Allianz Global Corporate & Specialty. Cyber Risks. Recent Trends. AIRMIC 15 th June 2015



Similar documents
Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

CSR Breach Reporting Service Frequently Asked Questions

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Identity Theft Security and Compliance: Issues for Business

Cyber Insurance Presentation

Cyber/ Network Security. FINEX Global

Mitigating and managing cyber risk: ten issues to consider

Data Breach and Senior Living Communities May 29, 2015

2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage

How To Cover A Data Breach In The European Market

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

Cyber-Crime Protection

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

cyber invasions cyber risk insurance AFP Exchange

Cybercrime: risks, penalties and prevention

THE ANATOMY OF A CYBER POLICY. Jamie Monck-Mason & Andrew Hill

Network Security & Privacy Landscape

Managing Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal

CYBER & PRIVACY LIABILITY INSURANCE GUIDE

Cyber Threats: Exposures and Breach Costs

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Managing Cyber Risk through Insurance

Cyber-insurance: Understanding Your Risks

How To Protect Your Data From Hackers

Cyber Risks and Insurance Solutions Malaysia, November 2013

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach

Cyber Security - What Would a Breach Really Mean for your Business?

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

The potential legal consequences of a personal data breach

CYBER RISK SECURITY, NETWORK & PRIVACY

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group Ext. 7029

Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for?

Understanding the Business Risk

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Rogers Insurance Client Presentation

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem.

Cyber Risk Insurance for Agents. Frequently Asked Questions

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Cyber Insurance: How to Investigate the Right Coverage for Your Company

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

DATA AND PAYMENT SECURITY PART 1

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA Toll Free: (877) IRON411

Cyber and data Policy wording

Insurance implications for Cyber Threats

Securing Critical Information Assets: A Business Case for Managed Security Services

WFG Title Agents Insurance Program wfgagents.usi.biz

Why Encryption is Essential to the Safety of Your Business

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Cyber Liability Insurance: It May Surprise You

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Cybersecurity Issues for Community Banks

Embracing Cyber Risk: Insurance Solutions

An Introduction to Cyber Liability Insurance. Catherine Berry Senior Underwriter

I ve been breached! Now what?

Joe A. Ramirez Catherine Crane

What would you do if your agency had a data breach?

Data Privacy & Security: Essential Questions Every Business Must Ask

Security Risk Management Strategy in a Mobile and Consumerised World

Maritime Insurance Cyber Security Framing the Exposure. Tony Cowie May 2015

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

PCL2\ \1 CYBER RISKS: RISK MANAGEMENT STRATEGIES

CYBER SECURITY SPECIALREPORT

Cybersecurity Workshop

How-To Guide: Cyber Security. Content Provided by

Data Privacy, Security, and Risk Management in the Cloud

Data and Cyber Laws Up-date 9 July 2015

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

Discussion on Network Security & Privacy Liability Exposures and Insurance

CYBER LIABILITY INSURANCE

CYBER/ NETWORK SECURITY

Transcription:

Allianz Global Corporate & Specialty Cyber Risks Recent Trends AIRMIC 15 th June 2015 Copyright Allianz Global Corporate & Specialty 2014 1

Copyright Allianz Global Corporate & Specialty 2014 2

Allianz Global Corporate & Specialty Cyber Risks Recent Trends AIRMIC 15 th June 2015 Copyright Allianz Global Corporate & Specialty 2014 3

Legislation & Regulation DPA 1998 (Data Protection Act) implementing the Data Protection Directive (95/46/EC) PECR 2003 (Privacy and Electronic Communications Regulations) Published guidance from the ICO in respect of the obligations imposed by legislation. HIPAA (Health Insurance Portability and Accountability Act) COPPA (Children s Online Privacy Protection Act) GLBA (Gramm Leach Bliley Act) FCRA (Fair Credit Reporting Act). As of January 2013; 46 States have enacted notification laws involving security breaches of personal information. Main piece of legislation on the horizon is the Data Protection Regulation/Directive which will replace the existing Data Protection Directive. GDPR proposes up to 5% of global t/o as a fine 4

Exercise 1 Within your groups identify the main risks/exposures to your organisations from a cyber incident*. Select a spokesperson to present these. *a cyber incident can be an attack (external or internal), internal errors and omissions or indeed unexpected technical failures. 5

What are the risks? Data loss Business Interruption Property damage Extortion Theft Identity theft Reputational damage IPR loss of trade secrets and confidential information

What are the risks? Regulatory actions and associated fines and penalties (inc. PCI fines) Breach of contract (E&O) Product recall Terrorism Notification costs and other response costs Forensic IT costs Media liability Network security liability D&O liability

Cyber Threats Source: Threat Landscape: European Network and Information Security Agency The different types of threat posed by cyber criminals are nearly all increasing. When the threats are mapped to emerging areas of technology the picture becomes very concerning; In 2012 the first drive-bydownload for the Android OS was spotted so in addition to PC s this is now a threat for mobile devices as well. Cloud computing concentrates large numbers of users and huge amounts of data on a small number of logical locations, the attractiveness for criminals is obvious.

Exercise 2 Within your groups determine where the risks/exposures you identified are covered by insurance. Select a spokesperson to present these.

Potential Insurance Solutions Risks Data loss Business Interruption Property damage Extortion Theft Identity theft Reputational damage IPR loss of trade secrets and confidential information Regulatory actions and associated fines and penalties (inc. PCI fines) Cyber Insurance Solutions Y Cyber (& maybe E&O) Y Cyber (non physical damage BI) N cover in property policy? Y Cyber (& KR&E) Y Cyber (& Commercial Crime) Y Cyber (& IDT policy) Y Cyber limited cover (& Reputational policy) Y Cyber limited cover (E&O & IPR policy) Y Cyber(potentially E&O)

Potential Insurance Solutions Risks Breach of contract (E&O) Product recall Terrorism Notification costs and other response costs Forensic IT costs Media liability Network security liability D&O liability Cyber Insurance Solutions N (E&O policy) (Cyber partially) N (PL policy) Y (not physical damage though) Y (may also be covered in a E&O policy) Y (may also be covered in a E&O policy) Y (E&O potentially & Media liability policy) Y (E&O potentially) N (maybe under D&O)

Incidents Vodafone Germany hack hits two million customers German steel mill attacked causing massive damage to a blast furnace American Airlines Flights Delayed After App Issues in Cockpit Thousands of American and United airlines accounts hacked, with thieves booking dozens of free trips

Incidents Orange Suffers Data Breach Again, 1.3 Million Affected Morrisons employee arrested following data breach involving details of 100k staff British Gas Help Twitter account hacked, customers pointed towards phishing sites

Incidents Information Commissioner s Office Suffers Data Security Breach Massive Paddy Power hack: nearly 650,000 customers records stolen Syrian Electronic Army attack on Gigya affects Telegraph, Independent, Evening Standard

BACK UP SLIDES Copyright AGCS 15

Risk Management Most cyber fraud can be prevented by good risk management, indeed the GCHQ report on cyber security estimates up to 80% of attacks can be prevented by basic information risk management. 10 Steps To Cyber Security CESG (The information security arm of GCHQ) Copyright AGCS 16