Beazley Group Beazley Breach Response. A data breach isn t always a disaster Mishandling it is.



Similar documents
Privacy Rights Clearing House

The Data Breach: How to stay defensible before, during and after the incident. Alex Ricardo, CIPP/US Breach Response Services

THE DATA BREACH: How to stay defensible before, during and after the incident. after the incident.

The Data Breach: How to stay defensible before, during and after the incident. Alex Ricardo, CIPP/US Breach Response Services

The Future of Data Breach Risk Management Response and Recovery. The Cybersecurity Forum April 14, 2016

Cyber Liability & Data Breach Insurance Claims

Managing Your Cyber & Data Risk 2010 NTA Convention Montreal, Quebec

Data Breach and Senior Living Communities May 29, 2015

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd

erisks Policyholder s Guide to Privacy & Security Breach Response Planning

PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS

What would you do if your agency had a data breach?

How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised

Managing Cyber & Privacy Risks

WHITE PAPER KEEPING CLIENT AND EMPLOYEE DATA SECURE DRIVES REVENUE AND BUILDS TRUST PROTECTING THE PROTECTOR

2011 Data Breach Notifications Report

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Cyber Liability. Michael Cavanaugh, RPLU Vice President, Director of Production Apogee Insurance Group Ext. 7029

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

Cyber-Crime Protection

Network Security & Privacy Landscape

Cyber Liability. AlaHA Annual Meeting 2013

Beazley Claims. Service you can depend on

Data Breach and Cybersecurity: What Happens If You or Your Vendor Is Hacked

Cyber/Information Security Insurance. Pros / Cons and Facts to Consider

Implementing Electronic Medical Records (EMR): Mitigate Security Risks and Create Peace of Mind

Privacy and Data Breach Protection Modular application form

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

Network Security & Privacy Landscape

What Data? I m A Trucking Company!

Preparedness for Data Breach Events Inside and Outside Your Credit Union

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Data Breaches in the Government Sector. A Rapid7 Research Report

Don t Be a Victim to Data Breach Risks Protecting Your Organization From Data Breach and Privacy Risks

BOARD OF GOVERNORS MEETING JUNE 25, 2014

Understanding Professional Liability Insurance

WHITE PAPER BREACH, PRIVACY, AND CYBER COVERAGES: FACT AND FICTION CYBER COVERAGES

Mitigating and managing cyber risk: ten issues to consider

Brief. The BakerHostetler Data Security Incident Response Report 2015

Cyber Exposure for Credit Unions

PRIVACY BREACH MANAGEMENT POLICY

Cyber Liability. What School Districts Need to Know

Information Security Addressing Your Advanced Threats

Cyber and Data Security. Proposal form

DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Beazley presentation master

Hit ratios are still very low for Security & Privacy coverage: What are companies waiting for?

How To Implement Data Loss Prevention

Privacy Insurance. Avoiding the HMO Experience. cyber. More Differences. By Toby Merrill

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Cyber Liability & Data Breach Insurance Claims

The Evolution of Data Breaches

AB 1149 Compliance: Data Security Best Practices

Cyber-insurance: Understanding Your Risks

Cyber threat reality check GLOBAL TECHNOLOGY S RISK ADVISOR SERIES TURN RISK INTO ADVANTAGE THE THREAT IS GROWING IGNORING IT CAN BE COSTLY

YOUR TRUSTED PARTNER IN A DIGITAL AGE. A guide to Hiscox Cyber and Data Insurance

Understanding the Business Risk

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Discussion on Network Security & Privacy Liability Exposures and Insurance

Privacy / Network Security Liability Insurance Discussion. January 30, Kevin Violette RT ProExec

Cyber Threats: Exposures and Breach Costs

A Wake-Up Call? Fight Back Against Cybercrime. Prepared for: Ricky Link Managing Director, Southwest Region May 15, 2014

The Legal Pitfalls of Failing to Develop Secure Cloud Services

Mobile Medical Devices and BYOD: Latest Legal Threat for Providers

SMB Data Breach Risk Management Best Practices. By Mark Pribish February 19, 2015

Cybersecurity Workshop

CYBER SECURITY Cyber Security for Canadian Directors in the Wake of Ashley Madison

CYBER LIABILITY AND PRIVACY CRISIS MANAGEMENT EXPENSE APPLICATION

DATA BREACH RESPONSE READINESS Is Your Organization Prepared?

Cybersecurity Best Practices in Mortgage Banking. Article by Jim Deitch October 2015

HIPAA: Bigger and More Annoying

Guidance on data security breach management

ISO? ISO? ISO? LTD ISO?

Preparing for the Inevitable Data Breach: What to Do Before Sensitive Customer and Employee Data is Breached, Stolen or Compromised

4/30/2015 CYBER LIABILITY AND AVIATION AGENDA LEARNING OBJECTIVES. Presented by Hal Hunt May 3, 2015

Our specialist insurance services for Professionals risks

Law Firm Cyber Security & Compliance Risks

THE HARTFORD ASSET MANAGEMENT CHOICE sm POLICY NETWORK

Data Security Breaches: Learn more about two new regulations and how to help reduce your risks

Top Five Ways to Protect Your Network. A MainNerve Whitepaper

2014 Data Breach Industry Forecast

2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage

WHAT IS SENSITIVE INFORMATION?

Why Lawyers? Why Now?

SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS Data Breach : The Emerging Threat to Healthcare Industry

Cyber Risks in the Boardroom

I ve been breached! Now what?

Data Breaches, Identity Theft, and Employees

This procedure is associated with BCIT policy 6700, Freedom of Information and Protection of Privacy.

Managing Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal

Cyber Risks October

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. rny@crlaw.com Phone: (336)

Transcription:

Beazley Group Beazley Breach Response A data breach isn t always a disaster Mishandling it is.

A world of risk 932.7m Personal records breached in the U.S. since 2005 3 51% The proportion of breaches attributable to malware or hacking since 2005 3 2.7b Number of people in the world who are online (approximately 40% of the world s population) 1 Notes 1 International Telecommunication Union 2 Pew Research Center 3 www.privacyrights.org as of December 31, 2014 4 U.S. Dept. of Health and Human Services database as of December 31, 2014 18% Proportion of U.S. internet users who report having had personal information stolen following breaches of online privacy 2 47 The number of U.S. states that have their own regulations governing how data breaches should be handled. 1174 Healthcare data breaches affecting more than 500 personal records that have occurred since 2009. Total records breached: 40,906,929 4 Sheer carelessness With vast amounts of data storable on smaller and smaller devices, the risk of data breaches due to theft or sheer carelessness is huge. Between 2005 and 2014, portable devices carrying more than 172 million personally identifiable records were lost or stolen, according to the Privacy Rights Clearinghouse.

Not if, but when. Any business handling customer data will, sooner or later, be confronted with the challenge of a data breach. It s not a matter of if but when. The incidence of data breaches is massive. In US healthcare alone (the industry for which the most reliable statistics exist), more than 120,000 people are being notified that their data has been breached every week. 1 Healthcare providers and tens of thousands of other businesses have learned the hard way that there s no such thing as perfect cyber security. And the stakes are high. You hold personal data on trust for your customers. If they don t think your business can be trusted, the very future of your company may be at risk. A data breach is not a learning opportunity you have too much to lose to risk mishandling it. Records breached 2 Total 932.7m The case for focusing on response Many companies focus exclusively on data breach protection and fail to pay attention to what happens when the walls are breached. Firewalls, encryption and other defenses get the attention. The war is fought on IT turf. But the truly dangerous time is after you ve been breached. After a breach you re fighting to protect your reputation. It s when your customers begin to leave. A study conducted by the Economist Intelligence Unit in 2013 found that more than a third of customers of companies that had suffered a data breach no longer did business with the companies in question because of the breach. The way you manage a data breach to maintain customer trust is critical. That doesn t mean you shouldn t protect your system; it does mean you need plans for your response. And the good news is that there s a great deal you can do. Cyber-attacks are beyond your control; breach response is something you can plan for. 1 www.hhs.gov/ocr 2 www.privacyrights.org as of December 31, 2014 Hacking or malware Electronic entry by an outside party Unintended disclosure Sensitive information posted publicly on a website, mishandled or sent to the wrong party via email, fax or mail Portable device Lost, discarded or stolen laptop, PDA, smartphone, portable memory device, CD, hard drive, data tape, etc Insider Someone with legitimate access intentionally breaches information such as an employee or contractor Stationary device Lost, discarded or stolen stationary electronic device such as a computer or server not designed for mobility Payment card fraud Fraud involving debit and credit cards that is not accomplished via hacking. For example, skimming devices 51% 24% 18% 4% 1% 1% Unknown or other 1% Physical loss Lost, discarded or stolen non-electronic records, such as paper documents <0.5%

Our experience In managing a data breach, you want to make the calls. It s your reputation that s on the line. But it s also smart to have a partner who s been there before. Things happen too quickly; there s too much to learn. That s why people turn to Beazley. We pioneered the concept of data breach insurance that focuses first and foremost on response. We coordinate the IT experts and specialized lawyers to help you establish what s been compromised; assess your responsibility; and notify those you have to. In addition, we coordinate credit or identity monitoring for your customers and PR advice to help you safeguard your reputation. We also, of course, indemnify your losses from lawsuits or regulatory actions, the risk of which may be reduced by a well-coordinated breach response but can never be completely eliminated. Beazley has been at the forefront of defending clients in the developing and evolving legal arena of privacy class actions and regulatory investigations arising from data breaches. Beazley invented this comprehensive approach. We do more of it than anybody else. To date we have helped more than 2,000 clients manage data breaches swiftly and successfully. We can t guarantee your cyber security: no one can. But we can put you in control of your response. In March 2012, data cartridges containing 800,000 social security records were lost in transit to a storage depot. It was by no means an isolated incident. BBR Services a dedicated team of experts Beazley is unique among insurers in having a dedicated business unit, BBR Services, that focuses exclusively on helping clients manage data breaches successfully. A thicket of state and federal regulations governs how and when customers must be notified after a breach has occurred, and the risk of reputational damage from a mishandled breach is high. Our BBR Services team focuses on the coordination of the expert forensic, legal, notification and credit monitoring services that clients need to satisfy all legal requirements and maintain customer confidence. In addition to coordinating data breach response, BBR Services is responsible for maintaining and developing Beazley s suite of risk management services, designed to minimize the risk of a data breach occurring.

Thousands of hospital patients require notification after paper records containing personal financial data including credit card details are found blowing through a field several miles from the hospital. Beazley Breach Response A comprehensive service Beazley Breach Response is a unique insurance, loss control and risk mitigation service that provides a comprehensive service to notify and protect the customers of policyholders that have suffered a data breach. Coverage includes: Response to breach events: Notification services for up to five million affected individuals including foreign notification where applicable Call center services Breach resolution and mitigation services Public relations and crisis management expenses Third party liability, including coverage for regulatory actions and payment card industry (PCI) coverage for credit card breaches Assistance at every stage of the investigation of, and response to, a data breach incident from Beazley s in-house BBR Services team of data privacy attorneys and technical experts Initial breach investigation and consulting: Legal services Computer forensic services Complimentary loss control and risk management information including online resources and value-added educational webinars

Beazley Group Plantation Place South 60 Great Tower Street London EC3R 5AD United Kingdom T +44 (0)20 7667 0623 F +44 (0)20 7674 7100 Beazley Group 30 Batterson Park Road Farmington, CT 06032 USA T +1 (860) 677 3700 F +1 (860) 679 0247 Beazley Insurance Services 101 California Street Suite 1850 San Francisco, CA 94111 USA CA Lic. #OG55497 T +1 (415) 263 4040 F +1 (415) 263 4099 Visit our dedicated microsite www.beazley.com/bbr Follow us twitter.com/breachsolutions The descriptions contained in this communication are for preliminary informational purposes only. The product is available on an admitted basis in some but not all US jurisdictions through Beazley Insurance Company, Inc., and is available on a surplus lines basis through licensed surplus lines brokers underwritten by Beazley syndicates at Lloyd s. The exact coverage afforded by the product described herein is subject to and governed by the terms and conditions of each policy issued. The publication and delivery of the information contained herein is not intended as a solicitation for the purchase of insurance on any US risk. Beazley USA Services, Inc. is licensed and regulated by insurance regulatory authorities in the respective states of the US and transacts business in the State of California as Beazley Insurance Services (License#: 0G55497). CBSL330_US_02/15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information