Cyber Risks in Italian market

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Cyber Risks in Italian market"

Transcription

1 Cyber Risks in Italian market Milano, Forum Ri&Assicurativo Gianmarco Capannini

2 Agenda 1 Cyber Risk - USA 2 Cyber Risk Europe experience trends Market size and trends Market size and trends Kind of coverage Legal environment Loss experience 3 Sectors segmentation Ponemon Institute : 2014 Cost of data breach study in Italy Università la Sapienza - Cyber intelligence and information security center CyLab 2012 Report Segmentation 4 Risk Management Preventive measure / loss control Risk assessment 5 Overview of coverage provided Dimension of Cyber Risks Alternative products 6 Conclusion Alternative strategies available in Munich Re Group 2

3 1. Cyber risks USA experience US Market still have strong growth ( as cyber liability cover becomes the norm, the market will rise to something closer to USD 8 billion ) but the market is softening. US Cyber liability Market Facts /2015 Gross written premium (USD mio) Source: The Betterley report (Cyber insurance market survey 2013) Forecast The market for Cyber insurance products has developed largely in response to breach notification laws which require public and private organizations to report breach information to regulators or consumer reporting agencies The primary catalyst for this reporting was the State of California, which in 2003 passed the country s first data breach (unauthorized acquisition of computerized data that compromises the security, confidentiality, or integrity of personal information maintained by the person or business) notification law As of early 2014, data breach notification laws are present in 46 out of 50 States Remarks Carriers that have been significant players in the Cyber Risk market for at least several years indicate premium growth ranged from 25% to over 100%. Most were in the 10-25% range, and only two were under 10% Growth has been dampened by some rate competition as new carriers try to gain market share Pricing model remains challenging given a lack of actuarial data There is a great deal of concern over accumulation risk, which has caused reinsurers to limit their exposure 3

4 1. Cyber risks USA experience US Cyber insurance allows an organization to transfer a variety of risks associated with Cyber related activities. There are two primary areas of cover: Cyber liability and Cyber Risks. 1 Cyber liability Insurance (provides coverage for liabilities that an organization causes to its customers or to others). A sizeable market exists for these products, particularly in countries that have mandatory data breach notification laws. Cyber liability insurance cover can include Data breach and crisis management Media liability Extortion liability Network security liability 2 Cyber risk insurance (is used to cover direct losses to the organization, often known as first party risk). It s less common than Cyber liability insurance. Cyber risk insurance may include some liability coverage Liability Effects of malicious code Business interruption Cyber attacks Technology errors and omissions Intellectual property infringement 4

5 1. Cyber risks USA experience NetDiligence Cyber liability & Data breach insurance claims study uses actual cyber liability insurance reported claims to illuminate the real costs from an insurer s perspective. Percentage of Claims by Business Sector (N=140) Measuring Costs $84m Total payout for all 88 claims $20m Largest claim payout $0,95m Average payout Source: NetDiligence Cyber Liability & Data Breach insurance Claims) Measuring costs by type of costs 13% Legal settlement 35% Legal defense 50% Crisis services: - Forensics - Notification - Credit monitoring - Legal guidance 5

6 2. Cyber risks Europe trends Europe growth will be positively impacted since 2015/2016 by the new legislation. Europe prospective Forecast Source: AGCS Europe large accounts Gross written premium ( mio) Facts July 2014: With growing demand for cyber insurance, new policies are becoming available: Bosch Group has insured corresponding damages of up to EUR 100m July 2014: BCE has been hacked, with attackers stealing addresses and contact data. The break-in was only discovered when the thief emeiled the bank to ask for financial compensation for the data. Jan. 2014: German federal security officials have admitted that internet hackers had stolen 16 million passwords. Cyber criminals stole details which could compromise social media, shopping and other online services Remarks EU Commission s new rules on data will not come into force until 2015/2016; Compulsory breach notification was a key factor in the growth of the cyber risk insurance market in the US and the same might be expected in the EU following this new regime. Although cyber incidents are not covered by general liability policies, only 28% of the boards (Forbes Global 2000 companies) are reviewing insurance coverage for cyber related risks. Source: CyLab How boards & Senior Executives are managing cyber risks 6

7 2. Cyber risks Europe trends Changes in legal environment will push insurance demand. On the other hand some uncertainties on the coverage needs will remain unresolved until the final legislation is not in force. 1. The Regulation requires that data controllers and processors implement appropriate measures to ensure a level of security appropriate to the risk represented by the processing and the nature of the personal data protected, in light of the state of the art and the costs of implementation. 2. The draft requires that data controllers notify the supervising authority without undue delay, and where feasible, not later than 24 hours after becoming aware of a personal data breach. 3. The Regulation further provides that the data controller must inform the subject of the data breach of the incident without undue delay, when the breach is likely to adversely affect the protection of the subject s data or privacy. It provides for fines up to 1m, or 2% of annual worldwide turnover, for non-compliance. 4. The Regulation also provides that data subjects have the right to have personal data erased when no longer necessary in relation to the purposes for which it was collected, or where the data processing does not comply with the Regulation. Fines for violation of this provision range up to 500,000, or in the case of an Enterprise 1% of annual worldwide turnover. 5. Regulation provides for private rights of action for damage suffered as a result of unlawful processing of data or an action inconsistent with the Regulation. 7

8 3. Sectors segmentation Benchmark studies are becoming available in our market and will provide indication in respect of probability and severity of data breach occurrence. Ponemon Institute : 2014 Cost of data breach study in Italy Cost of Data Breach Probability of Data Breach (involving at least 10K records) Activities for discovery and the immediate response to the data breach, including but not limited to: 1. Investigations and forensics to determinate the root cause of the data breach, 2. Determining the probable victims 3. Preparing notice documents and other required disclosures to data breach victims and regulators Estimated probabilities have been captured from sample respondents using a point estimation technique. Chief information security officer provided their estimate of data breach likelihood for 10 levels of data breach incidents (ranging from to lost or stolen records) Activities conducted in the aftermath of discovering the data breach including but not limited to: 1. Legal services for defence 2. Identity protection services Costs resulting from lost business opportunities as a consequence of negative reputation effects after the breach 8

9 3. Sectors segmentation Benchmark studies are becoming available in our market and will provide indication in respect of probability and severity of data breach occurrence. Ponemon Institute : 2014 Cost of data breach study in Italy Remarks Probability of data breach (involving at least 10K records): Probability of data breach Higher Avarage Public sector Retail Services Hospitality Industrial Technology Financial Consumer Pharmaceutical Communication Retail companies and Public sectors organization have the highest estimated probability of occurrence. One possible explanation is the amount of confidential and sensitive information collected by these sectors combined with the lower level of security Energy and Transportation companies have the lowest probability of occurrence Cost of data breach: including both the direct and indirect expenses incurred by the organization. Transportation Lower Energy The average cost of data breach rose from 78 in 2012 to 102 in 2014 Lower Average Higher Cost of data breach Bubble size reflects the vulnerability to outliers : pharmaceutical and financial service organizations experience relatively high abnormal churn and public sector and retail organizations realize relatively low churn. Consumer product companies and financial institutions tend to have a per capita cost above the mean Services, public sector and retail companies have a per capita cost significantly below the mean 9

10 3. Sectors segmentation IT security level is an important indicator for a proper segmentation. Financial sector has the lowest ratio of successful attack but more or less 100% of companies have been attacked. Università la Sapienza - Cyber intelligence and information security center. Research methodology Organizations targeted The aim of this research was to provide a snapshot of the degree of risk perception and cyber security measures currently implemented in Italy The Research Center of Cyber intelligence and information security submitted an anonymous questionnaire to 68 organizations. A total of 28 fully filled-in questionnaire were collected The organizations targeted by the study where clustered in four group: 1. Public administration this group includes local administrations, central administrations and government agencies (13 entities) 2. (public) Utilities include electricity, gas, telephone and water (4 entities) 3. Financial include banks, trust companies, insurance companies and investment dealers (6 entities) 4. Industrial include mainly large IT industries and large Italian manufacturing industries (5 entities) 56,7% of these organizations have up to employees 10

11 3. Sectors segmentation IT security level is an important indicator for a proper segmentation. Financial sector has the lowest ratio of successful attack but more or less 100% of companies have been attacked. Università la Sapienza - Cyber intelligence and information security center. 15% 33% 20% 77% 100% Attacked companies 75% Advanced protection 62% 75% 40% Succesfully attacked 85% 67% 80% Basic protection 25% 17% 20% 25% PA Utilities Financial Industrial Source: Università Sapienza Cyber intelligence and information security center. PA Utilities Financial Industrial Source: Università Sapienza Cyber intelligence and information security center. Remarks All financial organizations have been attacked and attacks have been successful in 17% of cases The public administration group is the one exhibiting the highest number of successful attacks 62% This should be considered as an indicator of poor security policies. Conversely, the industrial group is the least attacked. Infrastructure to detect active attacks by means of Basic protection or Advanced protection 71% of the organizations declare they own an IT infrastructure which is able to detect simple attacks. The remaining 29% of the organizations declare they own an IT infrastructure that is capable of detecting Advanced Persistent Threats (APTs1). 11

12 3. Sectors segmentation Assessment of the risks is necessary in order to turn research and study indications into more reliable arguments. Segmentation based upon Companies security level and commitment Remarks Security practices and policies. Security practices and policies Higher Avarage Lower Other Industries and Public administration Financial and IT / Communication Utilities and Energy sector Lower Average Higher Hardware protection level The CyLab 2012 Report confirmed the belief among security experts that: Financial sector has better privacy and security practices than other industries Respondents indicated that the financial sector paid more attention to IT and security issues. Hardware protection level. This parameter reflects the results of anonymous questionnaire submitted to 68 Italian organization sensitive to Cyber attacks. The result may provide an indication in respect of physical preventive measure applied Source: Hardware protection level - Università la Sapienza Cyber intelligence and information security center. Source: Security practices and policies - CyLab 2012 report How boards & Senior Executives are managing Cyber Risks. 12

13 3. Sectors segmentation IT / Communications / Financial sectors may look more than the others for an immediate risk transfer. Risk appetite should be fully driven by security level. Segmentation based upon probability of data breach and potential consequence severity High Deductibles - + Retail Public sector Limits High + Severity Too high frequency The segmentation proposed are not meant to have statistical significant, especially in terms of group representativeness. Probability of data breach Low Medium Hospitality Industrial Technology Pharmaceutical Communications Transportation Energy Services Financial Less risk transfer appetite? Rather the aim is to provide a snapshot of the hypothetical classification in terms of probability and exposures. It should be considered as a starting point for further deepen assessments. Finance, Technology and Communication sectors tends to have: the most reliable level of security policies the probability of data breach above the average value Industrial, Pharmaceutical and Healthcare might be an interesting option - Security and commitment level Lower the average 13

14 4. Risk management Insurance as a service. We have to built up a reliable number of partnerships in order assess and mitigate the Risks. Risk management: assess the state of an organizations cyber defenses in real time. Once a full sweep security check has been conducted, the organization can go ahead plugging any security holes. This also enables potential insurers to take a clear risk decision based on a real-time picture of the precise state of an organization's cyber security profile. Preventive measures / loss control Find a suitable partner for claims mitigation/handling: it needs to be a specialized IT company which is able to assess as from the first indication sources of breach, technological ways to keep the IT system running (avoidance of business interruption) and early communication / advise to damaged entities outside Legal Secure data storage/backup (provided as a service) Call centre services Public relation and crisis management Risk assessment Security best practices: Encryption - Physical protection - Security organization - Security training Business contingency planning: Incident management processes - Back up Responsibilities Collection strategy of personal data: Type of data Collection history Deletion of unused data Data mobility : Use of laptops Use of internet Use of external service providers Structure: Number of offices Employee mobility National/International Type of Business: Nature of business Traditional or online Reputation of Company 14

15 4. Risk management A different point of view, which kind of approach do we expect from potential Insured? Recommendations What should my organization do? 1 Proactively improve cyber security Improved cyber defenses help to protect against attacks and can make organizations eligible for reduced insurance premium Prepare for potential insurers to conduct a robust information security assessment of your organization in advance of writing a cyber insurance policy 2 Understand policy inclusions and exclusions Understand what cyber liability cover your organization may have already from existing policies Cyber insurance is new and policy language is not yet standardized. Inclusions, and particularly exclusions, can significantly affect the policy coverage Prepare for insurers to add cyber liability exclusions to existing policies such as Errors and Omissions, and for separate cyber insurance to be required as a result 3 Ensure sufficient coverage Existing insurance policies should be mapped to cyber risks. Only then can an organization procure coverage sufficient to meet their risks Investigate the data breach regulations of countries where your organization conducts or whishes to conduct business 15

16 5. Overview of coverage provided Different types of consequence from a Cyber attack, different type of coverage from primarily first-party to primarily third party. Dimensions of Cyber Risks Consequence of a Cyber incident Incident Additional costs / remediation Impact on business Legal implications 16

17 5. Overview of coverage provided Munich Re Group Cyber coverage could be a part of a Comprehensive Electronic Insurance up to a dedicated Cyber product. Comprehensive Electronic Insurance including software cover Extended computer policy Cyber Risk Insurance cover First party coverage Cyber liability Insurance cover Third party coverage Software Insurance Cover intends to cover losses also in case:. If an unforeseen loss or alteration of the data has occurred due to errors in operation (e.g. improper use of data media, entering a wrong command) or deliberate modification of programs or data by a third party with malicious intent (e.g. hackers) Also the new replacement value of the exchangeable data media is reimbursed Comprehensive Software Insurance Cover intends to cover for the costs incurred as a result of: Network security breach (Theft of data) and Computer virus. and may imply potentially: Loss/damage of digital assets, data, software, hardware Network downtime / lost income / Incident management costs Crisis management Reputational damage loss of intellectual property, data breach, lost customers etc Theft of money, funds and digital assets Third party liability intends to provides protection against liability arising from breaches and includes the loss of both personal consumer information and business confidential information. and may imply furthermore: Loss / breach of third party data investigation / defense and civil damages including data stored with third-party Transmission of malware Regulator action and fines Notification 17

18 6. Conclusion Munich Re Group is ready to provide know how, service and capacity according to the specifics needs of the Clients. We suggest dedicated meetings in order to select the best option. Benefit To do 1 Partnership with Client joint development of tailor made product Joint decisions in terms of coverage and risk appetite Joint decisions in terms of risk assessment methodologies and external services Dedicated meeting in order to evaluate which kind of product may reach better than other the expectation of the Clients Project plan and commitment 2 Cyber Risk Insurance Primarily first party coverage Ready in a short period of time Strong experience within Munich Re group Pure property coverage Insurance companies to analyze the needs of their potential Clients in order to evaluate if their expectations fit with this product 3 HSB Cyber product First party and third party coverage Dedicated Cyber risk product Consolidated experience Advanced relationship with providers of services Wider coverage Product already available in the London market for Small / Medium enterprises, needs to be adjusted for Italian environment / market 18

19 Thank you very much for your attention Milano, Forum Ri&Assicurativo Gianmarco Capannini

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in

More information

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the

More information

Mitigating and managing cyber risk: ten issues to consider

Mitigating and managing cyber risk: ten issues to consider Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed

More information

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements Greater New York Chapter Association of Corporate Counsel November 19, 2015 Stephen D. Becker, Executive Vice President

More information

Cyber Insurance Presentation

Cyber Insurance Presentation Cyber Insurance Presentation Presentation Outline Introduction General overview of Insurance About us Cyber loss statistics Cyber Insurance product coverage Loss examples Q & A About Us A- Rated reinsurance

More information

Cyber Liability & Data Breach Insurance Claims

Cyber Liability & Data Breach Insurance Claims Cyber Liability & Data Breach Insurance Claims A Study of Actual Payouts for Covered Data Breaches Mark Greisiger President NetDiligence June 2011 Last year, privacy breaches ran about 1-2 per week. This

More information

Cyber Insurance as one element of the Cyber risk management strategy

Cyber Insurance as one element of the Cyber risk management strategy Cyber Insurance as one element of the Cyber risk management strategy Stéphane Hurtaud Partner Governance, Risk & Compliance Thierry Flamand Partner Insurance Leader Laurent de la Vaissière Director Governance,

More information

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor Cyber Risks Management Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Corporate Assets Data Breach Costs Time from Earliest Evidence of Compromise to Discovery of Compromise The Data Protection

More information

CYBER RISK SECURITY, NETWORK & PRIVACY

CYBER RISK SECURITY, NETWORK & PRIVACY CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread

More information

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance

Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Be Afraid, Be Very Afraid!!! Hacking Out the Pros and Cons of Captive Cyber Liability Insurance Today s agenda Introductions Cyber exposure overview Cyber insurance market and coverages Captive cyber insurance

More information

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014 Nikos Georgopoulos Privacy Liability & Data Breach Management wwww.privacyrisksadvisors.com October 2014

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

Cyber/ Network Security. FINEX Global

Cyber/ Network Security. FINEX Global Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over

More information

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd Data breach, cyber and privacy risks Brian Wright Lloyd Wright Consultants Ltd Contents Data definitions and facts Understanding how a breach occurs How insurance can help to manage potential exposures

More information

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability

Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today

More information

Cyber Threats and the Insurance Response

Cyber Threats and the Insurance Response Cyber Threats and the Insurance Response Scott Reeves & Laurence Yan Munich Reinsurance Company This presentation has been prepared for the Actuaries Institute 2014 General Insurance Seminar. The Institute

More information

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you

More information

Cybersecurity Workshop

Cybersecurity Workshop Cybersecurity Workshop February 10, 2015 E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. E. Andrew Keeney, Esq. Kaufman & Canoles, P.C. 150 West Main Street, Suite 2100 Norfolk, VA 23510 (757) 624-3153

More information

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Ponemon Institute Research Report

More information

Cyber and Data Security. Proposal form

Cyber and Data Security. Proposal form Cyber and Data Security Proposal form This proposal form must be completed and signed by a principal, director or a partner of the proposed insured. Cover and Quotation requirements Please indicate which

More information

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013

More information

CYBER SECURITY SPECIALREPORT

CYBER SECURITY SPECIALREPORT CYBER SECURITY SPECIALREPORT 32 The RMA Journal February 2015 Copyright 2015 by RMA INSURANCE IS AN IMPORTANT TOOL IN CYBER RISK MITIGATION Shutterstock, Inc. The time to prepare for a potential cyber

More information

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS Read the Marsh Risk Management Research Briefing: Cyber Risks Extend Beyond Data and Privacy Exposures To access the report, visit www.marsh.com.

More information

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec Jeremy Ong Divisional Vice-President Great American Insurance Company November 13, 2010 1 Agenda Overview of data breach statistics

More information

The potential legal consequences of a personal data breach

The potential legal consequences of a personal data breach The potential legal consequences of a personal data breach Tue Goldschmieding, Partner 16 April 2015 The potential legal consequences of a personal data breach 15 April 2015 Contents 1. Definitions 2.

More information

BOARD OF GOVERNORS MEETING JUNE 25, 2014

BOARD OF GOVERNORS MEETING JUNE 25, 2014 CYBER RISK UPDATE BOARD OF GOVERNORS MEETING JUNE 25, 2014 EXECUTIVE SUMMARY Cyber risk has become a major threat to organizations around the world, as highlighted in several well-publicized data breaches

More information

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former

More information

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Data Breach Cost. Risks, costs and mitigation strategies for data breaches Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,

More information

2015 Cost of Data Breach Study: United States

2015 Cost of Data Breach Study: United States 2015 Cost of Data Breach Study: United States Benchmark research sponsored by IBM Independently conducted by Ponemon Institute LLC May 2015 Ponemon Institute Research Report 2015 1 Cost of Data Breach

More information

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: March 2013 Ponemon Institute Research Report

More information

Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for?

Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Authored by Neeraj Sahni and Tim Stapleton Neeraj Sahni is Director, Insurance Channel at Kroll Cyber Investigations

More information

Cyber Threats: Exposures and Breach Costs

Cyber Threats: Exposures and Breach Costs Issue No. 2 THREAT LANDSCAPE Technological developments do not only enhance capabilities for legitimate business they are also tools that may be utilized by those with malicious intent. Cyber-criminals

More information

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ APIP - Cyber Liability Insurance Coverages, Limits, and FAQ The state of Washington purchases property insurance from Alliant Insurance Services through the Alliant Property Insurance Program (APIP). APIP

More information

Managing Cyber Risk through Insurance

Managing Cyber Risk through Insurance Managing Cyber Risk through Insurance Eric Lowenstein Aon Risk Solutions This presentation has been prepared for the Actuaries Institute 2015 ASTIN and AFIR/ERM Colloquium. The Institute Council wishes

More information

Beyond Data Breach: Cyber Trends and Exposures

Beyond Data Breach: Cyber Trends and Exposures Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in

More information

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :

More information

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone: Company or Trading Name: Address: Post Code: Telephone: E-mail: Website: Date Business Established Number of Employees Do you have a Chief Privacy Officer (or Chief Information Officer) who is assigned

More information

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature Demystifying Cyber Insurance Jamie Monck-Mason & Andrew Hill Introduction What is cyber? Nomenclature 1 What specific risks does cyber insurance cover? First party risks - losses arising from a data breach

More information

Network Security & Privacy Landscape

Network Security & Privacy Landscape Network Security & Privacy Landscape Presented By: Greg Garijanian Senior Underwriter Professional Liability 1 Agenda Network Security Overview -Latest Threats - Exposure Trends - Regulations Case Studies

More information

NZI LIABILITY CYBER. Are you protected?

NZI LIABILITY CYBER. Are you protected? NZI LIABILITY CYBER Are you protected? Any business that operates online is vulnerable to cyber attacks and data breaches. From viruses and hackers to employee error and system damage, your business is

More information

ISO? ISO? ISO? LTD ISO?

ISO? ISO? ISO? LTD ISO? Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind

Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind Page1 Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind The use of electronic medical records (EMRs) to maintain patient information is encouraged today and

More information

Discussion on Network Security & Privacy Liability Exposures and Insurance

Discussion on Network Security & Privacy Liability Exposures and Insurance Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter

More information

DATA BREACH COVERAGE

DATA BREACH COVERAGE THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ THIS CAREFULLY. DATA BREACH COVERAGE SCHEDULE OF COVERAGE LIMITS Coverage Limits of Insurance Data Breach Coverage $50,000 Legal Expense Coverage $5,000

More information

Joe A. Ramirez Catherine Crane

Joe A. Ramirez Catherine Crane RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract

More information

Is Cyber Insurance the Next Big Think? 2nd Digital Payments Summit - May 2016. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Is Cyber Insurance the Next Big Think? 2nd Digital Payments Summit - May 2016. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor Is Cyber Insurance the Next Big Think? 2nd Digital Payments Summit - May 2016 Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor 1 Contents Cromar Insurance Brokers Historical Development of Cyber (Re)Insurance

More information

Think STRENGTH. Think Chubb. Cyber Insurance. Andrew Taylor. Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber

Think STRENGTH. Think Chubb. Cyber Insurance. Andrew Taylor. Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber Think STRENGTH. Think Chubb. Cyber Insurance Andrew Taylor Asia Pacific Zone Product Manager Chubb Pro PI, Media, Cyber The World Has Changed Then Now 1992 first text message More txt s that the entire

More information

Cyber-Crime Protection

Cyber-Crime Protection Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living

More information

CYBER LIABILITY & INFORMATION SECURITY

CYBER LIABILITY & INFORMATION SECURITY MAIN: 919.926.4623 TOLL-FREE: 855.490.2528 WEBSITE: www.sentinelra.com CYBER LIABILITY & INFORMATION SECURITY In today's world, terms such as data breach and cyber liability are not new. With each year,

More information

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information

More information

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Cyber Liability Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group 877-337-3200 Ext. 7029 Today s Agenda What is Cyber Liability? What are the exposures? Reality of a

More information

9/13/2011. Miscellaneous Current Topics in Healthcare Professional Liability. Antitrust Notice. Table of Contents. Cyber Liability.

9/13/2011. Miscellaneous Current Topics in Healthcare Professional Liability. Antitrust Notice. Table of Contents. Cyber Liability. Miscellaneous Current Topics in Healthcare Professional Liability Josh Zirin, FCAS, MAAA Antitrust Notice The Casualty Actuarial Society is committed to adhering strictly to the letter and spirit of the

More information

Managing Cyber & Privacy Risks

Managing Cyber & Privacy Risks Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past

More information

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler Internet Gaming: The New Face of Cyber Liability Presented by John M. Link, CPCU Cottingham & Butler 1 Presenter John M. Link, Vice President jlink@cottinghambutler.com 2 What s at Risk? $300 billion in

More information

Cyber Exposure for Credit Unions

Cyber Exposure for Credit Unions Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of

More information

Cybersecurity. Are you prepared?

Cybersecurity. Are you prepared? Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data

More information

The promise and pitfalls of cyber insurance January 2016

The promise and pitfalls of cyber insurance January 2016 www.pwc.com/us/insurance The promise and pitfalls of cyber insurance January 2016 2 top issues The promise and pitfalls of cyber insurance Cyber insurance is a potentially huge but still largely untapped

More information

cyber invasions cyber risk insurance AFP Exchange

cyber invasions cyber risk insurance AFP Exchange Cyber Risk With cyber invasions now a common place occurrence, insurance coverage isn t found in your liability policy. So many different types of computer invasions exist, but there is cyber risk insurance

More information

Practical Cyber Law: Why the Standard of Care Requires Lawyers to Have a Basic Understanding of Cyber Insurance

Practical Cyber Law: Why the Standard of Care Requires Lawyers to Have a Basic Understanding of Cyber Insurance Practical Cyber Law: Why the Standard of Care Requires Lawyers to Have a Basic Understanding of Cyber Insurance By Shawn Tuma & Katti Smith Data breaches have become far more common than most people realize.

More information

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks Thank you for joining us. We have a great many participants in today s call. Your phone is currently

More information

Cyber Liability. What School Districts Need to Know

Cyber Liability. What School Districts Need to Know Cyber Liability What School Districts Need to Know Data Breaches Growing In Number Between January 1, 2008 and April 4, 2012 314,216,842 reported records containing sensitive personal information have

More information

Aftermath of a Data Breach Study

Aftermath of a Data Breach Study Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This HIPAA Business Associate Agreement ("BA AGREEMENT") supplements and is made a part of any and all agreements entered into by and between The Regents of the University

More information

2014 Cost of Data Breach Study: Global Analysis

2014 Cost of Data Breach Study: Global Analysis 2014 Cost of Data Breach Study: Global Analysis Benchmark research sponsored by IBM Independently conducted by Ponemon Institute LLC May 2014 Ponemon Institute Research Report Part 1. Introduction 2014

More information

Cyber Risks and Insurance Solutions Malaysia, November 2013

Cyber Risks and Insurance Solutions Malaysia, November 2013 Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare

More information

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS

THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Investment in cyber insurance Lockton Companies

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

Cyber Risk Insurance for Agents. Frequently Asked Questions

Cyber Risk Insurance for Agents. Frequently Asked Questions Cyber Risk Insurance for Agents Frequently Asked Questions 1 Cyber Risk Insurance About Great American Insurance Great American Insurance Group s roots go back to 1872 with the founding of its flagship

More information

Insuring Innovation. CyberFirst Coverage for Technology Companies

Insuring Innovation. CyberFirst Coverage for Technology Companies Insuring Innovation. CyberFirst for Technology Companies TECHNOLOGY IS EVERYWHERE. SO ARE THE THREATS. protection that goes well beyond a traditional general liability policy. CyberFirst CyberFirst is

More information

Coverage is subject to a Deductible

Coverage is subject to a Deductible Frank Cowan Company Limited 75 Main Street North, Princeton, ON N0J 1V0 Phone: 519-458-4331 Fax: 519-458-4366 Toll Free: 1-800-265-4000 www.frankcowan.com CYBER RISK INSURANCE DETAILED APPLICATION Notes:

More information

Data Breach Notification Duty. Dr. Elisabeth Thole 31 October 2015 UIA Valencia

Data Breach Notification Duty. Dr. Elisabeth Thole 31 October 2015 UIA Valencia Data Breach Notification Duty Dr. Elisabeth Thole 31 October 2015 UIA Valencia Van Doorne 2 How is your cyber crime awareness? Either you have been data breached or you just do not know that you have been

More information

Insurance implications for Cyber Threats

Insurance implications for Cyber Threats Lillehammer Energy Claims Conference Lillehammer March 7, 2014 Insurance implications for Cyber Threats How enterprises need to prepare for the inevitable JLT is one of the world s largest providers of

More information

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd Lessons Learned from Recent HIPAA and Big Data Breaches Briar Andresen Katie Ilten Ann Ladd Recent health care breaches Breach reports to OCR as of February 2015 1,144 breaches involving 500 or more individual

More information

Cyber-insurance: Understanding Your Risks

Cyber-insurance: Understanding Your Risks Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some

More information

Our specialist insurance services for Professionals risks

Our specialist insurance services for Professionals risks Our specialist insurance services for Professionals risks Price Forbes & Partners is an independent Lloyd s broker based in the heart of London s insurance sector. We trade with all of the major international

More information

Privacy Rights Clearing House

Privacy Rights Clearing House 10/13/15 Cybersecurity in Education What you face as educational organizations How to Identify, Monitor and Protect Presented by Jamie Gershon Sr. Vice President Education Practice Group 1 Privacy Rights

More information

2015 Cost of Data Breach Study: Global Analysis

2015 Cost of Data Breach Study: Global Analysis 2015 Cost of Data Breach Study: Global Analysis Benchmark research sponsored by IBM Independently conducted by Ponemon Institute LLC May 2015 Ponemon Institute Research Report Part 1. Introduction 2015

More information

Privacy Legislation and Industry Security Standards

Privacy Legislation and Industry Security Standards Privacy Legislation and Issue No. 3 01010101 01010101 01010101 Information is generated about and collected from individuals at an unprecedented rate in the ordinary course of business. In most cases,

More information

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system

More information

PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS

PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS The following claim scenarios are hypothetical and are offered solely to illustrate the types of situations that may result in claims. Although sorted by industry,

More information

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec

Privacy / Network Security Liability Insurance Discussion. January 30, 2013. Kevin Violette RT ProExec Privacy / Network Security Liability Insurance Discussion January 30, 2013 Kevin Violette RT ProExec 1 Irrefutable Laws of Information Security 1) Information wants to be free People want to talk, post,

More information

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked Linda Vincent, R.N., P.I., CITRMS Vincent & Associates Founder The Identity Advocate San Pedro, California The opinions expressed

More information

Enterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security

Enterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security Enterprise Security Governance Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security Governance and Organisational Model Risk Mgmt & Reporting Digital Risk & Security

More information

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become

More information

2013 Cost of Data Breach Study: Global Analysis

2013 Cost of Data Breach Study: Global Analysis 2013 Cost of Data Breach Study: Global Analysis Benchmark research sponsored by Symantec Independently Conducted by Ponemon Institute LLC May 2013 Ponemon Institute Research Report Part 1. Executive Summary

More information

Data Security Breaches: Learn more about two new regulations and how to help reduce your risks

Data Security Breaches: Learn more about two new regulations and how to help reduce your risks Data Security Breaches: Learn more about two new regulations and how to help reduce your risks By Susan Salpeter, Vice President, Zurich Healthcare Risk Management News stories about data security breaches

More information

2013 Cost of Data Breach Study: Global Analysis

2013 Cost of Data Breach Study: Global Analysis 2013 Cost of Data Breach Study: Global Analysis Benchmark research sponsored by Symantec Independently Conducted by Ponemon Institute LLC May 2013 Ponemon Institute Research Report Part 1. Executive Summary

More information

Cyber and data Policy wording

Cyber and data Policy wording Please read the schedule to see whether Breach costs, Cyber business interruption, Hacker damage, Cyber extortion, Privacy protection or Media liability are covered by this section. The General terms and

More information

Distributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015

Distributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015 Distributor Liability Contract Risk Management THOMAS DOUGLASS APRIL 15, 2015 Today s Agenda What are we talking about today? What is Risk Evolution of risk management Understand the importance of Risk

More information

Cybersecurity. Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048

Cybersecurity. Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Cybersecurity Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Setting expectations Are you susceptible to a data breach? October 7, 2014 Setting expectations Victim Perpetrator

More information

Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices

Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Over the course of this one hour presentation, panelists will cover the following subject areas, providing answers

More information

2015 Global Cyber Impact Report

2015 Global Cyber Impact Report 2015 Global Cyber Impact Report Sponsored by Aon Risk Services Independently conducted by Ponemon Institute LLC Publication Date: April 2015 2015 Global Cyber Impact Report Ponemon Institute, April 2015

More information

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh Navigating Cyber Risk Exposure and Insurance Stephen Wares EMEA Cyber Risk Practice Leader Marsh Presentation Format Four Key Questions How important is cyber risk and how should we view the cyber threat?

More information

Navigating the Waters of Incident Response and Recovery

Navigating the Waters of Incident Response and Recovery Navigating the Waters of Incident Response and Recovery Lee Kim, Esq. Tucker Arensberg, P.C. CERT Symposium: Cyber Security Incident Management for Health Information Exchanges June 26, 2013 2013 Lee Kim

More information

INSURANCE CYBER RISK Tine Olsen, Willis

INSURANCE CYBER RISK Tine Olsen, Willis INSURANCE CYBER RISK 18.06.2013 Tine Olsen, Willis CYBER RISICI Agenda: Introduction to Willis What are Cyber risks? Exposure and cases Risk management Risk transfer Insurance Closure and questions 1 Part

More information

Rogers Insurance Client Presentation

Rogers Insurance Client Presentation Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com

More information

The impact of the personal data security breach notification law

The impact of the personal data security breach notification law ICTRECHT The impact of the personal data security breach notification law On 1 January 2016 legislation will enter into force in The Netherlands requiring organisations to report personal data security

More information

Privacy and Data Breach Protection Modular application form

Privacy and Data Breach Protection Modular application form Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while

More information

CYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014

CYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014 CYBER LIABILITY Network Security and Privacy Bring on tomorrow May 15, 2014 1 AGENDA I. Identify Exposures II. Identify how a breach can occur III. The Coverage (Third Party Liability + First Party Losses)

More information