How To Protect Your Data From Hackers

Size: px
Start display at page:

Download "How To Protect Your Data From Hackers"

Transcription

1 Cyber Risk: What you need to know and what you can t afford to ignore! James Johnston Directors' and Officers' Insurance Underwriter Daniel Fletcher Cyber Insurance Underwriter Financial & Specialty Markets QBE Europe

2 The Cyber Threat There are only two types of companies: those that have been hacked and those that will be. Even that is merging into one category: those that have been hacked and will be again (Former FBI Director Robert Mueller 2012) This is a global threat. Cyber threats are of extraordinary and long term seriousness. They are first on the Division of Intelligence s list of global threats, even surpassing terrorism, and resources devoted to cyber-based threats are expected to eclipse resources devoted to terrorism (Mary Jo White, Chair of SEC 2014) The Cyber threat is one of the most serious economic and national security challenges we face as a nation...america s economic prosperity in the 21 st century will depend on cybersecurity. (President Obama 2013) 2

3 3 rd party Legal costs and compensatory damages via: Securities Class Action Derivative Litigation Regulators Peers - Industry common systems Professional Services companies Financial Institutions Customer 1 st party Regulatory Investigation Fines/Penalties Reputation/PR Extortion Technology Assets / I.P. Business interruption Credit/ Identity Monitoring Notification Expense Breach Response 3

4 Insurance Protection Cyber Liability Directors & Officers Crime (Bond) Electronic Crime Errors & Omissions Commercial General Liability Property 4

5 Legal costs and compensatory damages via: Securities Class Action Derivative Litigation Regulators Peers - Industry common systems Professional Services companies Financial Institutions Customer Cyber Regulatory Investigation Fines/Penalties Reputation/PR Extortion Technology Assets / I.P. Business interruption Credit/ Identity Monitoring Notification Expense Breach Response 5

6 Can you handle claims alone? In many cases, and especially with the upcoming EU directives, you are legally required to undertake notify citizens promptly Are you able to Have I.T. work out what went wrong and what was lost? Work out the legal requirements to notify each individual? Actually notify everyone affected? Set up a call centre to deal with the fall-out? 6

7 Can you handle claims alone? More to the point, can you do it in less than a week? Good insurers have vendors set up to undertake all this for you. 7

8 Cyber incident response 8

9 Insurance Protection Cyber Liability Directors & Officers Crime (Bond) Electronic Crime Errors & Omissions Commercial General Liability Property 9

10 D&O Legal costs and compensatory damages via: Securities Class Action Derivative Litigation Regulators Peers - Industry common systems Professional Services companies Financial Institutions Customer Regulatory Investigation Fines/Penalties Reputation/PR Extortion Technology Assets / I.P. Business interruption Credit/ Identity Monitoring Notification Expense Breach Response 10

11 D&O Coverage Designed to protect the individual Directors and Officers Defence Costs and compensatory damages Brought by customers, suppliers, competitors, regulators, shareholders Derivative Actions picked up Side A Suit brought in name of the company Side C Entity Cover pick up element of coverage against company Regulatory Investigations 11

12 Cyber Attacks Cost British Industry 34bn a year 18bn from lost revenues 16bn for increased spending on IT as companies improve their defences Utilities, energy and mining increased IT spending by 6% in past year and faced a 2.8% loss in revenue as a result of an attack Financial services increased IT spending by 7% in past year and faced a 1.5% loss in revenue as a result of an attack Manufacturing increased IT spending by 5% in past year and faced a 2.5% loss in revenue as a result of an attack Research by CEBT and Veracode 12

13 US Situation Legal & Regulatory environment Compulsory breach notification laws Federal Trade Commission (FTC) ongoing enforcement actions Securities & Exchange Commission Guidance issued to public companies disclosure obligations ensuring the adequacy of a company s cyber security measures needs to be part of a board of director s risk oversight responsibilities...boards that choose to ignore, or minimise the importance of cybersecurity oversight responsibility, do so at their own peril (Luis Aguilar, SEC Commissioner June 2014) Shareholder Derivative actions Active and aggressive Plaintiffs Bar Securities Class actions 13

14 US Situation High Profile Cases Target Group (Cyber USD100m, D&O USD65m) More than 80 separate lawsuits filed Two Derivative action vs Directors and Officers Failure to take reasonable steps to ensure security of customers information Failure to implement adequate information security policies Breach of fiduciary duty Wyndham Worldwide Corporation (Cyber?, D&O?) Derivative action vs Ds and Os Failure to take reasonable steps to safeguard customer data Home Depot (Cyber USD105m, D&O USD270m) Multiple lawsuits No derivative actions yet 14

15 Europe Situation Known EU Cases No real notification requirement so no necessity to tell Somerfield Theft of payroll data (100,000 staff) Originated inside company by a member of staff Greggs Logo replaced on website Swift resolution Zurich Insurance 46,000 clients personal records stolen ICO rebuke and FSA fine GBP 2,275,000 Sony Computer Entertainment Europe More than 60 lawsuits filed, cost USD 171,000, ICO penalty GBP 250,000

16 The Current Europe Situation Legal & Regulatory environment Disjointed, no uniformity Compulsory breach notification (currently just telecoms and internet service providers) UK ICO max fine GBP500,000 FSA fines 16

17 The Future Europe Situation Legal & Regulatory environment EU General Data Protection Regulation 2017/18??? Still being defined, so changing all the time Single set of rules Applies to organizations based outside the European Union too! Appointment of independent Data Protection Officer Business with more than 250 permanent staff Process personal data relating to "more than 5000 data subjects in any consecutive 12-month period Increase fines to greater of 2% or 1m of global turnover Compulsory breach notification 17

18 10 Important Questions Directors should ask 1) Is the responsibility and accountability for the creation, implementation, enforcement and updating of an integrated and company-wide cyber risk management clearly defined at the executive level? 2) Does the management team which addresses cyber risks include Board representation, senior executives from IT, legal, risk management, compliance/audit? 3) Is the overall cyber risk management programme periodically reviewed by the Board? 4) Does a Board member have designated oversight responsibility for the cyber risk management programme? 18

19 10 important questions continued 5) What are the firm s biggest cyber risks and how are those risks being anticipated, managed and mitigated? 6) Is each component of the cyber risk management programme documented, tested and periodically audited by independent experts, and what are the results of that testing and audit? 7) Are procedures for reacting to a cyber risk hack/event when it happens well defined and understood? 8) Are all employees required to participate in regular education and training programmes relating to cyber security and cyber risks? 19

20 10 important questions continued? 9) What is your company s budget and staffing for cyber risk management? Do you know how this compares to your organisations peer group? 10) What, if any, insurance coverage does the company maintain for cyber risks and is that coverage adequate in scope and limit? 20

21 Survey results Does your company manage and review cyber risk at board level? 20% Is mitigation for Cyber risk designated to the Risk Management function? 14% Has your company assessed the estimated financial impact of a cyber attack? 32% Does your company have a Data Breach Response Plan? 73% Is it regularly updated? 37% Does your company buy cyber insurance? 14% Is your company going to obtain a cyber insurance quote in the next 12 months? Over 50% 21

22 Things to bear in mind. Cyber claims come from unexpected places Humans make mistakes Nothing is or stays secure Heartbleed / Bash / Poodle Uncontrollable factors / systemic events It s either your error so you are liable Or it s your data so you are liable Even if you have not been negligent Our policy triggers regardless of negligence The Information Commissioner s Office Controller / Processor 22

23 Myths and facts Computers are covered by the property policy What about the intangible? We buy business interruption insurance Has physical damage occurred? Isn t this covered by our general liability policy? Absolutely not. Our BCP and DRP are well tested with named 3rd party responders Are your responders costs covered? Do they include cyber responders? We ve invested heavily in our network security What about physical security and rogue employees? No on-line activities so we don t need a policy Back-end inter-connected systems and your supply chain? 23

24 The connected supply chain You 24

25 Other reasons to purchase a robust cyber policy. Third-party claims: Blanket Defamation (not just from hacks) Blanket Infringement of IP (not just from hacks) First-party claims: Financial transfer Withdrawal of content Financial transfer Less common: It s affordable Is it worth taking the risk? Legislation is about to change Pricing will follow suit Get on-board now & build up that claims free record Meet an underwriter Business Interruption (not just from hacks) Unexplained breakdown/malfunction Your suppliers hacks Asset Restoration Costs (not just IT equipment) Reputational damage PCI fines 25

26 Practical tips. Ensure that mitigation of cyber risk is designated to the RM function Consideration for appointment of a CISO / DPO Establish how the GDPR applies to your business Measure your compliance Make policies and begin to change Ensure cyber security is part of any due diligence undertaken for any target acquisitions Undertake an insurance gap analysis Seriously consider insuring Cyber, D&O, Crime (and PI) with the same carrier 26

27 Conclusion If your company has not suffered a data breach it may well suffer one shortly it us a matter of when not if you are hacked As FBI Director Robert Mueller said: There are only two types of companies: those that have been hacked and those that will be. The lines between physical security and cyber security are becoming increasingly blurred Try to ensure the main board take cyber risk seriously. Ask questions and test systems Cyber claims come from unexpected places 27

28 QBE global footprint 2,900 6,600 1,100 1,200 4,400 Australia Asia Pacific Europe North America Latin America 28

29 QBE claims record Claims Supply Team Winner Best Business Press Advertisement Business Campaign of the Year Post Underwriting Service Awards Joanne Taylor Rising Star Kelly Potter Outstanding Individual Achievement Award - Rosie Hewitt 360 Business Insurers Insight Report Best Claims Handling Team of the Year Reinsurance Company Team of the Year, Casualty 29

30 Questions 30

31 Thank you

Mitigating and managing cyber risk: ten issues to consider

Mitigating and managing cyber risk: ten issues to consider Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed

More information

CYBER RISK SECURITY, NETWORK & PRIVACY

CYBER RISK SECURITY, NETWORK & PRIVACY CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection

More information

Cyber Insurance Presentation

Cyber Insurance Presentation Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance

More information

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature Demystifying Cyber Insurance Jamie Monck-Mason & Andrew Hill Introduction What is cyber? Nomenclature 1 What specific risks does cyber insurance cover? First party risks - losses arising from a data breach

More information

Rogers Insurance Client Presentation

Rogers Insurance Client Presentation Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com

More information

Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for?

Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Authored by Neeraj Sahni and Tim Stapleton Neeraj Sahni is Director, Insurance Channel at Kroll Cyber Investigations

More information

Cybersecurity. Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048

Cybersecurity. Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Cybersecurity Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Setting expectations Are you susceptible to a data breach? October 7, 2014 Setting expectations Victim Perpetrator

More information

Who s next after TalkTalk?

Who s next after TalkTalk? Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many

More information

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Today s agenda Introductions Cyber exposure overview Cyber insurance market and coverages Captive cyber insurance

More information

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures

More information

How To Cover A Data Breach In The European Market

How To Cover A Data Breach In The European Market SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to

More information

Cybersecurity y Managing g the Risks

Cybersecurity y Managing g the Risks Cybersecurity y Managing g the Risks Presented by: Steven L. Caponi Jennifer Daniels Gregory F. Linsin 99 Cybersecurity The Risks Are Real Perpetrators are as varied as their goals Organized Crime: seeking

More information

Specialist insurance and risk implications for prepaid an update. Prepaid International Forum Osborne Clarke London Thursday 9 th February 2012

Specialist insurance and risk implications for prepaid an update. Prepaid International Forum Osborne Clarke London Thursday 9 th February 2012 Specialist insurance and risk implications for prepaid an update Prepaid International Forum Osborne Clarke London Thursday 9 th February 2012 Introduction To update our presentation of 24 th February

More information

Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows

Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows Hacks, apps and espionage - how protected are you against cyber crime? Top 10 Legal Need-to-Knows 24 February 2015 Callum Sinclair Faith Jayne Agenda Top 10 legal need-to-knows, including: What is cyber

More information

Cyber and data Policy wording

Cyber and data Policy wording Please read the schedule to see whether Breach costs, Cyber business interruption, Hacker damage, Cyber extortion, Privacy protection or Media liability are covered by this section. The General terms and

More information

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in

More information

www.bonddickinson.com Cyber Risks October 2014 2

www.bonddickinson.com Cyber Risks October 2014 2 www.bonddickinson.com Cyber Risks October 2014 2 Why this emerging sector matters Justin Tivey Legal Director T: +44(0)845 415 8128 E: justin.tivey The government estimates that the current cost of cyber-crime

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

Cyber-insurance: Understanding Your Risks

Cyber-insurance: Understanding Your Risks Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some

More information

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you

More information

CYBER 3.0. CUTTING-EDGE ADVANCEMENTS IN INSURANCE COVERAGE FOR CYBER RISK AND REALITY SFOR005 Speakers:

CYBER 3.0. CUTTING-EDGE ADVANCEMENTS IN INSURANCE COVERAGE FOR CYBER RISK AND REALITY SFOR005 Speakers: CYBER 3.0 CUTTING-EDGE ADVANCEMENTS IN INSURANCE COVERAGE FOR CYBER RISK AND REALITY SFOR005 Speakers: Roberta D. Anderson, Partner, K&L Gates LLP Timothy Flaherty, Manager, Insurance Risk Management,

More information

Airmic Review of Recent Developments in the Cyber Insurance Market. & commentary on the increased availability of cyber insurance products GUIDE

Airmic Review of Recent Developments in the Cyber Insurance Market. & commentary on the increased availability of cyber insurance products GUIDE Airmic Review of Recent Developments in the Cyber Insurance Market & commentary on the increased availability of cyber insurance products GUIDE 1. Executive summary Airmic members have become increasingly

More information

Beyond Data Breach: Cyber Trends and Exposures

Beyond Data Breach: Cyber Trends and Exposures Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in

More information

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in

More information

THE ANATOMY OF A CYBER POLICY. Jamie Monck-Mason & Andrew Hill

THE ANATOMY OF A CYBER POLICY. Jamie Monck-Mason & Andrew Hill THE ANATOMY OF A CYBER POLICY Jamie Monck-Mason & Andrew Hill What s in a name? Lack of uniformity in policies: Cyber Cyber liability Data protection Tech PI The scope of cyber insurance First party coverage

More information

Cyber/ Network Security. FINEX Global

Cyber/ Network Security. FINEX Global Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over

More information

Is Your Financial Institutions' Insurance Policy vulnerable to a cyber claim? Joan D Ambrosio, James Cooper and Kim West 22 January 2014

Is Your Financial Institutions' Insurance Policy vulnerable to a cyber claim? Joan D Ambrosio, James Cooper and Kim West 22 January 2014 Is Your Financial Institutions' Insurance Policy vulnerable to a cyber claim? Joan D Ambrosio, James Cooper and Kim West 22 January 2014 Cyber Exposures Joan D Ambrosio Reported data breaches continue

More information

Current trends in D&O liability and insurance in the United States. Kevin M. LaCroix, Executive Vice President, RT Pro Exec and Author, The D&O Diary

Current trends in D&O liability and insurance in the United States. Kevin M. LaCroix, Executive Vice President, RT Pro Exec and Author, The D&O Diary Current trends in D&O liability and insurance in the United States Kevin M. LaCroix, Executive Vice President, RT Pro Exec and Author, The D&O Diary Outline Key differences between US and Australian litigation

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Cyber Exposure for Credit Unions

Cyber Exposure for Credit Unions Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of

More information

Allianz Global Corporate & Specialty. Cyber Risks. Recent Trends. AIRMIC 15 th June 2015

Allianz Global Corporate & Specialty. Cyber Risks. Recent Trends. AIRMIC 15 th June 2015 Allianz Global Corporate & Specialty Cyber Risks Recent Trends AIRMIC 15 th June 2015 Copyright Allianz Global Corporate & Specialty 2014 1 Copyright Allianz Global Corporate & Specialty 2014 2 Allianz

More information

CGI Cyber Risk Advisory and Management Services for Insurers

CGI Cyber Risk Advisory and Management Services for Insurers CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their

More information

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach Best practices and insight to protect your firm today against tomorrow s cybersecurity breach July 8, 2015 Baker Tilly Virchow Krause, LLP Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently

More information

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh Navigating Cyber Risk Exposure and Insurance Stephen Wares EMEA Cyber Risk Practice Leader Marsh Presentation Format Four Key Questions How important is cyber risk and how should we view the cyber threat?

More information

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the

More information

London Business Interruption Association Technology new risks and opportunities for the Insurance industry

London Business Interruption Association Technology new risks and opportunities for the Insurance industry London Business Interruption Association Technology new risks and opportunities for the Insurance industry Kiran Nagaraj Senior Manager, KPMG LLP February 2014 Agenda Introduction The world we live in

More information

ISO? ISO? ISO? LTD ISO?

ISO? ISO? ISO? LTD ISO? Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet

More information

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former

More information

The Risk Being Accountable How Professionals can be Exposed How to Minimise the Risk

The Risk Being Accountable How Professionals can be Exposed How to Minimise the Risk The Risk Being Accountable One thing is certain reputation damage caused by litigation can be devastating. Professional consulting businesses, and individuals providing specialist expertise, are under

More information

Embracing Cyber Risk: Insurance Solutions

Embracing Cyber Risk: Insurance Solutions Embracing Cyber Risk: Insurance Solutions ANZIIF Risk Rendezvous 15 Ian Pollard, Managing Director, Delta Insurance New Zealand Limited Agenda Risk Management Risk Transfer and Insurance Cyber attacks

More information

Insurance implications for Cyber Threats

Insurance implications for Cyber Threats Lillehammer Energy Claims Conference Lillehammer March 7, 2014 Insurance implications for Cyber Threats How enterprises need to prepare for the inevitable JLT is one of the world s largest providers of

More information

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :

More information

How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised

How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised ACE USA Podcast Released June 24, 2010 How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised Moderator: Richard Tallo Senior Vice President, ACE North America Marketing

More information

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014

More information

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics

More information

CYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison

CYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison CYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison Gary Solway* Bennett Jones LLP The August release of the purported names and other details of over 35 million customers

More information

CYBER & PRIVACY LIABILITY INSURANCE GUIDE

CYBER & PRIVACY LIABILITY INSURANCE GUIDE CYBER & PRIVACY LIABILITY INSURANCE GUIDE 01110000 01110010 011010010111011001100001 01100 01110000 01110010 011010010111011001100001 0110 Author Gamelah Palagonia, Founder CIPM, CIPT, CIPP/US, CIPP/G,

More information

HCC International Information and Communication Technology

HCC International Information and Communication Technology HCC International Information and Communication Technology The Growth and Evolution of the ICT Market The Information and Communication Technology (ICT) sector remains one of the fastest growing, most

More information

The Legal Pitfalls of Failing to Develop Secure Cloud Services

The Legal Pitfalls of Failing to Develop Secure Cloud Services SESSION ID: CSV-R03 The Legal Pitfalls of Failing to Develop Secure Cloud Services Cristin Goodwin Senior Attorney, Trustworthy Computing & Regulatory Affairs Microsoft Corporation Edward McNicholas Global

More information

Law Firm Cyber Security & Compliance Risks

Law Firm Cyber Security & Compliance Risks ALA WEBINAR Law Firm Cyber Security & Compliance Risks James Harrison CEO, INVISUS Breach Risks & Trends 27.5% increase in breaches in 2014 (ITRC) Over 500 million personal records lost or stolen in 2014

More information

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem.

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem. Cybersecurity: Minimizing Risk & Responding to Breaches March 5, 2015 Andy Chambers Michael Kelly Jimmie Pursell Scope of Problem Data Breaches A Daily Phenomenon Anthem JP Morgan / Chase Sony Home Depot

More information

Think STRENGTH. Think Chubb. Cyber Insurance. Andrew Taylor. Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber

Think STRENGTH. Think Chubb. Cyber Insurance. Andrew Taylor. Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber Think STRENGTH. Think Chubb. Cyber Insurance Andrew Taylor Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber The World Has Changed Then Now 1992 first text message More txt s that the entire

More information

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties

Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Cyber-Security Risk- IP Theft and Data Breaches Protecting your Crown Jewels Internally and with Your Key Third Parties Pamela Passman President and CEO Center for Responsible Enterprise And Trade (CREATe.org)

More information

The promise and pitfalls of cyber insurance January 2016

The promise and pitfalls of cyber insurance January 2016 www.pwc.com/us/insurance The promise and pitfalls of cyber insurance January 2016 2 top issues The promise and pitfalls of cyber insurance Cyber insurance is a potentially huge but still largely untapped

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies

More information

Protecting your business from cyber crime and data loss. November 2014

Protecting your business from cyber crime and data loss. November 2014 Protecting your business from cyber crime and data loss November 2014 1 QBE - Protecting your business from cyber crime and data loss Foreword Today s business environment moves at a rapid pace with a

More information

Cyber Threats and the Insurance Response

Cyber Threats and the Insurance Response Cyber Threats and the Insurance Response Scott Reeves & Laurence Yan Munich Reinsurance Company This presentation has been prepared for the Actuaries Institute 2014 General Insurance Seminar. The Institute

More information

Understanding the Business Risk

Understanding the Business Risk AAPA Cybersecurity Seminar Andaz Savannah Hotel March 11, 2015 10:30 am Noon Understanding the Business Risk Presenter: Joshua Gold, Esq. (212) 278-1886 jgold@andersonkill.com Disclaimer The views expressed

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

Cyber Insurance What is it? Should your bank purchase it? Roberta D. Anderson Partner, K&L Gates LLP roberta.anderson@klgates.

Cyber Insurance What is it? Should your bank purchase it? Roberta D. Anderson Partner, K&L Gates LLP roberta.anderson@klgates. Cyber Insurance What is it? Should your bank purchase it? Roberta D. Anderson Partner, K&L Gates LLP roberta.anderson@klgates.com March 8, 2016 AGENDA Spectrum of Cyber Risk Cutting Edge Cyber Insurance

More information

Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks

Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks Hacks, breaches, stolen data, trade secrets hijacked, privacy violated, ransom demands made; how can you protect your data

More information

Joe A. Ramirez Catherine Crane

Joe A. Ramirez Catherine Crane RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract

More information

Cyber and Data Security. Proposal form

Cyber and Data Security. Proposal form Cyber and Data Security Proposal form This proposal form must be completed and signed by a principal, director or a partner of the proposed insured. Cover and Quotation requirements Please indicate which

More information

How To Buy Cyber Insurance

How To Buy Cyber Insurance 10-26-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Linda Vincent, R.N., P.I., CITRMS Vincent & Associates Founder The Identity Advocate San Pedro, California The opinions expressed

More information

National Corporate Practice. Cyber risks explained what they are, what they could cost and how to protect against them

National Corporate Practice. Cyber risks explained what they are, what they could cost and how to protect against them National Corporate Practice Cyber risks explained what they are, what they could cost and how to protect against them what this briefing covers ff Introduction ff Section 1: What are the risks and the

More information

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS RRD Donnelley SEC Hot Topics Institute May 21, 2014 1 MANAGING CYBERSECURITY RISK AND DISCLOSURE OBLIGATIONS Patrick J. Schultheis Partner Wilson

More information

PCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES

PCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES PCL2\13991300\1 CYBER RISKS: RISK MANAGEMENT STRATEGIES Cyber Attacks: How prepared are you? With barely a day passing without a reported breach of corporate information security, the threat to financial

More information

Discussion on Network Security & Privacy Liability Exposures and Insurance

Discussion on Network Security & Privacy Liability Exposures and Insurance Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter

More information

YOUR TRUSTED PARTNER IN A DIGITAL AGE. A guide to Hiscox Cyber and Data Insurance

YOUR TRUSTED PARTNER IN A DIGITAL AGE. A guide to Hiscox Cyber and Data Insurance YOUR TRUSTED PARTNER IN A DIGITAL AGE A guide to Hiscox Cyber and Data Insurance 2 THE CYBER AND DATA RISK TO YOUR BUSINESS This digital guide will help you find out more about the potential cyber and

More information

Insuring Innovation. CyberFirst Coverage for Technology Companies

Insuring Innovation. CyberFirst Coverage for Technology Companies Insuring Innovation. CyberFirst for Technology Companies TECHNOLOGY IS EVERYWHERE. SO ARE THE THREATS. protection that goes well beyond a traditional general liability policy. CyberFirst CyberFirst is

More information

cyber invasions cyber risk insurance AFP Exchange

cyber invasions cyber risk insurance AFP Exchange Cyber Risk With cyber invasions now a common place occurrence, insurance coverage isn t found in your liability policy. So many different types of computer invasions exist, but there is cyber risk insurance

More information

Chartered Accountants Australia & New Zealand Professional Indemnity and Management Liability Proposal Form

Chartered Accountants Australia & New Zealand Professional Indemnity and Management Liability Proposal Form Chartered Accountants Australia & New Zealand Professional Indemnity and Management Liability Proposal Form SECTION 1: Professional Indemnity 1. Insured Details 1.1 Is at least one principal, director

More information

Cyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen

Cyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen Cyber Security : preventing and mitigating incidents Alexander Brown Robert Allen 07 & 08 October 2015 Cyber Security context of the threat The magnitude and tempo of [cyber security attacks], basic or

More information

Zurich Public Sector Solution

Zurich Public Sector Solution Zurich Public Sector Solution Solutions for an Evolving Public Sector Managing risk for a Public Sector entity has taken on an unprecedented level of complexity. Consider for a moment the evolving risks

More information

Directors and Officers Liability Insurance Guidance and Advice for Risk Managers

Directors and Officers Liability Insurance Guidance and Advice for Risk Managers Directors and Officers Liability Insurance Guidance and Advice for Risk Managers The insurance market has responded to recent corporate failures by requiring more information from organisations seeking

More information

Tools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited

Tools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited Tools Conference Toronto November 26, 2014 Insurance for NFP s Presented by Paul Spark HUB International HKMB Limited Topics Insurance Policies Basics Directors and Officers Liability Insurance Commercial

More information

Cyber Insurance: How to Investigate the Right Coverage for Your Company

Cyber Insurance: How to Investigate the Right Coverage for Your Company 6-11-2015 Cyber Insurance: How to Investigate the Right Coverage for Your Company Presented by: Faith M. Heikkila, Ph.D., CISM, CIPM, CIPP-US, ABCP Greenleaf Trust Chief Information Security Officer (CISO)

More information

ISO/IEC 27001 Information Security Management. Securing your information assets Product Guide

ISO/IEC 27001 Information Security Management. Securing your information assets Product Guide ISO/IEC 27001 Information Security Management Securing your information assets Product Guide What is ISO/IEC 27001? ISO/IEC 27001 is the international standard for information security management and details

More information

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone: Company or Trading Name: Address: Post Code: Telephone: E-mail: Website: Date Business Established Number of Employees Do you have a Chief Privacy Officer (or Chief Information Officer) who is assigned

More information

Cyber Liability. AlaHA Annual Meeting 2013

Cyber Liability. AlaHA Annual Meeting 2013 Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages

More information

www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v8 2-25-14

www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit March 6, 2014 (4:30-5:30) Draft v8 2-25-14 www.pwc.com The data breach lifecycle: From prevention to response IAPP global privacy summit (4:30-5:30) Draft v8 2-25-14 Common Myths 1. You have not been hacked. 2. Cyber security is about keeping the

More information

Credit Union Liability with Third-Party Processors

Credit Union Liability with Third-Party Processors World Council of Credit Unions Annual Conference Credit Union Liability with Third-Party Processors Andrew (Andy) Poprawa CEO, Deposit Insurance Corporation of Ontario Canada 1 Credit Union Liability with

More information

Cyber Insurance as one element of the Cyber risk management strategy

Cyber Insurance as one element of the Cyber risk management strategy Cyber Insurance as one element of the Cyber risk management strategy Stéphane Hurtaud Partner Governance, Risk & Compliance Thierry Flamand Partner Insurance Leader Laurent de la Vaissière Director Governance,

More information

Specialty Risk Protector

Specialty Risk Protector Specialty Professional Liability and Data and Network Security Insurance is a single policy that makes it easy for companies to secure the multi-faceted E&O protection our networked world requires. A simplified,

More information

Small businesses: What you need to know about cyber security

Small businesses: What you need to know about cyber security Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...

More information

Cybercrime: risks, penalties and prevention

Cybercrime: risks, penalties and prevention Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,

More information

Cyber Risks in the Boardroom

Cyber Risks in the Boardroom Cyber Risks in the Boardroom Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks in a Changing

More information

Cyber Risk State of the Art

Cyber Risk State of the Art Proudly presents Cyber Risk State of the Art Matthew Davies, Chubb Insurance Catherine Dowdall, Canada Post Mike Petersen, Marsh 1 Agenda 1. Who is At Risk? 2. New/Emerging Risk and Trends 3. Canada Post

More information

NCUA LETTER TO CREDIT UNIONS

NCUA LETTER TO CREDIT UNIONS NCUA LETTER TO CREDIT UNIONS NATIONAL CREDIT UNION ADMINISTRATION 1775 Duke Street, Alexandria, VA 22314 DATE: October 2001 LETTER NO.: 01-CU-12 TO: SUBJ: Federally Insured Credit Unions e-commerce Insurance

More information

CAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance

CAGNY Spring 2015 Meeting Fundamentals of Cyber Risk. Brad Gow June 9th, 2015 Endurance Fundamentals of Cyber Risk Brad Gow June 9th, 2015 Endurance But consider the kickoff chuckle to a speech given to the Wharton School in March 1977 by Sidney Homer of Salomon Brothers, the leading bond

More information

Cyber Risks in Italian market

Cyber Risks in Italian market Cyber Risks in Italian market Milano, 01.10.2014 Forum Ri&Assicurativo Gianmarco Capannini Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends

More information

Managing Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal

Managing Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal Managing Cyber Threats Risk Management & Insurance Solutions Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal Overview Recent Trends and Loss Exposures Risk Management Strategies

More information

Surveyors Professional Liability Insurance Summary

Surveyors Professional Liability Insurance Summary Surveyors Professional Liability Surveyors Professional Liability Underwritten by a member of the QBE Insurance Group (QBE) This insurance is an annual contract unless stated otherwise in the quotation

More information

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today

More information

WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES

WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES This special report examines the cyber risk disclosures made by the retail sector of the Fortune 1000.

More information