Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies
More informationCyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day
Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Investment in cyber insurance Lockton Companies
More informationLaw Firm Cyber Security & Compliance Risks
ALA WEBINAR Law Firm Cyber Security & Compliance Risks James Harrison CEO, INVISUS Breach Risks & Trends 27.5% increase in breaches in 2014 (ITRC) Over 500 million personal records lost or stolen in 2014
More informationDelaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP
Changing Legal Landscape in Cybersecurity: Implications for Business Delaware Cyber Security Workshop September 29, 2015 William R. Denny, Esquire Potter Anderson & Corroon LLP Agenda Growing Cyber Threats
More informationPolicy Considerations for Covering Special Exposures. Claire Lee Reiss Program Director National League of Cities Risk Information Sharing Consortium
Policy Considerations for Covering Special Exposures Claire Lee Reiss Program Director National League of Cities Risk Information Sharing Consortium Special exposures Coverage that targets a loss with
More informationData Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked
Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Linda Vincent, R.N., P.I., CITRMS Vincent & Associates Founder The Identity Advocate San Pedro, California The opinions expressed
More informationTop Ten Technology Risks Facing Colleges and Universities
Top Ten Technology Risks Facing Colleges and Universities Chris Watson, MBA, CISA, CRISC Manager, Internal Audit and Risk Advisory Services cwatson@schneiderdowns.com April 23, 2012 Overview Technology
More informationThe potential legal consequences of a personal data breach
The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.
More informationCyber Risks in the Boardroom
Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing
More informationCyber Security Issues - Brief Business Report
Cyber Security: Are You Prepared? This briefing provides a high-level overview of the cyber security issues that businesses should be aware of. You should talk to a lawyer and an IT specialist for a complete
More informationStandard: Information Security Incident Management
Standard: Information Security Incident Management Page 1 Executive Summary California State University Information Security Policy 8075.00 states security incidents involving loss, damage or misuse of
More information