THE C/EO PERSPECTIVE: WHAT YOU DON T KNOW WILL HURT YOU
|
|
- Darcy Walsh
- 7 years ago
- Views:
Transcription
1 THE C/EO PERSPECTIVE: WHAT YOU DON T KNOW WILL HURT YOU Cyber Liability in the Boardroom What you don t know will hurt you.
2 ABOUT JLT SPECIALTY JLT Specialty Insurance Services is the U.S. platform of JLT Group, the leading specialty business advisory firm. Our experts have deep industry and product experience serving the leading U.S. and global firms. Our client proposition is built upon our specialist knowledge, client advocacy, tailored advice and service excellence. Our culture reinforces the value of our people with teamwork and collaboration. Together, we place our clients first, champion independent thinking and expect to be judged on the results we deliver. ABOUT C/EO A key component of JLT Specialty s recent expansion of its US operations has been the formation of the Cyber and E&O Practice (C/EO), a team of motivated and skilled people who bring a wealth of experience in complex cyber and E&O placements and a proven track record of success in working with clients of all sizes. They are committed to growing a specialty business in the US market and are aligned with JLT Group s client-first culture and entrepreneurial drive. We pride ourselves on a pragmatic approach that leverages the Cyber and E&O Practitioners deep industry and product knowledge. This starts with an interactive exposure identification and priority discussion. We then transform this discussion into a risk transfer solution strategy, including proposed coverages, insurer partners and execution timeline.
3 The C/EO Perspective: What You Don t Know Will Hurt You 1 CYBER LIABILITY IN THE BOARDROOM When a company becomes the victim of a cyber breach, naturally fingers point in all directions the Chief Information Security Officer (if there is one) or the IT department in general; third party vendors that may have acted as an initial point of contact; foreign governments that have gained a reputation for hacking into competing companies; the Board. Wait the Board of Directors? Until recently, board accountability following a cyber breach was merely theoretical. In an ever evolving legal and regulatory environment, various theories of negligence and fault have been tested, in many cases unsuccessfully. The latest trend, however, puts even the Board at risk for liability stemming from a failure to protect their customers personal and financial information. Wyndham Worldwide has kept itself in the news following three data breaches over a period of 22 months, beginning in April 2008, resulting in the compromise of 600,000 records a relatively small community of victims based on 2014 standards. But Wyndham has taken an unprecedented approach in challenging, not the merits of the allegations, but the authority of the entity bringing regulatory action against them, namely the FTC. Following the FTC investigation and subsequent legal action, shareholders demanded, on two separate occasions, that the Board file suit against Wyndham officers for employing inadequate security controls. After the Board declined to bring suit a second time, the shareholder filed a derivative suit in February Ultimately, the court dismissed the suit with prejudice on the basis that the Board had conducted their due diligence and acted in the best interest of Wyndham. Though the Wyndham derivative suit was unsuccessful, it affirms the growing responsibility of the Board to actively engage in cyber security implementation. Wyndham was successful in dismissing the suit primarily because they had strong evidence to suggest that they were active in the breach response and cyber security conversation. How many Boards are employing the same due diligence before a breach occurs? With complex cyber issues threatening businesses of all sizes and sectors on a daily basis cited as 97% of all companies currently being hacked by FireEye CEO Dave DeWalt during a recent 60 Minutes segment - ignorance or lack of action is no longer a defense, and in fact, can expose a Board to liability. The failed derivative suit also acts as another example of how an established breach response plan, including third party assistance, can be the best defense against future liability. In another example, Heartland Payment Systems suffered a breach of a whopping 130 million records, discovered in early 2009, which is still considered to be the largest breach based on record count. Following disclosure of the breach, Heartland s stock plummeted 80%, prompting securities class action litigation. Though this suit was also dismissed for failing to meeting the pleading standards, it was aggressive in alleging that Heartland had made fraudulent statements during a 2008 earnings call, ultimately misleading investors regarding the state of their security controls. Nearly five years after the Heartland breach, and more than ten years since the first dedicated cyber insurance product was introduced, underwriters will candidly admit that they are still refining the questions and tools necessary to adequately evaluate exposure through a dedicated cyber underwriting effort, much less via the D&O placement, which in many cases has been a continuous renewal for several years. The SEC s attempt to incorporate clarity in financial statements regarding cyber security measures has actually done little to inform investors and other interested parties into the granular details necessary to assess a company s security measures.
4 2 The C/EO Perspective: What You Don t Know Will Hurt You According to the 2014 EY Global Information Security Survey, the second most critical, but overlooked foundational requirement of an organization without proper cyber security integration is to Get Board-level support for a security transformation. Redefine cybersecurity governance, e.g., realigning cybersecurity outside of the IT function and ensuring that the Board understands processes. Put another way, EY views Board support and collaboration to be as important as, and specifically, a fundamental principal along with, more commonly recognized practices like penetration testing, risk assessment and road mapping, continuity and incident response plans. Despite the dismissals, the Wyndham and Heartland lawsuits illustrate the potential litigation exposure arising out of a cyber breach to not only the company and its directors and officers, but also to its D&O insurers. Whereas coverage for the company under a public company D&O program is generally limited to claims alleging violations of securities laws, the scope of coverage for individual directors and officers (defendants in derivative litigation) is much broader. A D&O program, if properly negotiated, should protect the individuals for derivative litigation arising out of a cyber breach. Furthering the concern of D&O insurers, many jurisdictions questions to be asked of insureds and potential insureds at each placement. Underwriters will want to discuss the company s strategy to understand and mitigate the risk associated with a cyber breach as well as the role of the directors and officers in developing and reviewing that strategy. As is frequently the case with specialty insurance products where policy language and carrier appetite vary widely, no Insured should assume that all risks associated with a cyber breach are affirmatively covered. While a dedicated cyber policy should respond to many of the first and third party losses associated with a breach (if properly negotiated), the D&O policy should also be reviewed to ensure affirmative response to suits against the directors and officers resulting from a breach. Following Target s acknowledgement of their massive data breach in December 2013, two derivative suits were filed in January The suits allege Breach of Fiduciary Duty, Waste of Corporate Assets, Gross Mismanagement and Abuse of Control. Shareholders specifically allege that directors and officers failed to properly oversee Target s business and operations. Based on FireEye s assertion of 97% of all companies being breached, is any Board in a position to properly oversee their company s business preclude corporate indemnification for settlements and judgments resulting from derivative litigation implicating the Side A (non-indemnifiable loss) insuring agreement of the D&O program, eliminating the retention and putting the insurer s limit at greater risk. In light of this emerging exposure, D&O insurers are taking notice and companies should be prepared to address questions related to the firm s cyber exposure as part of the D&O Liability insurance renewal process - some insurers have even formalized a set of cyber security-related and operations? Based on The Global State of Information Security Survey 2015 conducted by PwC, only 42% of respondents confirm that the board is active in the security strategy, and only a quarter review current security and privacy risks. When less than half of these boards are involved in the security conversation, how can they adequately defend their ability to properly oversee businesses and operations? At the time of this publication, Sony has spent over a month as the leading cyber breach story, finding itself in the midst of a cyber security and
5 The C/EO Perspective: What You Don t Know Will Hurt You 3 Public Relations nightmare, with no foreseeable end in sight. Déjà vu all over again? Sony was on the receiving end of multiple targeted attacks by hacktivists in 2011, casting a lasting negative light, not only due to their response, but the actions that led to the retaliatory attacks. Three years later, Sony can t seem to exit the spotlight nor the rhetorical question of did they learn nothing the first time? More troublesome then finding yourself as the victim of a cyber attack is finding yourself in that situation again. As the release of information by the attackers, calling themselves Guardians of Peace slowing, and the modified, but no less controversial release of the film at the heart of the attack having come and gone to earn much lower revenue figures than originally forecast, the next phase of the conversation is speculation as to the types of losses Sony is likely facing now, and likely to face in the future. To date, Sony has been named in four suits, one of which filed by two former employees in federal court alleges that Sony failed to secure its computer systems, servers and databases because Sony made a business decision to accept the risk of losses associated with being hacked. Though Sony s own s obtained and released by the hackers seem to support the claim that their controls were lackluster and demonstrate some warnings from their IT department and others, this specific allegation begs the question of whether a company s choice to accept the financial and reputational risk associated with a cyber breach introduces a new theory of liability. If Sony s decision makers were aware of the risk but chose to assume it, does that mean that the decision makers at 97% of companies that are purportedly currently being hacked, or those that choose not to insure the financial aspect of a cyber breach are breaching their Fiduciary Duty, or failing to properly oversee their business and operations? Included in the list of suits that Sony is likely to face in the future is shareholder litigation as a result of the low revenue figures earned from the film s modified release. Sony s share price took a rather large tumble in 2011 resulting from the hacktivist attack, and though no shareholder suit followed, based on recent activity and expectations of accountability, the Board should be prepared to defend their ability to properly oversee their business and operations, even more so because of the 2011 breach. So, what is a Board to do when they can t cross their fingers and hope to be part of the 3% of companies that have somehow eluded the threat of cyber criminals to date? Despite much of the litigation against directors and officers pending, and others unsuccessfully testing various theories, it is clear that preparedness, or lack thereof, is a common theme among the suits. Boards need to take an active role in the ongoing responsibility of cyber security, which goes far beyond simply trying to prevent intrusions. Minimizing the information that can leave the organization, knowing how the company will respond once an incident occurs, and ensuring that they have taken all reasonable and appropriate measures to minimize the harm not only to the customer or individuals whose information may be at risk, but now the shareholders, too. JLT s Cyber Liability and D&O experts are well versed in this emerging exposure and welcome the opportunity to engage in additional dialogue. The C/EO team utilizes a defined, pragmatic approach in order to evaluate cyber liability exposures and craft a customized policy to meet the insured s specific needs. Part of that process includes the evaluation of ancillary policies and coverage that could be impacted in the event of a cyberattack. JLT s experienced D&O brokers work in conjunction with the attorneys in our dedicated Legal & Claims Practice and the C/EO team to conduct a gap analysis on the existing D&O program, remediate coverage deficiencies, ensure coordination between the D&O and Cyber Liability programs and maximize protection for both personal and corporate assets. If you d like to discuss how your company can coordinate and contain your cyber liability exposures among your various insurance policies or otherwise, please don t hesitate to contact the brokers at JLT Specialty.
6 FOR D&O INQUIRIES WILLIAM KROUPA Vice President, JLT Specialty Insurance Services, Inc. Financial Lines Group FOR CYBER INQUIRIES SHANNON GROEBER Senior Vice President JLT Specialty Insurance Services, Inc. Cyber/E&O JLT Specialty Insurance Services, Inc. Centre Square East 1500 Market Street Philadelphia, PA Tel Lloyd s Broker. Authorised and regulated by the Financial Conduct Authority. A member of the Jardine Lloyd Thompson Group. Registered Office: The St Botolph Building, 138 Houndsditch, London EC3A 7AW. Registered in England No VAT No December 2014 xxxxxx
EMERGING CYBER RISK CYBER ATTACKS AND PROPERTY DAMAGE: WILL INSURANCE RESPOND?
EMERGING CYBER RISK CYBER ATTACKS AND PROPERTY DAMAGE: WILL INSURANCE RESPOND? ABOUT JLT SPECIALTY JLT Specialty Insurance Services is the U.S. platform of JLT Group, the leading specialty business adivsory
More informationCyber Risks Connect With Directors and Officers
Cyber Risks Connect With Directors and Officers Implications of the New SEC Guidance on Cyber Security February 2012 Lockton Companies, LLC The Securities and Exchange Commission (SEC) has changed the
More informationCLASS ACTION DATA BREACH LITIGATION: IS THE TIDE TURNING IN PLANTIFFS FAVOR?
CLASS ACTION DATA BREACH LITIGATION: IS THE TIDE TURNING IN PLANTIFFS FAVOR? These days, it is rare to turn on the news and not hear about a new data breach affecting U.S. companies and consumers. In fact,
More informationRISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION
RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former
More informationReducing Cyber Risk in Your Organization
Reducing Cyber Risk in Your Organization White Paper 2016 The First Step to Reducing Cyber Risk Understanding Your Cyber Assets With nearly 80,000 cyber security incidents worldwide in 2014 and more than
More informationCYBER LIABILITY RISKS SEMINAR Programme overview. THURSDAY 1 OCTOBER 2015 8.30am 1.00pm Green Park Conference Centre, Reading
CYBER LIABILITY RISKS SEMINAR Programme overview THURSDAY 1 OCTOBER 2015 8.30am 1.00pm Green Park Conference Centre, Reading JLT Specialty (JLT) would like to invite you to a highly informative technical
More informationJoe A. Ramirez Catherine Crane
RIMS/RMAFP PRESENTATION Joe A. Ramirez Catherine Crane RISK TRANSFER VIA INSURANCE Most Common Method Involves Assessment of Risk and Loss Potential Risk of Loss Transferred For a Premium Insurance Contract
More informationOctober 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches
October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title
More informationEliminating the Prohibition Against General Solicitation and General Advertising in Rule 506 and Rule 144A Offerings File No.
Eliminating the Prohibition Against General Solicitation and General Advertising in Rule 506 and Rule 144A Offerings File No.: S7-07-12 Comments to Securities and Exchange Commission Regarding General
More informationHOW DID NETWORK SECURITY AND PRIVACY ISSUES BECOME D&O EXPOSURES?
HOW DID NETWORK SECURITY AND PRIVACY ISSUES BECOME D&O EXPOSURES? MODERATOR: Richard J. Bortnick, Esq., Defense Attorney, Cozen O Connor PANELISTS: Anjali Das, MBA, Esq., Partner, Wilson Elser Moskowitz
More informationUNDERSTANDING INSURANCE OPTIONS For Early Stage Hedge Funds. Leading by Performance
UNDERSTANDING INSURANCE OPTIONS For Early Stage Hedge Funds Leading by Performance JLT: Understanding insurance options for Early Stage Hedge Funds INSURANCE NEED NOT BE TIME CONSUMING NOR CONFUSING As
More informationDelaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP
Changing Legal Landscape in Cybersecurity: Implications for Business Delaware Cyber Security Workshop September 29, 2015 William R. Denny, Esquire Potter Anderson & Corroon LLP Agenda Growing Cyber Threats
More informationWILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES
WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES This special report examines the cyber risk disclosures made by the retail sector of the Fortune 1000.
More informationJLT Specialty Limited is a member of the Jardine Lloyd Thompson Group of companies. Jardine Lloyd Thompson Group plc is an international group of
JLT Specialty Limited is a member of the Jardine Lloyd Thompson Group of companies. Jardine Lloyd Thompson Group plc is an international group of Risk Specialists and Employee Benefits Consultants. Listed
More informationCybersecurity y Managing g the Risks
Cybersecurity y Managing g the Risks Presented by: Steven L. Caponi Jennifer Daniels Gregory F. Linsin 99 Cybersecurity The Risks Are Real Perpetrators are as varied as their goals Organized Crime: seeking
More informationCYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison
CYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison Gary Solway* Bennett Jones LLP The August release of the purported names and other details of over 35 million customers
More informationGALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability
GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the
More informationData Privacy and Cybersecurity Task Force
Data Privacy and Cybersecurity Task Force key contact Josephine Cicchetti Shareholder T: 202.965.8162 F: 202.965.8104 email We provide clients across industries with comprehensive counsel on complex, evolving,
More informationManaging Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal
Managing Cyber Threats Risk Management & Insurance Solutions Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal Overview Recent Trends and Loss Exposures Risk Management Strategies
More informationTen Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder
Ten Questions Your Board Should be asking about Cyber Security Eric M. Wright, Shareholder Eric Wright, CPA, CITP Started my career with Schneider Downs in 1983. Responsible for all IT audit and system
More informationUNDERSTANDING INSURANCE OPTIONS For start-up Hedge Funds. Tailor made advice
UNDERSTANDING INSURANCE OPTIONS For start-up Hedge Funds Tailor made advice JLT: Understanding insurance options for start-up Hedge Funds INSURANCE DOESN T HAVE TO BE CONFUSING OR TIME CONSUMING As Hedge
More informationWhat are the main liability policies you should consider for your commercial business?
A PUBLICATION BY: GODFREY MORROW GODFREY INSURANCE MORROW AND INSURANCE FINANCIAL AND SERVICES FINANCIAL LTD. SERVICES LTD. 2012 What are the main liability policies you should consider for your commercial
More informationDiscussion on Network Security & Privacy Liability Exposures and Insurance
Discussion on Network Security & Privacy Liability Exposures and Insurance Presented By: Kevin Violette Errors & Omissions Senior Broker, R.T. Specialty, LLC February, 25 2014 HFMA Washington-Alaska Chapter
More informationCurrent trends in D&O liability and insurance in the United States. Kevin M. LaCroix, Executive Vice President, RT Pro Exec and Author, The D&O Diary
Current trends in D&O liability and insurance in the United States Kevin M. LaCroix, Executive Vice President, RT Pro Exec and Author, The D&O Diary Outline Key differences between US and Australian litigation
More informationCyber Security Evolved
Cyber Security Evolved Aware Cyber threats are many, varied and always evolving Being aware is knowing what is going on so you can figure out what to do. The challenge is to know which cyber threats are
More informationCyber/ Network Security. FINEX Global
Cyber/ Network Security FINEX Global ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over
More informationBig Data As a Threat? An Alternative Approach to Cybersecurity
Big Data As a Threat? An Alternative Approach to Cybersecurity February 11, 2015 Brian Finch, Pillsbury Winthrop Shaw Pittman Brian Fox, PwC Pillsbury Winthrop Shaw Pittman LLP Data Breaches and Cyber
More informationNewsletter No. 194 (EN) Directors and Officers (D&O) Liability Insurance in Hong Kong
Newsletter No. 194 (EN) Directors and Officers (D&O) Liability Insurance in Hong Kong December 2015 All r ig ht s r e ser ved Lo r e nz & P art ner s 2015 Although Lorenz & Partners always pays great attention
More informationCyber Security: Not if, but when...
Cyber Security: Not if, but when... Gerry Stegmaier Partner, Privacy and Data Security, Goodwin Procter Paul Luehr Managing Director & Chief Privacy Officer, Stroz Friedberg June 2015 Costs of Data Breaches
More informationPRIORITIZING CYBERSECURITY
April 2016 PRIORITIZING CYBERSECURITY Five Investor Questions for Portfolio Company Boards Foreword As the frequency and severity of cyber attacks against global businesses continue to escalate, both companies
More informationM&A insurance applications and opportunities
realestate RealEstate REAL ESTATE TECHNICAL AND LEGAL BULLETIN NOVEMBER 2013 M&A insurance applications and opportunities In the past, insurance has been used to solve a problem on a deal often as a last
More informationBE ON GUARD. Understanding the Executive Liability Risks That Can Threaten Your Biotechnology Company
Presented by BIO, Monitor Liability Managers, LLC and William Gallagher Associates BE ON GUARD Understanding the Executive Liability Risks That Can Threaten Your Biotechnology Company Serge Adam, AVP Claims
More informationINVESTMENT MANAGEMENT. Investment Management Services
INVESTMENT MANAGEMENT Investment Management Services World class team JLT Investment Solutions employs over 60 people. Our entire focus is on investing our clients money. We are based in Exeter, Bournemouth,
More informationHow to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised
ACE USA Podcast Released June 24, 2010 How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised Moderator: Richard Tallo Senior Vice President, ACE North America Marketing
More informationCYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS
CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS 1 As regulators around the world move to tighten compliance requirements for financial institutions, improvement in cyber security controls will become
More informationCyber Insurance in an Evolving Liability Landscape: Informed, Strategic Expectations Monday, February 29, 2016 2:00pm 3:00pm
Cyber Insurance in an Evolving Liability Landscape: Informed, Strategic Expectations Monday, February 29, 2016 2:00pm 3:00pm Kimberly B. Holmes, Esq., RPLU VP, Product Development, Chief Underwriting Office
More informationInformation Security & Negligence Targeting the C-Class
Information Security & Negligence Targeting the C-Class By Carter Schoenberg Numerous recommendations since September 11, 2001 have been published on the evils of negligence relative to protecting one
More informationPRIVATE COMPANY MANAGEMENT LIABILITY INSURANCE COVERAGE INCONSISTENCIES
PRIVATE COMPANY MANAGEMENT LIABILITY INSURANCE COVERAGE INCONSISTENCIES The private company management liability insurance industry continues to evolve. While the number of insurers participating in the
More informationConnecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm
Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom kpmg.bm Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom 1 Connecting the dots:
More informationCyber Risk: Global Warning? by Cinzia Altomare, Gen Re
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in
More informationCoverage is subject to a Deductible
Frank Cowan Company Limited 75 Main Street North, Princeton, ON N0J 1V0 Phone: 519-458-4331 Fax: 519-458-4366 Toll Free: 1-800-265-4000 www.frankcowan.com CYBER RISK INSURANCE DETAILED APPLICATION Notes:
More informationIncreased Regulatory Focus on Cybersecurity Underscores Need for Public Companies to Review Cybersecurity-Related Disclosures
Increased Regulatory Focus on Cybersecurity Underscores Need for Public Companies to Review Cybersecurity-Related Disclosures March 11, 2014 I. RECENT FOCUS ON CYBERSECURITY As a result of recent highly-publicized
More informationDragonshield Proposal Form Broad Form Management Liability Insurance
AIG Insurance Hong Kong Limited Dragonshield Proposal Form Broad Form Management Liability Insurance Notices: In underwriting your application for coverage, the insurer will rely upon the accuracy and
More informationData breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC
Data breach! cyber and privacy risks Brian Wright Michael Guidry Lloyd Guidry LLC Collaborative approach Objective: To develop your understanding of a data breach, and risk transfer options to help you
More informationProtecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks
Protecting Your Assets: How To Safeguard Your Fund Against Cyber Security Attacks Hacks, breaches, stolen data, trade secrets hijacked, privacy violated, ransom demands made; how can you protect your data
More informationCYBER BRIEF A SEMI-ANNUAL PUBLICATION FROM YOUR WNA FINEX CLAIM & LEGAL GROUP
www.willis.com CYBER BRIEF A SEMI-ANNUAL PUBLICATION FROM YOUR WNA FINEX CLAIM & LEGAL GROUP INSIDE THIS EDITION... CYBER CLAIMS LANDSCAPE A SAMPLING OF LARGE CYBER SETTLEMENTS LEGAL SPOTLIGHT, PRIVILEGE
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationRogers Insurance Client Presentation
Rogers Insurance Client Presentation Network Security and Privacy Breach Insurance Presented by Matthew Davies Director Professional, Media & Cyber Liability Chubb Insurance Company of Canada mdavies@chubb.com
More informationWILLIS SPECIAL REPORT: 10K DISCLOSURES HOW TECHNOLOGY AND TELECOM COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES
WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW TECHNOLOGY AND TELECOM COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES This special report examines the cyber risk disclosures made by the technology and telecommunications
More informationCyberSecurity for Law Firms
CyberSecurity for Law Firms Cracking the Cyber Code: Recent Headlines, Reinforcing the Need and Response Planning July 16, 2013 Making the Case Matthew Magner Senior Underwriting Officer Chubb & Son, a
More informationBT Assure Threat Intelligence
BT Assure Threat Intelligence Providing you with the intelligence to help keep your organisation safe BT Assure. Security that matters At all times, organisations are vulnerable to all kinds of cyber attacks
More informationenergy JLT Specialty Limited Demand Different
energy JLT Specialty Limited Demand Different JLT Specialty Limited Putting clients first JLT Specialty s Energy Division is recognised as a leading energy broker worldwide. In 2012, JLT Group placed more
More informationWhite Paper on Financial Industry Regulatory Climate
White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during
More informationrisk management & crisis response Building a Proactive Risk Management Program
October 2014 risk management & crisis response Building a Proactive Risk Management Program Increasingly, businesses face a myriad of issues that expose them and their officers and directors to litigation,
More informationCGI Cyber Risk Advisory and Management Services for Insurers
CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their
More informationInsurance for Data Breaches in the Hospitality Industry
The Academy of Hospitality Industry Attorneys The Pl Palmer House Hilton Chicago, IL April 25, 2014 Insurance for Data Breaches in the Hospitality Industry Presenters: David P. Bender, Jr. dbender@andersonkill.com
More informationCRISIS MANAGEMENT: Practice Series. The Economy, Security and Coping with the Unexpected. Anton R. Valukas. Robert R. Stauffer. Thomas P.
Practice Series CRISIS MANAGEMENT: The Economy, Security and Coping with the Unexpected Anton R. Valukas Robert R. Stauffer Thomas P. Monroe 2002 JENNER & BLOCK, LLC ALL RIGHTS RESERVED Offices One IBM
More informationAnatomy of a Hotel Breach
Page 1 of 6 Anatomy of a Hotel Breach Written by Sandy B. Garfinkel Monday, 09 June 2014 15:22 Like 0 Tweet 0 0 Data breach incidents have dominated the news in 2014, and they are only becoming more frequent
More informationPosted by David A. Katz, Wachtell, Lipton, Rosen & Katz, on Sunday December 16, 2012 at 10:20 am
1 of 7 5/8/2014 7:34 PM Posted by David A. Katz, Wachtell, Lipton, Rosen & Katz, on Sunday December 16, 2012 at 10:20 am Editor s Note: David A. Katz is a partner at Wachtell, Lipton, Rosen & Katz specializing
More informationThe Financial Insurance Guide for Investment Advisors
ESTABLISHED 1957 The Financial Insurance Guide for Investment Advisors Asset management firms require a special expertise in insurance product design and placement. Investment Advisors need to be concerned
More informationHow To Get A Security Insurance Policy From Jlt.Com
Introduction to Kidnap+ Ransom Insurance Introduction Today s world has seen a number of factors combining to shape an ever-changing investment environment - especially in emerging markets. This backdrop
More informationIntroduction to Medical Malpractice Insurance
William Gallagher Associates Introduction to Medical Malpractice Insurance What is Medical Malpractice Insurance? Insurance, in general, is the practice of sharing your risk with a large number of individuals
More informationCybersecurity. Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048
Cybersecurity Shamoil T. Shipchandler Partner, Bracewell & Giuliani LLP 214.758.1048 Setting expectations Are you susceptible to a data breach? October 7, 2014 Setting expectations Victim Perpetrator
More informationData security: A growing liability threat
Data security: A growing liability threat Data security breaches occur with alarming frequency in today s technology-laden world. Even a comparatively moderate breach can cost a company millions of dollars
More informationFINRA Publishes its 2015 Report on Cybersecurity Practices
Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February
More informationReducing Risk. Raising Expectations. CyberRisk and Professional Liability
Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today
More informationCyber-insurance: Understanding Your Risks
Cyber-insurance: Understanding Your Risks Cyber-insurance represents a complete paradigm shift. The assessment of real risks becomes a critical part of the analysis. This article will seek to provide some
More informationOur specialist insurance services for Professionals risks
Our specialist insurance services for Professionals risks Price Forbes & Partners is an independent Lloyd s broker based in the heart of London s insurance sector. We trade with all of the major international
More informationTools Conference Toronto November 26, 2014 Insurance for NFP s. Presented by Paul Spark HUB International HKMB Limited
Tools Conference Toronto November 26, 2014 Insurance for NFP s Presented by Paul Spark HUB International HKMB Limited Topics Insurance Policies Basics Directors and Officers Liability Insurance Commercial
More informationCYBERSECURITY: Is Your Business Ready?
CYBERSECURITY: Is Your Business Ready? Cybersecurity: Is your business ready? Cyber risk is just like any other corporate risk and it must be managed from the top. An organization will spend time monitoring
More informationCybersecurity Developments and the Growing Role of Senior Executives and Directors
Cybersecurity Developments and the Growing Role of Senior Executives and Directors From the 2013 Target Corporation breach to this year s attacks on Primera Blue Cross and American Airlines Group Inc.,
More information7 Steps to Protect Your Company from a Data Breach
7 Steps to Protect Your Company from a Data Breach August 11, 2015 Michael Pinna and Stuart Nussbaum Millions of government personnel files were recently compromised as part of a malicious hacking of the
More informationTHE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS
THE DIGITAL AGE THE DEFINITIVE CYBERSECURITY GUIDE FOR DIRECTORS AND OFFICERS Download the entire guide and follow the conversation at SecurityRoundtable.org Investment in cyber insurance Lockton Companies
More informationHelping you protect your good intentions
School Foundation Insurance Program TM School Foundation Insurance Program Liability Coverage Helping you protect your good intentions Coverage for Directors, Officers, Trustees, Employees & Volunteers
More informationInsurance Coverage During the Economic Crisis. by Bianca R. Chapman and Marc Rosenthal
Insurance Coverage During the Economic Crisis by Bianca R. Chapman and Marc Rosenthal The current financial crisis has resulted in unprecedented market volatility, credit concerns, market losses and bankruptcies
More informationCommon Mistakes Made With Real Estate Errors and Omissions Insurance. Gallagher Real Estate & Hospitality
Common Mistakes Made With Real Estate Errors and Omissions Insurance Gallagher Real Estate & Hospitality MARCH 2015 Common Mistakes Made With Real Estate Errors and Omissions Insurance Complex real estate
More informationHow To Protect Your Cybersecurity From Cyber Incidents
SEC ENFORCEMENT The SEC s Two Primary Theories in Cybersecurity Enforcement Actions By Daniel F. Schubert, Jonathan G. Cedarbaum and Leah Schloss WilmerHale Cyber attacks are increasingly common and affect
More informationIAPP Global Privacy Summit 2014 The SEC and Cybersecurity: What Every Publicly Traded Company Must Know
IAPP Global Privacy Summit 2014 The SEC and Cybersecurity: What Every Publicly Traded Company Must Know Moderator: Elaine Wolff, Partner Corporate Finance and Securities Practice, Jenner & Block Mary Ellen
More informationALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage
ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage VENABLE LLP Attorneys at Law Washington, DC/New York/San Francisco/Los Angeles/Baltimore/Virginia/Delaware November
More informationIs Your Financial Institutions' Insurance Policy vulnerable to a cyber claim? Joan D Ambrosio, James Cooper and Kim West 22 January 2014
Is Your Financial Institutions' Insurance Policy vulnerable to a cyber claim? Joan D Ambrosio, James Cooper and Kim West 22 January 2014 Cyber Exposures Joan D Ambrosio Reported data breaches continue
More informationBOARD OF GOVERNORS MEETING JUNE 25, 2014
CYBER RISK UPDATE BOARD OF GOVERNORS MEETING JUNE 25, 2014 EXECUTIVE SUMMARY Cyber risk has become a major threat to organizations around the world, as highlighted in several well-publicized data breaches
More informationCyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014
Cyber Risk Checklist: Compliance with Legal Obligations Grand Rapids Cyber Security Conference April 23, 2014 2014, Mika Meyers Beckett & Jones PLC All Rights Reserved Presented by: Jennifer A. Puplava
More informationCybersecurity for Nonprofits: How to Protect Your Organization's Data While Still Fulfilling Your Mission. June 25, 2015
Cybersecurity for Nonprofits: How to Protect Your Organization's Data While Still Fulfilling Your Mission June 25, 2015 1 Your Panelists Kenneth L. Chernof Partner, Litigation, Arnold & Porter LLP Nicholas
More informationour promises. Our policies are Claims Management Highlights Panel Counsel Depth in Leadership. Trusted Partnership. Fold Fold
Our policies are our promises. Claims Management Highlights Efficient, effective and timely communications between the insured, the broker and the Ironshore claims department Expedited claims acknowledgment
More informationCYBER SECURITY SPECIALREPORT
CYBER SECURITY SPECIALREPORT 32 The RMA Journal February 2015 Copyright 2015 by RMA INSURANCE IS AN IMPORTANT TOOL IN CYBER RISK MITIGATION Shutterstock, Inc. The time to prepare for a potential cyber
More informationThe promise and pitfalls of cyber insurance January 2016
www.pwc.com/us/insurance The promise and pitfalls of cyber insurance January 2016 2 top issues The promise and pitfalls of cyber insurance Cyber insurance is a potentially huge but still largely untapped
More informationDefining the Gap: The Cybersecurity Governance Study
Defining the Gap: The Cybersecurity Governance Study Sponsored by Fidelis Cybersecurity Independently conducted by Ponemon Institute LLC Publication Date: June 2015 Ponemon Institute Research Report Defining
More informationSecurity Incident Response Process. Category: Information Security and Privacy. The Commonwealth of Pennsylvania
Security Incident Response Process Category: Information Security and Privacy The Commonwealth of Pennsylvania Executive Summary The Commonwealth of Pennsylvania is a trusted steward of citizen information.
More informationCYBER RISK SECURITY, NETWORK & PRIVACY
CYBER RISK SECURITY, NETWORK & PRIVACY CYBER SECURITY, NETWORK & PRIVACY In the ever-evolving technological landscape in which we live, our lives are dominated by technology. The development and widespread
More informationHow To Cover A Data Breach In The European Market
SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to
More informationCREDIT, POLITICAL & SECURITY RISKS ANALYTICS & CONSULTANCY. Protecting business and securing opportunity
CREDIT, POLITICAL & SECURITY RISKS ANALYTICS & CONSULTANCY Protecting business and securing opportunity CREDIT, POLITICAL & SECURITY RISKS CONSULTANCY Protecting business and securing opportunity INTRODUCTION
More informationWritten Testimony of Michael Menapace. Sen. Jerry Moran, Sen. Blumenthal, and other members of the Subcommittee -
Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security Hearing entitled Examining the Evolving Cyber Insurance Marketplace. Thursday, March 19, 2015 Written Testimony of Michael
More informationDIRECTORS & OFFICERS LIABILITY INSURANCE
DIRECTORS & OFFICERS LIABILITY INSURANCE INTRODUCTION C or p or ate indemni cation and insurance policies designed to protect D i r e c t o r s a n d c e r s ( D & O s ) a r e complex technical documents.
More informationWhat Data? I m A Trucking Company!
What Data? I m A Trucking Company! Presented by: Marc C. Tucker 434 Fayetteville Street, Suite 2800 Raleigh, NC, 27601 919.755.8713 marc.tucker@smithmoorelaw.com Presented by: Rob D. Moseley, Jr. 2 West
More informationIn an ever changing business and social environment it has become increasingly
DIRECTORS AND OFFICERS INSURANCE ISSUES By: National Business Institute June 20, 2008 Howard L. Lieber FISHER KANARIS, P.C. 200 South Wacker Drive 22nd Floor Chicago, Illinois 60606 312/474-1400 In an
More informationOECD PROJECT ON CYBER RISK INSURANCE
OECD PROJECT ON CYBER RISK INSURANCE Introduction 1. Cyber risks pose a real threat to society and the economy, the recognition of which has been given increasingly wide media coverage in recent years.
More informationSharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So?
Sharing Cybersecurity Threat Info With the Government -- Should You Be Afraid To Do So? Bruce Heiman K&L Gates September 10, 2015 Bruce.Heiman@klgates.com (202) 661-3935 Why share information? Prevention
More informationHit ratios are still very low for Security & Privacy coverage: What are companies waiting for?
Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for? Authored by Neeraj Sahni and Tim Stapleton Neeraj Sahni is Director, Insurance Channel at Kroll Cyber Investigations
More informationVENDOR MANAGEMENT. General Overview
VENDOR MANAGEMENT General Overview With many organizations outsourcing services to other third-party entities, the issue of vendor management has become a noted topic in today s business world. Vendor
More informationCyber Exposure for Credit Unions
Cyber Exposure for Credit Unions What it is and how to protect yourself L O C K T O N 2 0 1 2 www.lockton.com Add Cyber Title Exposure Here Overview #1 financial risk for Credit Unions Average cost of
More information