Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh
|
|
- Jason Stevenson
- 8 years ago
- Views:
Transcription
1 Navigating Cyber Risk Exposure and Insurance Stephen Wares EMEA Cyber Risk Practice Leader Marsh
2 Presentation Format Four Key Questions How important is cyber risk and how should we view the cyber threat? To what extent do European organisations have a clear and documented understanding of their cyber risk profile and how can this be improved? Where are the gaps in knowledge and data that might impair an organisation s ability to make informed risk transfer choices? Are the insurance products available meeting client demand or is the insurance market developing a product that clients do not believe they need? 2
3 How important is cyber risk and how should we view the cyber threat? 3
4 Importance of cyber risk? Context National Level UK Attacks in cyberspace can have a potentially devastating real-world effect. Government, military, industrial, and economic targets, including critical services, could feasibly be disrupted by a capable adversary. National Security Strategy, October
5 Importance of cyber risk? Context National Level USA Despite ever-improving network defenses, the diverse possibilities for remote hacking intrusions, supply chain operations to insert compromised hardware or software, and malevolent activities by human insiders will hold nearly all ICT systems at risk for years to come. In short, the cyber threat cannot be eliminated; rather, cyber risk must be managed. Senate Armed Services Committee, February
6 Importance of cyber risk Context European Cyber Risk Survey 2015 Where does cyber risk feature in the corporate risk register? Top five risk. Top ten risk. Outside the top 10. Not on the corporate risk register 25% 17% 28% 30% The fact that over half of all organisations surveyed do not have cyber risk within the top 10 items on the risk register would suggest a divergence from the government view. 6
7 To what extent do European organisations have a clear and documented understanding of their cyber risk profile and how can this be improved? 7
8 Understanding of Cyber Risk Context European Cyber Risk Survey 2015 To what extent do you believe your organisation has a clear understanding of its exposure to cyber risk? 21% 4% 26% No understanding. Limited understanding. Basic understanding. Complete understanding. 49% 79% of organisations reported that they have, at best, a basic understanding of their cyber risk profiles. 8
9 Understanding of Cyber Risk Context European Cyber Risk Survey 2015 The fact that only slightly more than half (57%) of respondents have identified one or more cyber scenarios that could most affect their organisations would suggest that the lack of a complete understanding and absence/low positioning of cyber on the risk register is, for many companies, filtering through to a lack of definition around specific scenarios that might impact their business. Have you identified one or more cyber scenarios that could most affect your organisation? No Yes 9
10 Understanding Cyber Risk Context European Cyber Risk Survey 2015 Ireland UK Poland Italy Spain Austria & CEE Russia Cyprus Germany Netherlands Sweden Portugal France Denmark Switzerland Turkey Belgium Total Europe 11% 68% 56% 62% 76% 44% 66% 50% 70% 65% 58% 75% 39% 67% 75% 71% 65% 86% 93% 22% 11% 19% 6% 30% 8% 8% 15% 12% 3% 8% 9% 10% 17% 3% 15% 15% 8% 9% 5% 33% 5% 6% 24% 11% 11% 5% 7% IT function including security. Board. Risk management. IT departments continue to take primary responsibility for cyber risk in the majority (65%) of organisations. 10
11 Understanding Cyber Risk Marsh/HM Government, UK Cyber Security Report Taxonomy 11
12 Understanding Cyber Risk Marsh/HM Government, UK Cyber Security Report Risk Profile for a Large Business Insurer View 12
13 Understanding Cyber Risk Scenario Gathering Process Set parameters Which group companies, business divisions are in scope? Malicious events versus non-malicious events. Map the IT value chain. Gather exposure data Single day workshop. Structured interviews. Questionnaire. Select from a menu. Refine to create risk scenarios for material exposures Amalgamate common/similar items. Write up as a scenario that can be considered for quantification. Remove immaterial items, reallocate any that don t fit parameters. 13
14 Understanding Cyber Risk Scenario Example Actor Criminal Motivation Acquisition of payment card details Means of access Remote via internet Point of attack Point of sale devices Damage Investigation/response costs PCI fines and assessments Regulatory (ICO) fines and costs Civil compensation claims o Banks o Customers o Shareholders Reputational income loss 14
15 Where are the gaps in knowledge and data that might impair an organisation s ability to make informed risk transfer choices? 15
16 Preparedness for Risk Transfer 1. An understanding of the event that is to trigger an insurance. 2. An appreciation of the likely quantum. 3. An appreciation as to the likely frequency of the triggering event. 16
17 Preparedness for Risk Transfer Context European Cyber Risk Survey 2015 The majority of UK 15% organisations Poland 12% Turkey (68%) have not Switzerland yet made any Sweden 9% Spain attempt to Russia estimate/calculate Portugal 5% 5% Netherlands 10% loss estimates Italy 14% making it difficult Ireland to direct mitigation efforts to areas of most potential Germany France Denmark Cyprus 13% 10% harm. Belgium 6% Austria & CEE 17% 25% 5% 14% 25% 22% 20% 4% 6% 14% 10% 4% 8% 10% 11% 5% 8% 4% 2% 4% 33% 5% 10% 15% 16% 10% 24% 6% 7% 6% 25% 30% 100% 100% 25% 73% 75% 78% 75% 77% 66% 70% 67% 75% 61% 62% 56% 65% 50% 25% EUR1 million or below. EUR1 million to EUR2 million. EUR2 million to EUR5 million. EUR5 million and above. No loss estimates made. 17
18 Preparedness for Risk Transfer Expert Judgement Scale Description Financial Reputation Service / Operations 1 Negligible 2 Significant 3 Major 4 Catastrophic <$1m (max of 1% EBITDA) $1m-$4.9m (max of 4% EBITDA) $5m-$8.9m (max of 8% EBITDA) >$9m (exceeds 8% EBITDA) Public concern restricted to local complaints Minor adverse local/public/ media attention and complaints Serious negative national or regional criticism Prolonged international, regional & national condemnation Insignificant fall in service quality, limited interruption to partnerships, insignificant effect on service standards Minor fall in service quality, interruption to partnerships, some minor service standards are not met Major fall in service quality, major partnerships deteriorating, ongoing serious disruption in service standards Catastrophic fall in service quality, failure of several major partnerships, complete failure in service standards 18
19 Preparedness for Risk Transfer Expert Judgement 19
20 Are the insurance products available meeting client demand or is the insurance market developing a product that clients do not believe they need? 20
21 Suitability of Insurance Products Context European Cyber Risk Survey 2015 The insurance market continues to address the issues that represent organisations greatest concerns. 21
22 Suitability of Insurance Products Context European Cyber Risk Survey 2015 The insurance market appears to be innovating in the right direction to address the primary concern of risk managers. 22
23 Suitability of Insurance Products Context European Cyber Risk Survey 2015 Over half (57%) of respondents admit to the insurances available. having insufficient knowledge in order to assess 23
24 Is this a conscious decision not to purchase following a thorough evaluation of the available insurance products or are companies not yet in a position to approach the market due to a lack of risk profiling in their own organisations? Suitability of Insurance Products The Insurance Communications Gap 24
25 Further Reading 25
26 Navigating Cyber Risk Exposure and Insurance Thank you This PowerPoint presentation is based on sources we believe reliable and should be understood to be general risk management and insurance information only,. The information contained herein is based on sources we believe reliable and should be understood to be general risk management and insurance information only. The information is not intended to be taken as advice with respect to any individual situation and cannot be relied upon as such. In the United Kingdom, Marsh Ltd is authorised and regulated by the Financial Conduct Authority. Copyright 2015 Marsh Ltd All rights reserved
27 Thanks for your support! LIVING AND WORKING IN A RISKIER WORLD PROFESSION INNOVATION DIVERSITY
28 Cyber Insurance Update: Policy Basics First Party Coverage Business Interruption Loss of First Party Data Cyber Extortion Customer Notification Expenses Reputational Damages Third Party Coverage Network Security Liability Privacy Liability Multimedia Liability Loss of Third Party Data 28
29 Cyber Insurance Update: Coverage Trends Contingent Business Interruption Administrative Costs Coverage Regulatory Fines and Penalties Coverage Emergency Costs Crime Coverage Bodily Injury / Property Damage Extensions Cyber Exclusions under Traditional Property & Casualty Policies 29
30 Cyber Insurance Trends: Evolving Cyber Proposition Product Proposition 30
31 Cyber Insurance Update: Post-Breach Remediation 31
32 Cyber Insurance Update: Post-Breach Remediation 1 hour 2-5 hours Notification to Incident Manager 24/7/365 Incident Manager appoints specialists 5-24 hours hours Specialist/s investigations / discussions underway Specialists initial reports Incident Manager appointed Triage Call with all stakeholders Stakeholder update conference call/s Stakeholder update conference call/s Incident Manager First call with Insured Next steps and actions agreed Immediate mitigations if appropriate Clear Discovery Plan emerges Clear Solution Plan emerges
33 Cyber Insurance Update: Pre-Breach Services Risk Assessments Contractual and Regulatory / Legal Review Analysis of Security & Privacy Practices Systems Monitoring Incident Response Planning Business Continuity Enhancement 33
34 70% Cyber Insurance Update: Purchasing Trends 60% 50% 40% 30% 20% U.S. Europe Asia 10% 0% Source: Zurich / Advisen Information Security & Cyber Liability Risk Management Reports for U.S. and Europe;
35 Thanks for your support!
36 Cyber risks, a view from the industry Philippe COTELLE Head of Insurance Risk Management
37 A new industrial revolution Where the aeronautic industry had been so a century ago this is how we see this in the coming decade : 37
38 38
39 Cyber risks exposure Internet : a tool allowing the sharing of information between people in order to create an open world Difficulties to protect companies and their datas from the outside. 39
40 What are the obstacles to a good assessment of our cyber risks? Wrong perception Confidentiality Reputation 40
41 SPICE initiative (Scenario Planning to Identify Cyber Exposure) A program for Business impact analysis on disaster scenarios affecting our operational capabilities related to a cyber-event Gathering representatives of all the functions as well as IT and IM Security to overcome 3 hurdles : Explain to the operational people that we need them Address the security issue with extreme care, Be prepared to openly discuss some potential scenarios of exposure. No company shall assume that it is impossible to be hacked. 41
42 Scenario identification Focus on disaster scenarios clear hypothesis Scenarios identification 42
43 Assessing financial costs Assessing financial cost of each scenario Split scenarios in 4 different phases Simplify the list of impacted functions Compute over/under charge per scenario, per phase 22 Financial costs Scenario x Phase A Phase B Phase C Security Breach Detection 88 Phase D Security Breach Crisis Remediation Investments Vigilance
44 Assessing financial costs Lessons learned NUMBERS are related to our financial exposure There is no final number The objective is to reach a consensus: acceptable by everyone valid for our analysis 44
45 Evaluate probability of occurence Quantify the technical probability of success of a scenario to occur For each step of a given scenario, identify technical ways to proceed Rate each step with a probability of occurrence (using internal probability scale) Assessment performed by the local Information Management Security APT Kill Chain description used in the technical threat scenario 45
46 Evaluate probability of occurrence Lessons learned Same method but different numbers!? 2 different approaches: Given the defence systems in place, in order to be successful the attacker should gather so many different skills and resources that this was very unlikely to be plausible. As such the probabilities were therefore very low. Need an homogeneous approach Associate to each scenario the type of hacker and their motives If an attacker was seriously considering hacking a major company, then this must be a very strong organisation which in itself should have gathered all those unique skills and resources. Therefore their probabilities were more important. 46
47 Next Steps Provide a rationale for mitigation strategy Risk identification Risk Assessment Risk Response Cost of implementing IT security Justify the interest of the transfer to insurance both for coverage and premium budget IT investment and mitigation measures to reduce the probability and severity of occurrence insurance then becomes complementary (and not competitive) to IT measures and can be an efficient financial tool IT Investment make sense to mitigate the exposure Insurance Premium cost is efficient % of Mitigation 47
48 Challenges The process needs to be performed regularly and be as exhaustive as possible a strategy allowing to manage the roll out of this process across the entire organisation, products and countries an efficient process manageable with the operational teams 48
49 Challenges The insurance market needs as well to face several challenges : Conditions of dialog with the insurers Problem of reputation in case of a claim Claim settlement 49
50 Conclusion Our mission to support technological development and to develop the conditions of securing and mitigating the unavoidable risks that such opportunities generate. Cybersecurity is one of the key priority for Airbus Group A dedicated entity: Airbus DS Cybersecurity Its products and services are also offered to external companies to fight against cyber threats. Active Cyber risk management is a key message towards external stakeholders. Standards for cyber risk assessment will be necessary 50
51 Don t forget! Your evaluation and comments are the only way for FERMA to obtain information in order to improve the quality of the sessions Please fill in the documents given to you by our hostesses Or Use the mobile application and earn points for the Leaderboard game! 51
52 Thank you! 52
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in
More informationCyber/ Network Security. FINEX Global
Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationSecurity & Privacy Current cover and Risk Management Services
Security & Privacy Current cover and Risk Management Services Introduction Technological advancement has enabled greater working flexibility and increased methods of communications. However, new technology
More informationTHE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS
THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.
More informationInsurance Considerations Related to Data Security and Breach in Outsourcing Agreements
Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President
More informationCyber-insurance: Understanding Your Risks
Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some
More informationManaging Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal
Managing Cyber Threats Risk Management & Insurance Solutions Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal Overview Recent Trends and Loss Exposures Risk Management Strategies
More informationCyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor
Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection
More informationCSP WORKSHOP CYBER INSURANCE FROM A BROKER S PERSPECTIVE
CSP WORKSHOP CYBER INSURANCE FROM A BROKER S PERSPECTIVE 27 April 2015 Stephen Wares Cyber Risk Practice Leader EMEA London (Tower Place) Corporate Risk Profile Insurer Opinion Insurance Communication
More informationGALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability
GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the
More informationCyber Risks in Italian market
Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends
More informationRogers Insurance Client Presentation
Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com
More informationDemystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature
Demystifying Cyber Insurance Jamie Monck-Mason & Andrew Hill Introduction What is cyber? Nomenclature 1 What specific risks does cyber insurance cover? First party risks - losses arising from a data breach
More informationCyber Insurance Presentation
Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance
More informationOn the European experience in critical infrastructure protection
DCAF a centre for security, development and the rule of law On the European experience in critical infrastructure protection Valeri R. RATCHEV ratchevv@yahoo.com @ratchevv DCAF/CSDM 1 This presentation
More informationCYBER RISK SECURITY, NETWORK & PRIVACY
CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread
More informationNational Corporate Practice. Cyber risks explained what they are, what they could cost and how to protect against them
National Corporate Practice Cyber risks explained what they are, what they could cost and how to protect against them what this briefing covers ff Introduction ff Section 1: What are the risks and the
More informationRISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION
RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former
More informationHit ratios are still very low for Security & Privacy coverage: What are companies waiting for?
Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Authored by Neeraj Sahni and Tim Stapleton Neeraj Sahni is Director, Insurance Channel at Kroll Cyber Investigations
More informationNew environmental liabilities for EU companies
New environmental liabilities for EU companies The ELD applies to all businesses that operate within the EU, even if the parent company is located outside of the EU. The ELD applies to all businesses,
More informationAchieving Global Cyber Security Through Collaboration
Achieving Global Cyber Security Through Collaboration Steve Purser Head of Core Operations Department December 2013 European Union Agency for Network and Information Security www.enisa.europa.eu Agenda
More informationCommercial Non-Life Insurance Brokers in Europe
Commercial Non-Life Insurance Brokers in Europe Report Prospectus August 2014 Web: www.finaccord.com. E-mail: info@finaccord.com 1 Prospectus contents Page What is the research? What methodology has been
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Investment in cyber insurance Lockton Companies
More informationSenate Committee on Commerce, Science, and Transportation March 19, 2015, Hearing Examining the Evolving Cyber Insurance Marketplace
Senate Committee on Commerce, Science, and Transportation March 19, 2015, Hearing Examining the Evolving Cyber Insurance Marketplace Testimony of Ben Beeson Vice President, Cyber Security and Privacy Lockton
More informationORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT
2 OECD RECOMMENDATION OF THE COUNCIL ON THE PROTECTION OF CRITICAL INFORMATION INFRASTRUCTURES ORGANISATION FOR ECONOMIC CO-OPERATION AND DEVELOPMENT The OECD is a unique forum where the governments of
More informationData security: A growing liability threat
Data security: A growing liability threat Data security breaches occur with alarming frequency in today s technology-laden world. Even a comparatively moderate breach can cost a company millions of dollars
More informationCyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:
Company or Trading Name: Address: Post Code: Telephone: E-mail: Website: Date Business Established Number of Employees Do you have a Chief Privacy Officer (or Chief Information Officer) who is assigned
More informationAgenda. Agenda. The UK Liability Crisis Richard Bulmer. Is there a crisis? International perspective OFT/DWP reports Where do we go from here?
The UK Liability Crisis Richard Bulmer Current Issues in General Insurance 26 April 2004 Agenda Is there a crisis? International perspective OFT/DWP reports Where do we go from here? Agenda Is there a
More informationCYBER & PRIVACY LIABILITY INSURANCE GUIDE
CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,
More informationEnd-to-End Cyber Risk Management Solutions from AIG
End-to-End Cyber Risk Management Solutions from AIG In a rapidly changing landscape, CyberEdge provides clients with an end-to-end risk management solution to stay ahead of the curve of cyber risk. CyberEdge
More informationAdvanced Threats in Retail Companies: A Study of North America & EMEA
Advanced Threats in Companies: A Study of North America & EMEA Sponsored by Arbor Networks Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Ponemon Institute Research Report
More informationCyber Risk and the Utility Industry
Cyber Risk and the Utility Industry Imran Ahmad Lawyer, Cassels Brock & Blackwell LLP Canadian Legal Landscape Personal Information Protection and Electronic Documents Act (PIPEDA) Federal legislation
More informationBe Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance
Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Today s agenda Introductions Cyber exposure overview Cyber insurance market and coverages Captive cyber insurance
More informationHow To Manage Risk On A Scada System
Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document
More informationCyber and Data Security. Proposal form
Cyber and Data Security Proposal form This proposal form must be completed and signed by a principal, director or a partner of the proposed insured. Cover and Quotation requirements Please indicate which
More informationwww.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v8 2-25-14
www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit (4:30-5:30) Draft v8 2-25-14 Common Myths 1. You have not been hacked. 2. Cyber security is about keeping the
More informationWho s next after TalkTalk?
Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many
More informationwww.bonddickinson.com Cyber Risks October 2014 2
www.bonddickinson.com Cyber Risks October 2014 2 Why this emerging sector matters Justin Tivey Legal Director T: +44(0)845 415 8128 E: justin.tivey The government estimates that the current cost of cyber-crime
More informationRISK MANAGEMENT FOR INFRASTRUCTURE
RISK MANAGEMENT FOR INFRASTRUCTURE CONTENTS 1.0 PURPOSE & SCOPE 2.0 DEFINITIONS 3.0 FLOWCHART 4.0 PROCEDURAL TEXT 5.0 REFERENCES 6.0 ATTACHMENTS This document is the property of Thiess Infraco and all
More informationThe promise and pitfalls of cyber insurance January 2016
www.pwc.com/us/insurance The promise and pitfalls of cyber insurance January 2016 2 top issues The promise and pitfalls of cyber insurance Cyber insurance is a potentially huge but still largely untapped
More informationAon Risk Solutions Global Risk Consulting Captive & Insurance Management. Cyber risk and the captive market - a match made in the cloud?
Aon Risk Solutions Global Risk Consulting Captive & Insurance Management Cyber risk and the captive market - a match made in the cloud? With increasing news coverage of cyber-attacks and despite indications
More informationMARSH REPORT October 2015. International Business Resilience Survey 2015
MARSH REPORT October 2015 International Business Resilience Survey 2015 CONTENTS October 2015 CONTENTS 3 Introduction 4 Non-traditional risks top concerns, both in terms of likelihood and impact 7 Insurance
More informationUK 2015 Cyber Risk Survey Report
INSIGHTS UK 2015 Cyber Risk Survey Report June 2015 CONTENTS 1 Introduction 2 Work still to be done in terms of awareness/ ownership of cyber risk 5 Lack of data continues to prevent companies from adequately
More informationDATA BREACH, NETWORK SECURITY, CYBER LIABILITY, PRIVACY PROTECTION: ARE YOU INSURED?
DATA BREACH, NETWORK SECURITY, CYBER LIABILITY, PRIVACY PROTECTION: ARE YOU INSURED? February 3, 2012 Steve Brown, Agency Manager West Virginia Medical Insurance Agency How many in the audience today will
More informationBest practices and insight to protect your firm today against tomorrow s cybersecurity breach
Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently
More informationHow To Protect Your Data From Hackers
Cyber Risk: What you need to know and what you can t afford to ignore! James Johnston Directors' and Officers' Insurance Underwriter Daniel Fletcher Cyber Insurance Underwriter Financial & Specialty Markets
More informationCyber Threats and the Insurance Response
Cyber Threats and the Insurance Response Scott Reeves & Laurence Yan Munich Reinsurance Company This presentation has been prepared for the Actuaries Institute 2014 General Insurance Seminar. The Institute
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationSINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry
SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :
More informationDistributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015
Distributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015 Today s Agenda What are we talking about today? What is Risk Evolution of risk management Understand the importance of Risk
More informationPrivacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec
Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,
More informationInsurance implications for Cyber Threats
Lillehammer Energy Claims Conference Lillehammer March 7, 2014 Insurance implications for Cyber Threats How enterprises need to prepare for the inevitable JLT is one of the world s largest providers of
More informationLessons from Defending Cyberspace
Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat
More informationCGI Cyber Risk Advisory and Management Services for Insurers
CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their
More informationCyber Insurance: How to Investigate the Right Coverage for Your Company
6-11-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)
More informationAon Risk Solutions Aon Crisis Management. Crisis Management Consulting Terrorism Probable Maximum Loss (PML) Studies
Aon Risk Solutions Crisis Management Consulting Terrorism Probable Maximum Loss (PML) Studies A terrorist incident at or near your operations, could result in human casualties, property damage, business
More informationManaging Cyber Security as a Business Risk: Cyber Insurance in the Digital Age
Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013
More informationReducing Risk. Raising Expectations. CyberRisk and Professional Liability
Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today
More informationTen Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder
Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system
More informationBriefing note. Survey of environmental liability insurance developments
Briefing note Survey of environmental liability insurance developments June 2014 Introduction This paper responds to the consideration by the European Commission (EC) of a possible EU-wide compulsory insurance
More informationInsurance for Data Breaches in the Hospitality Industry
The Academy of Hospitality Industry Attorneys The Pl Palmer House Hilton Chicago, IL April 25, 2014 Insurance for Data Breaches in the Hospitality Industry Presenters: David P. Bender, Jr. dbender@andersonkill.com
More informationCYBER-RISK MANAGEMENT WHY HACKERS COULD CAUSE THE NEXT GLOBAL CRISIS RAJ BECTOR CLAUS HERBOLZHEIMER SANDRO MELIS ROBERT PARISI
CYBER-RISK MANAGEMENT WHY HACKERS COULD CAUSE THE NEXT GLOBAL CRISIS RAJ BECTOR CLAUS HERBOLZHEIMER SANDRO MELIS ROBERT PARISI In recent months, cyber terrorists have accessed the records of 21.5 million
More informationInsights: Data Protection and the Cloud Europe
Insights: Data Protection and the Cloud Europe September 11 we can Table of Contents Executive Summary Page 3 Further Information Page 3 Key findings Page 4 Vertical sector findings Page 4 Investment in
More informationBeyond Data Breach: Cyber Trends and Exposures
Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in
More informationCAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance
Fundamentals of Cyber Risk Brad Gow June 9th, 2015 Endurance But consider the kickoff chuckle to a speech given to the Wharton School in March 1977 by Sidney Homer of Salomon Brothers, the leading bond
More informationOffice of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS)
Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS) PSCR Public Safety Broadband Stakeholder Conference June 4 th, 2014 Alex Kreilein Technology Policy Strategist Office
More informationCyber Insurance as one element of the Cyber risk management strategy
Cyber Insurance as one element of the Cyber risk management strategy Stéphane Hurtaud Partner Governance, Risk & Compliance Thierry Flamand Partner Insurance Leader Laurent de la Vaissière Director Governance,
More informationCyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?
Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies
More informationRISK Risk managers voice their reservations about cyber risk, from safeguarding client data to cyber insurance frameworks
CYBER RISK Risk managers voice their reservations about cyber risk, from safeguarding client data to cyber insurance frameworks In association with SPECIAL REPORT > CYBER What s holding cyber insurance
More informationNational Cyber Security Strategies
May 2012 National Cyber Security Strategies About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is
More informationCyber Risk Management
Cyber Risk Management A short guide to best practice Insight October 2014 So what exactly is 'cyber risk'? In essence, cyber risk means the risk connected to online activity and internet trading but also
More informationPrivacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014
Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014
More informationCyber ROI. A practical approach to quantifying the financial benefits of cybersecurity
Cyber ROI A practical approach to quantifying the financial benefits of cybersecurity Cyber Investment Challenges In 2015, global cybersecurity spending is expected to reach an all-time high of $76.9
More informationManaging Cyber Risk through Insurance
Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationCYBER/ NETWORK SECURITY
CYBER/ NETWORK SECURITY FINEX AUSTRALIA ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over
More informationCyber Security Issues - Brief Business Report
Cyber Security: Are You Prepared? This briefing provides a high-level overview of the cyber security issues that businesses should be aware of. You should talk to a lawyer and an IT specialist for a complete
More informationThe Legal Pitfalls of Failing to Develop Secure Cloud Services
SESSION ID: CSV-R03 The Legal Pitfalls of Failing to Develop Secure Cloud Services Cristin Goodwin Senior Attorney, Trustworthy Computing & Regulatory Affairs Microsoft Corporation Edward McNicholas Global
More informationOctober 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches
October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title
More informationCare Providers Protecting your organisation, supporting its success. Risk Management Insurance Employee Benefits Investment Management
Care Providers Protecting your organisation, supporting its success Risk Management Insurance Employee Benefits Investment Management Care providers are there to help those in need. But who helps the care
More informationPrivileged user management
Privileged user management vv It s time to take control Bob Tarzey, Analyst and Director, Quocirca Ltd Introduction The data presented is based on 270 telephone interviews with organisations across Europe
More informationCYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION
CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION In the ever-evolving technological landscape which we all inhabit, our lives are dominated by
More informationMichael Gaudet 2015 PHC 7/23/2015. Key Broker Challenges
Cyber 2015: The Market, Choosing Coverages and AEGIS Update Broker s Perspective Michael Gaudet Marsh FINPRO Energy, Power & Utility Industry Leader Marsh USA, Inc. Key Broker Challenges Coverage consistency
More informationCyber Risk State of the Art
Proudly presents Cyber Risk State of the Art Matthew Davies, Chubb Insurance Catherine Dowdall, Canada Post Mike Petersen, Marsh 1 Agenda 1. Who is At Risk? 2. New/Emerging Risk and Trends 3. Canada Post
More informationCyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen
Cyber Security : preventing and mitigating incidents Alexander Brown Robert Allen 07 & 08 October 2015 Cyber Security context of the threat The magnitude and tempo of [cyber security attacks], basic or
More informationWhat would you do if your agency had a data breach?
What would you do if your agency had a data breach? 80% of businesses fail to recover from a breach because they do not know this answer. Responding to a breach is a complicated process that requires the
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationHow To Buy Cyber Insurance
10-26-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)
More informationAirmic Review of Recent Developments in the Cyber Insurance Market. & commentary on the increased availability of cyber insurance products GUIDE
Airmic Review of Recent Developments in the Cyber Insurance Market & commentary on the increased availability of cyber insurance products GUIDE 1. Executive summary Airmic members have become increasingly
More informationA REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Meeting the Cyber Risk Challenge. Sponsored by
A REPORT BY HARVARD BUSINESS REVIEW ANALYTIC SERVICES Meeting the Cyber Risk Challenge Sponsored by ABOUT ZURICH INSURANCE GROUP Zurich Insurance Group (Zurich) is a leading multi-line insurance provider
More informationLondon Business Interruption Association Technology new risks and opportunities for the Insurance industry
London Business Interruption Association Technology new risks and opportunities for the Insurance industry Kiran Nagaraj Senior Manager, KPMG LLP February 2014 Agenda Introduction The world we live in
More informationFEELING VULNERABLE? YOU SHOULD BE.
VULNERABILITY ASSESSMENT FEELING VULNERABLE? YOU SHOULD BE. CONTENTS Feeling Vulnerable? You should be 3-4 Summary of Research 5 Did you remember to lock the door? 6 Filling the information vacuum 7 Quantifying
More informationEmbracing Cyber Risk: Insurance Solutions
Embracing Cyber Risk: Insurance Solutions ANZIIF Risk Rendezvous 15 Ian Pollard, Managing Director, Delta Insurance New Zealand Limited Agenda Risk Management Risk Transfer and Insurance Cyber attacks
More informationData breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd
Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures
More informationPCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES
PCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES Cyber Attacks: How prepared are you? With barely a day passing without a reported breach of corporate information security, the threat to financial
More informationInternational Factors Group Model Law of Factoring
Afreximbank Conference - Lusaka Regulatory and Legal Aspects of Factoring & International Factors Group Model Law of Factoring Edward Wilde Solicitor with Squire Patton Boggs Financial Services Team London
More informationCyber-Crime Protection
Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living
More informationCyber Risks in the Boardroom
Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing
More informationAbout the Survey Respondents
SPECIAL REPORT Information Security & Cyber Liability Risk Management The Second Annual Survey of Enterprise-wide Cyber Risk Management Practices in Europe February 2013 SPECIAL REPORT Information Security
More information