Cyber/ Network Security. FINEX Global



Similar documents
CYBER/ NETWORK SECURITY

CYBER RISK SECURITY, NETWORK & PRIVACY

How To Cover A Data Breach In The European Market

Data breach, cyber and privacy risks. Brian Wright Lloyd Wright Consultants Ltd

RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION

Cyber and Data Security. Proposal form

NZI LIABILITY CYBER. Are you protected?

Mitigating and managing cyber risk: ten issues to consider

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

CyberEdge. Desired Coverages. Application Form. Covers Required. Financial Information. Company or Trading Name: Address: Post Code: Telephone:

APIP - Cyber Liability Insurance Coverages, Limits, and FAQ

Cyber Insurance Presentation

Airmic Review of Recent Developments in the Cyber Insurance Market. & commentary on the increased availability of cyber insurance products GUIDE

Cyber Liability Insurance Data Security, Privacy and Multimedia Protection

Cyber-Crime Protection

Insurance implications for Cyber Threats

Managing Cyber Risk through Insurance

Demystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

Internet Gaming: The New Face of Cyber Liability. Presented by John M. Link, CPCU Cottingham & Butler

Data Breach and Senior Living Communities May 29, 2015

Cyber Liability Insurance Data Security, Privacy and Multimedia Protection

Cyber Risks Management. Nikos Georgopoulos, MBA, cyrm Cyber Risks Advisor

Our specialist insurance services for Professionals risks

WILLIS RETAIL PRACTICE REDUCING THE COST OF RISK

THE ANATOMY OF A CYBER POLICY. Jamie Monck-Mason & Andrew Hill

Information and Communication Technology, Cyber and Data Security

Cyber Risks and Insurance Solutions Malaysia, November 2013

Cyber and data Policy wording

Cyber Risks in Italian market

Privacy Liability & Data Breach Management Nikos Georgopoulos Cyber Risks Advisor cyrm October 2014

Cybercrime: risks, penalties and prevention

Cyber Risk Insurance for Agents. Frequently Asked Questions

Managing Cyber Threats Risk Management & Insurance Solutions. Presented by: Douglas R. Jones, CPCU, ARM Senior Vice President & Principal

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

Architects and Engineers Professional Liability Insurance Summary

Cyber Insurance as one element of the Cyber risk management strategy

Cyber Threats and the Insurance Response

2015 PIAA Corporate Counsel Workshop October 22 23, 2015 Considerations in Cyber Liability Coverage

Navigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh

Embracing Cyber Risk: Insurance Solutions

Understanding the Business Risk

HCC International Information and Communication Technology

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

MANAGING EMPLOYEE RISKS

Cyber Insurance: How to Investigate the Right Coverage for Your Company

Rogers Insurance Client Presentation

CYBER RISK INSURANCE. Presented By: Jonathan Healy

Joe A. Ramirez Catherine Crane

Construction Consultants Professional Liability Insurance Summary

CYBER INSURANCE. Cyber Insurance and Gaps in Traditional Insurance. Cyber and E&O Team Willis FINEX North America

Small businesses: What you need to know about cyber security

cyber invasions cyber risk insurance AFP Exchange

Zurich Security And Privacy Protection Policy Application

Enterprise PrivaProtector 9.0

Surveyors Professional Liability Insurance Summary

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

Making Sense of Cyber Insurance: A Guide for SMEs

IRONSHORE SPECIALTY INSURANCE COMPANY 75 Federal St. Boston, MA Toll Free: (877) IRON411

Best practices and insight to protect your firm today against tomorrow s cybersecurity breach

Allianz Global Corporate & Specialty. Cyber Risks. Recent Trends. AIRMIC 15 th June 2015

Insuring Innovation. CyberFirst Coverage for Technology Companies

Managing Cyber & Privacy Risks

CGI Cyber Risk Advisory and Management Services for Insurers

Specialist Miscellaneous Professions (Legal Liability) Professional Liability Insurance Summary

Privacy and Data Breach Protection Modular application form

Media Liability Insurance

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

DATA BREACH BREAK DOWN LESSONS LEARNED FROM TARGET

Cyber Threats: Exposures and Breach Costs

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

ISO? ISO? ISO? LTD ISO?

Small businesses: What you need to know about cyber security

Network Security & Privacy Landscape

Cyberinsurance: Insuring for Data Breach Risk

Cyber Liability Insurance

Transcription:

Cyber/ Network Security FINEX Global

ABOUT US >> We are one of the largest insurance brokers in the world >> We have over 180 years of history and experience in insurance; we currently operate in over 400 offices in nearly 120 countries, with a global team of approximately 17,000 Associates serving clients in some 190 countries >> USD 32.2 billion of global premiums placed through worldwide markets SUBSIDIARY AFFILIATE CORRESPONDENT Any company that stores personal data, are reliant on computer or telephone networks, digital information or the internet faces cyber exposures

What are cyber risks? Today, using computers and logging on to public and private networks has become second nature in both our personal and business lives. We are all constantly producing and saving data, surfing the net, uploading content and sending and receiving email traffic. It is difficult to recall how we were ever able to manage without such technologies and the benefits they bring. However, in creating this new digital world we have also created a by-product Cyber risks. Cyber risks are faced not just by e-commerce companies and those undertaking transactions over the internet, but also by companies that store personal data, are reliant on computer or telephone networks, holds digital information or uses the internet can face these exposures. In short, just about every business in the world today is faced with Cyber risks, some of the core Cyber exposures include: >> Privacy Breach Anyone that stores Personal Identifiable Information (PII) is exposed to data breaches. Data breaches may occur from a hack, a disgruntled employee or even a lost laptop. In the UK the costs a company face as a result of one compromised record is approximately GBP 70 large scale breaches can therefore be very costly indeed. >> Network Downtime Most companies are reliant on networks, whether it s the network that interconnects various company sites, enterprise private networks or the critical backbone network that deals with network performance management and network congestion. Network downtime can be caused not just by malicious hacks such as a Denial of Service (DoS) attack, but also by operational failures involving software and hardware failures, both of which can have a significant financial impact on a business. >> MULTIMEDIA RISKS Social media is now a key marketing strategy utilised by companies. However User Generated Content (UGC) and the posting of unlicensed content has caused a dramatic increase in online defamation claims and intellectual property infringement claims. The use of such sites requires additional infrastructure and maintenance resources, to ensure the appropriate defensive layers are in place to protect the company. Monitoring of chat rooms is not always possible and reliance on self regulation by the audience is a dangerous strategy. Also, pre-screening is not possible on Facebook and Twitter and the minimum fallback must be relevant staff training. >> Cyber extortion Cyber extortion is a crime involving an attack, or threat of attack, against a company, coupled with a demand for money to stop the attack. There are various types of Cyber extortion but originally DoS attacks were the most common method. More recently Cyber criminals have developed actual ransomware that can be used to encrypt the targets data. The attacker then demands money for the decryption key. The probability of prosecuting the criminals is low because criminal gangs usually operate from countries other than those of their target. Cyber extortion is big business and with criminals earning millions of pounds annually the majority of Cyber extortion episodes go unreported because victims do not want the publicity.

THE DATA BREACH PHENOMENA By far, the most well known Cyber risk and the most common cause of Cyber risk claims notified to Willis FINEX Global practice group and the insurance market presently is a privacy/data breach. How the breach occurs can come in a variety of ways from hacking to lost laptops. Common to all breaches is the significant quantum of the costs suffered by the breached company to deal with the data theft/loss. Increasing data protection legislation, the growth of the underground digital economy and new technology such as cloud computing and social media has seen the number of data breaches significantly increase year on year. Some of the largest breaches that have occurred have cost companies upwards of GBP 100m. Costs as a result of a data breach can include: >> FORENSIC COSTS Immediately after a breach it will be necessary to carry out forensic analysis and investigations to identify and contain the breach. It may also be necessary to undertake an official forensic audit by approved auditors of the relevant data protection authority. Some of the largest breaches that have occurred have cost companies upwards of GBP 100m >> Notification In the event there is a data breach customers affected by the breach will need to be notified. This is mandatory in the US, Spain, Germany, Austria and Norway however it is considered good practice by the Information Commissioner s Office (ICO) here in the UK. Notifying customers will also ensure that consumer churn is kept to a minimum. >> Credit monitoring Another service provided by companies to their customers after a security breach is credit monitoring. This is a service provided by a third party to monitor the affected individual s credit history for fraudulent activity. It may be offered for up to 5 years post breach. >> PR Costs In the event of a major security breach it is necessary to employ PR expertise in order to try and reduce the reputational impact to a company. >> Crisis Management Costs Other miscellaneous costs including setting up of third party call centres for affected customers. >> Fines and penalties Regulatory fines and penalties plus Payment Card Industry (PCI) fines where credit card information is involved. >> LIABILITIES Companies may incur liability claims for damages from banks if financial data has been taken from the individuals themselves for any costs they have incurred as a result of the breach such as time off work, and from any other third parties that may have suffered a financial loss from the breach.

CYBER INCIDENTS/ CLAIMS SCENARIOS The table below looks at some of the most common types of Cyber claims and highlights the associated costs that companies could face as a result: Industry Scenario type of COSTS INCURRED Cover Retail A hacker accessed the retailer s network and stole 15 million customers PII. The retailer incurred significant costs to deal with the breach including forensic costs, notification costs, PCI fines and credit monitoring costs. Liability claims followed. Privacy/Network Security Liability/ Privacy event mitigation costs, PCI fines. Hotel A hotel group s point of sale network was hacked into and 6 million customer s credit card details were taken. The hotel experienced high forensic costs to isolate the hack. Additional costs included mandatory notification costs and PCI fines. The hotel offered all of the individuals 2 years credit monitoring service. They also received liability claims for damages from the banks. Privacy/Network Security Liability/ Privacy event mitigation costs, PCI fines. Airline An airline received a Distributed Denial of Service (DDoS) attack bringing down their online sales platform for 48 hours. The airline experienced a significant loss of revenue during the network downtime plus increased costs of working. Non-physical business interruption. Media The media company utilised content on their website without obtaining the appropriate licences. They were successfully sued for over GBP 1m for copyright infringement. Multimedia Liability. Financial Services An employee of a financial services company left a laptop in a public place containing the PII of its clients. Costs included the hire of a PR firm, notification to all of the customers affected, setup of an ID theft/credit alert service call centre and credit monitoring services. Privacy/Network Security Liability/ Privacy event mitigation costs. Gaming A hacker threatened to take down the private network of the gaming company unless they paid them GBP 5m. Investigation costs to identify the threat plus the extortion demand amount. Cyber Extortion.

FINEX Global CYBER COVER Willis FINEX Global, in conjunction with key Cyber markets has developed a market leading Cyber Insurance solution: >> Privacy protection 1. Third party and employee privacy liability for damages and claims expenses as a result of a privacy breach. 2. Privacy regulatory defence and penalties. 3. Notification expenses to notify victims of privacy breaches. 4. Forensic costs to contain a breach and carry out the necessary forensic audits following a breach. 5. PR expenses to help limit the reputation impact following a security breach. 6. Credit monitoring costs to monitor the victims credit history for fraudulent activity. 7. Payment Card Industry (PCI) fines. 8. Reputational risk extension as a result of a data breach (case by case basis). PLUS other Cyber liability coverages including: 9. Network Security Liability for damages and claims expenses the insured is legally obligated to pay, arising out of computer attacks caused by failures of security. 10. Negligent transmission of a virus: for damages to customers computer systems and/or data. 11. Multimedia Liability, Intellectual Property Infringement and libel and slander due to email or website content. >> Loss of Digital Assets including non-physical business interruption 1. Data/electronic information loss: The costs to restore data that has been lost or corrupted. 2. Indemnification for loss of revenue following unplanned system outage and increased cost of working. 3. Cyber extortion coverage: Covers both the costs of investigation and the extortion demand amount related to a threat to commit a computer attack. 4. Cyber terrorism coverage (case by case). Typically this will act as the template coverage. After a period of consultation, our e-solution experts will further develop and tailor the coverages so that it is aligned with your business specific risk profile.

WHY FINEX Global Cyber PRACTICE? >> Specialist knowledge With our specialised knowledge in the sector we are able to design innovative programmes that specifically reflect the needs of our Cyber clients. For our clients the benefits are simple expert advice ensuring the ultimate in cost-effective programme design. >> A consultative approach We fully analyse your Cyber exposures before proposing the most appropriate Cyber risk transfer solutions for your business. >> Exclusive wordings Our Cyber Practice has its own exclusive wording that we have designed in conjunction with key Cyber insurers. The breadth of coverage goes way beyond the off the shelf products typically offered. >> Claims Handling We have been in the Cyber market for over 10 years and our claims team have developed insightful experience in how best to deal with your Cyber claim to ensure it gets paid. >> Cyber RISK MANAGEMENT We can establish your Cyber risk profile utilising Cyber assessment tools. This will allow you to take the appropriate actions to better protect your company s computer network resource and information assets in order to mitigate potential network risks. >> MARKET LEVERAGE Willis has excellent market leverage due to the significant amount of premium that our Cyber Practice places into the market. >> Marketing approach The same team that analyses your risks and develops a protection strategy approaches markets on your behalf. >> The Willis One Flag approach Willis expertise in all our offices around the world is available to you essential for international companies who need to comply with the various international data protection laws. >> Cyber Risks Information updates Our clients are kept up-to-date with the latest Cyber trends via the Cyber e-newsletter, seminars and workshops. If you are concerned about your businesses Cyber risks contact us and arrange an initial consultation to start mapping out your risks: Jeremy Smith +44 (0)20 3124 6086 jeremy.smith@willis.com

Willis Limited The Willis Building 51 Lime Street London, EC3M 7DQ United Kingdom Tel: +44 (0)20 3124 6000 www.willis.com Jeremy Smith +44 (0)20 3124 6086 jeremy.smith@willis.com Willis Limited, Registered number: 181116 England and Wales. Registered address: 51 Lime Street, London, EC3M 7DQ. A Lloyd s Broker. Authorised and regulated by the Financial Services Authority. 9895/09/11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information