CYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014
Size: px
Start display at page:

Download "CYBER LIABILITY. Bring on tomorrow. Network Security and Privacy. May 15, 2014"

Transcription

1 CYBER LIABILITY Network Security and Privacy Bring on tomorrow May 15,

2 AGENDA I. Identify Exposures II. Identify how a breach can occur III. The Coverage (Third Party Liability + First Party Losses) 2

3 HOW DO WE IDENTIFY EXPOSURES? Do they handle information? If so, what kind? Their own company (including employees) Their clients (Private - personal or commercial) Where do they store it? Do they have multiple computers? If so, do they operate on a network? If a network, do they operate the network themselves or outsource to a vendor? Do they have a website? What is on it? If so, can employees or third parties upload content (e.g. blog, post pictures, post comments)? Do they do anything to make sure they are not infringing on copyright, defaming or in general doing something controversial on their website? 3

4 HOW CAN A BREACH OCCUR? Internally Employees/Vendors Stealing Information (Card Skimming) Lost Resources (Laptop, Smart Phone, Tablet) Mishandling Of Paper Files Externally Individual Hackers/Organized Crime Stealing Information Sending Viruses/Malicious Code Disruption Of Business (Vandalism) 4

5 THIRD PARTY LIABILITY Security Failure A Failure of The Insured s Network Security Virus, Malicious Code, Malware Attacks Privacy Event A Failure to Protect Confidential Information Personal or Corporate Online or Offline Violation of any Federal, State or Local Privacy Statute Failure to Comply with PCI-DSS Standards Allegations Can Be Brought By Individuals, Businesses or Government Agencies 5

6 FIRST PARTY LOSSES Event Response How Can Insurance Respond? Providing notification to consumers based on state mandate Providing ID-monitoring or other remediation services to help minimize damages to those victimized Replacement of lost electronic data Performing a forensic investigation Providing public relations services 6

7 FIRST PARTY LOSSES Network Interruption Addresses loss of income and operating expenses when business operations are interrupted or suspended due to a failure of network security Cyber Extortion Network security related extortion demands made against the insured 7

8 CYBEREDGE INSURANCE COVERAGE Breach: A hospital employee sold patients personally identifiable information for tax fraud purposes. Coverage: The breach resulted in litigation against the Insured, and AIG provided the Insured with national and local counsel to best protect its interests. Breach: An server and external hard drive were stolen from the premises of an outside vendor compromising approximately 175,000 individuals. Coverage: AIG extended $1 Million of Event Management coverage for the cost of notifications and the retention of a law firm and public relations firm. Breach: An apparel retailer experienced a systems failure that resulted in massive customer service delays and customer walk-outs. Coverage: AIG retained a forensic accountant and reimbursed the Insured the full amount of lost sales in excess of the applicable waiting period. Breach: Hackers placed malware onto an Insured s network and demanded $3,000 to un-encrypt. After reporting the claim, the FBI advised the insured not to pay the ransom. Coverage: A forensics firm removed the malware and determined an employee of the Insured was responsible. AIG reimbursed the insured $50,000 for forensic costs. Breach: An Insured posted photographs of a celebrity and a corresponding story that implied he had been dealing illicit drugs online. Coverage: The celebrity denied the accusations and through counsel demanded a retraction of the story. AIG assisted the Insured in settling with the celebrity. The scenarios above are offered only as examples. Coverage depends on the actual facts of each data breach and the terms, conditions, and exclusions of each individual policy. 8

9 9

10 10

11 American International Group, Inc. (AIG) is a leading international insurance organization serving customers in more than 130 countries. AIG companies serve commercial, institutional, and individual customers through one of the most extensive worldwide property-casualty networks of any insurer. In addition, AIG companies are leading providers of life insurance and retirement services in the United States. AIG common stock is listed on the New York Stock Exchange and the Tokyo Stock Exchange. Additional information about AIG can be found at YouTube: LinkedIn: AIG is the marketing name for the worldwide property-casualty, life and retirement, and general insurance operations of American International Group, Inc. For additional information, please visit our website at All products and services are written or provided by subsidiaries or affiliates of American International Group, Inc. Products or services may not be available in all countries, and coverage is subject to actual policy language. Non-insurance products and services may be provided by independent third parties. Certain property-casualty coverages may be provided by a surplus lines insurer. Surplus lines insurers do not generally participate in state guaranty funds, and insureds are therefore not protected by such funds. Apple, the Apple logo, iphone and ipad are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Android and Google Play are trademarks of Google Inc. 11

Similar documents
2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback | Do Not Sell My Personal Information