CGI Cyber Risk Advisory and Management Services for Insurers

Similar documents
Mitigating and managing cyber risk: ten issues to consider

THE NEW REALITY OF RISK CYBER RISK: TRENDS AND SOLUTIONS

CGI in Insurance. Preparing for Tomorrow, Today

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber security Building confidence in your digital future

Cyberprivacy and Cybersecurity for Health Data

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

Law Firm Cyber Security & Compliance Risks

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Insurance Considerations Related to Data Security and Breach in Outsourcing Agreements

How To Deal With A Converged Threat From A Cloud And Mobile Device To A Business Or A Customer'S Computer Or Network To A Cloud Device

Cyber/ Network Security. FINEX Global

The promise and pitfalls of cyber insurance January 2016

Breaking down silos of protection: An integrated approach to managing application security

NNIT Cybersecurity. A new threat landscape requires a new approach

External Supplier Control Requirements

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age

Cybersecurity and internal audit. August 15, 2014

Cyber Risk Management

Cyber Security - What Would a Breach Really Mean for your Business?

Cisco Remote Management Services for Financial Services

Enterprise Security Tactical Plan

Log Management How to Develop the Right Strategy for Business and Compliance. Log Management

GALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

CGI Payments360. Moving money with greater agility and confidence. Experience the commitment

Payment Card Industry Data Security Standard

CGI s Global Infrastructure Services Bringing our best to your table

Who s next after TalkTalk?

Protecting against cyber threats and security breaches

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

Cyber Liability Insurance

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Industrial Cyber Security Risk

McAfee Security Architectures for the Public Sector

CYBER RISK SECURITY, NETWORK & PRIVACY

Data breach! cyber and privacy risks. Brian Wright Michael Guidry Lloyd Guidry LLC

The Importance of Cybersecurity Monitoring for Utilities

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Managing cyber risks with insurance

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Ten Questions Your Board Should be asking about Cyber Security. Eric M. Wright, Shareholder

IBM Security QRadar Risk Manager

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Comprehensive real-time protection against Advanced Threats and data theft

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Understanding the Business Risk

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

State of Security Survey GLOBAL FINDINGS

MANAGING Cybersecurity Risk AND DISCLOSURE OBLIGATIONS

Rogers Insurance Client Presentation

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

The Protection Mission a constant endeavor

Cisco Security Optimization Service

Cybersecurity Delivering Confidence in the Cyber Domain

What Data? I m A Trucking Company!

ALERT LOGIC FOR HIPAA COMPLIANCE

Security. Security consulting and Integration: Definition and Deliverables. Introduction

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Cyber Insurance as one element of the Cyber risk management strategy

Exercising Your Enterprise Cyber Response Crisis Management Capabilities

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

integrating cutting-edge security technologies the case for SIEM & PAM

Italy. EY s Global Information Security Survey 2013

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Cyber Liability & Data Breach Insurance Claims

Cyber Risks in Italian market

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Cisco Security Intelligence Operations

Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Seven Things To Consider When Evaluating Privileged Account Security Solutions

CESG Certification of Cyber Security Training Courses

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

Current IBAT Endorsed Services

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Advanced Threat Protection with Dell SecureWorks Security Services

REVOLUTIONIZING ADVANCED THREAT PROTECTION

BT Assure Threat Intelligence

Cyber Risks and Insurance Solutions Malaysia, November 2013

Transcription:

CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks

cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their cyber risks and liability. A recent Trend Micro report predicts that targeted attack campaigns will continue to burgeon in 2015 1. The failure to anticipate and manage cyber risks can result in significant financial loss, reputational harm and/or legal damages through fines or lawsuits. The need for identifying and minimizing cyber risks has never been greater. Addressing cyber threats Cyber threats come in many forms from external hackers bent on disrupting, damaging or stealing to well-intentioned employees unknowingly exposing personal or sensitive client information. Each organization must understand its own unique vulnerabilities. Recent high-profile attacks on retailers, banks and manufacturers underscore this point. There are likely many more unreported incidences kept confidential because of the negative impact of disclosure on reputation. In other cases, many organizations may not even know they ve been breached. Organizations need effective policy, process and technology measures to protect against threats, and many are turning to IT security partners for managed security services for their protection. Increasingly, organizations are also relying on their insurers for new or extended cyber insurance products and services. Indeed, governments are relying on insurers to proactively help mitigate the growing exposure to cyber risk due to the high threat and national impact of cyber breaches. Growing demand for cyber insurance Cyber insurance can come in a variety of forms, insuring companies for a wide range of risks, from reputational damage to theft of intellectual property. Some carriers also offer liability protection, including first party, third party, worldwide, business interruption, and network and information security protection, as well as security breach services, remediation and managed security services. According to reports by Experian and Betterly Risk Consultants, only 31% of U.S. companies had cyber insurance policies in 2014, and the number of policies is significantly less in other countries. However, some of the largest cyber insurance providers are experiencing significant annual growth in demand and a substantial increase in direct written premiums (by as much as 30%). Cyber insurance is still an emerging market, with significant variation in coverages and premiums from insurer to insurer. At the heart of this variation are differences among insurers in their ability to accurately assess policyholders cyber risks and to respond appropriately to claims. 1 Trend Micro: Security Predictions for 2015 and Beyond.

cgi.com 4 Recent explosive growth in premiums for cyber risks Total premium - compound growth rate 2009-2013 Cyber Risks 38.0% Political Risks 20.0% Financial Risks 16.0% Product Contamination 13.0% Aviation Liability 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% 35.0% 40.0% Data Source: Global Risk Insight Platform (GRIP) % Growth Rate Partnering with cybersecurity experts Throughout the history of insurance, carriers have relied on third party experts to help them understand the risks associated with insuring something. From ships to boilers and other machinery to vehicles and residential and commercial property, insurers work with qualified inspectors to perform site visits and assessments both prior to and during a policy s effective period. Insurers also tap into third party data to augment their understanding of risk. It s fundamentally a matter of core competencies: insurers are in the business of pricing and underwriting risk while relying on external suppliers to deliver the data they need to do so effectively. Some insurers likewise rely on external suppliers at the service end of the value chain. CGI s global cybersecurity practice, borne out of our deep experience in security services for commercial, government and defence clients, provides a broad portfolio of cyber services to organizations in all industries. Consulting and Assessment Services Managed Security Services Incident Response and Investigative Services Assess risk, prioritize needs and establish clear action plans for mitigation Effectively manage risk in a cost effective manner while enabling speedy access to advanced levels of protection Minimize the cost and business impact of incidents and manage regulatory obligations While these services can protect insurance organizations themselves from cyber threats, insurers are increasingly partnering with us to help manage the cyber risks of their policy holders.

cgi.com 5 Consulting and risk assessment services Our consulting and risk assessment services help insurers identify, assess and score the risks they are thinking of underwriting. These services include: Cyber risk self-assessment tool from CGI and Oceanwide, a leading cloud-based core insurance systems software company Pre-defined bronze, silver and gold cyber risk assessment consulting services packages that are tuned to the size of the potential policyholder Managed Security Services during the effective dates of the cyber insurance policy Cyber risk education training for insurers and policyholders Security policy and program development Averaging 20 years of security experience, CGI s 1,400 security professionals offer extensive strategic and technical cybersecurity expertise, as well as deep industry knowledge, to ensure accurate risk analysis and superior recommendations.

cgi.com 6 Managed security services We offer a variety of managed security solutions to cost-effectively reduce cyber risks on an ongoing basis. These solutions can be applied to your policyholders to reduce risks, set premiums and maximize underwriting profitability. Our managed security services include: Firewalls Intrusion detection/prevention Endpoint services (including anti-virus and malware) Log management, security information and event monitoring Continuous vulnerability Web content filtering Advanced malware detection 24x7 monitoring CGI s expansive managed security services are delivered through nine global security operations centers. Each service can be adapted to meet a client s unique business and security requirements because we understand that one size rarely fits all.

cgi.com 7 Incident response and investigation services Our cyber breach resolution team provides comprehensive incident response and investigation services for insurers, including: Incident assessment and response coordination Threats & Vulnerability Analysis Risk Assessment Containment Collection of evidence for analysis and potential litigation Detailed malicious software analysis Network traffic capture and analysis Digital forensic analysis of endpoint storage and memory Root cause analysis Remediation of vulnerabilities Clients are immediately connected with the team as soon as a potential security breach is suspected. They also have access to a CGI-supported hotline for assistance in identifying potential breaches. Managed Security Services Incident Detection & Response Operate & Maintain IA Controls Certification & Accreditation Security Requirements Analysis CGI Cybersecurity Implement Defensive Solutions Design & Develop Protective Measures Compliance & Training Plans, Policies, Procedures Integration & Testing Rapid support when needed the most We provide local security support backed by the capabilities of a global security team Our cyber breach resolution team has 15+ years of experience in responding to and addressing security breaches We respond quickly and effectively in identifying and managing suspected and actual security breaches

cgi.com 8

cgi.com 9 Cyber insurance market snapshot Average cost of a data breach is $3.7m 3 $$$$$$$$ $$$$$$$$ $$$$$$$$ $$$$$$$$ $$$$$$$$ 38% of UK organisations have suffered data breaches or significant systems failures in the last 12 months 2 European market is $150m, growing at 50-100% 1 Globally, 1/3 rd of organizations have cyber insurance 3 On average 41% due to malicious attack, 29% due to system glitch,30% due to human error 3 Average size of data breach in United States: 29,087 records 3 Average cost paid for each lost/stolen record $158 3 1. Marsh Cyber Risk Survey 2014 2. AON Global Risk Insight Platform 2014 3. Ponemon Costs of Data Breach Study 2014

cgi.com 10 CGI in insurance CGI is the partner of choice for P&C and Life insurers, brokers and agents across the globe, including 12 of the top 20 global insurers and 200+ clients worldwide. Our 3,500 insurance professionals deliver end-to-end services and solutions that drive results - from product strategy and management, to data analytics and cyber insurance, to core systems integration. Our 35+ years of insurance experience includes policy, claims and billing implementations across the globe, the development of innovative solutions such as CGI Ratabase, the industry s leading rating and product configuration software, and the annual processing of more than 15 million transactions and $50 billion in premiums. We re also a systems integrator for the world s leading core insurance software solutions. CGI in cybersecurity At CGI, security is part of everything we do. We help clients manage complex security needs - from audit and compliance to policy and architecture - with a business-focused approach. We work with leading corporations across the commercial sectors and governments in the U.S., Canada, across Europe and beyond. For nearly four decades, CGI has helped clients manage complex security issues with a business-focused approach. We understand security from all angles - technology, business and legal - and have a 360 degree view of global and local threats in both the public and private sectors. Through our end-to-end security services and large pool of industrycertified, accredited and security cleared experts, we protect more than 150 clients in 16 countries across all industries. Our managed security services are delivered through state-of-the-art facilities, including a world-class innovation lab and three accredited security certification facilities, one in the U.S., one in the U.K. and one in Canada. We also operate nine global Security Operations Centers that provide 24/7 monitoring and a proactive view of security risks. Through these centers, we protect clients from more than 550 million cyber incidents every month. About Oceanwide Since 1996, Oceanwide has been delivering SaaS core processing solutions to property and casualty insurers of all sizes across the globe. Our configurable insurance software solutions enable insurers to react to market changes, configure and manage their products with increased speed and lower costs for any line of business, virtually eliminating professional service fees. Designed from the ground up to be web enabled and fully configurable by end-users without any coding, programming or scripting, our solutions automate policy, billing, claims, underwriting, document management, agent/ consumer portals and more for insurers, MGAs, and brokers. For additional information visit the Oceanwide website at www.oceanwide.com or call (888) 289-7744.

cgi.com 11

Founded in 1976, CGI is a global IT and business process services provider delivering high-quality business consulting, systems integration and managed services. With 68,000 professionals in 40 countries, CGI has an industry-leading track record of delivering 95% of projects ontime and on-budget, aligning our teams with clients business strategies to achieve top-to-bottom line results. To learn more about our insurance capabilities and our cybersecurity work, visit cgi.com/cybersecurity or contact us at insurance@cgi.com.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information