Presentation is loading. Please wait.

Presentation is loading. Please wait.

Page 1 Recording of this session via any media type is strictly prohibited. Page 1 Technology Media Communications Industry Session Introductions for Networking.

Similar presentations


Presentation on theme: "Page 1 Recording of this session via any media type is strictly prohibited. Page 1 Technology Media Communications Industry Session Introductions for Networking."— Presentation transcript:

1 Page 1 Recording of this session via any media type is strictly prohibited. Page 1 Technology Media Communications Industry Session Introductions for Networking Discussion: Deciphering the E&O/Cyber Policy Download slides and handouts at Or use the RIMS 2014 App (Session # IND021)

2 Page 2 Recording of this session via any media type is strictly prohibited. What to Expect Today 1. Networking & Optional Exchange of Contact Information 2. Trends & Implications 3.Group Challenge 4.Cyber Coverage Terms 5. Where is the E&O/Cyber Policy today 6.Proactive Measures to Manage Risk 7.RIMS 2015 – Topics for next Tech/Media/Comm Session Takeaways:  Glossary of E&O/Cyber coverage terms  Sample Provision Wording

3 Page 3 Recording of this session via any media type is strictly prohibited. Introductions for Networking – Speakers Tim Burke – Marsh FINPRO West Zone Practice Leader - Commercial Errors & Omissions Holly Daley – Willis San Francisco, Tech Media Telecom Practice Former Risk Manager: Hitachi Data Systems, PG&E, Park Lane Hotels Lora Figgat – NetApp, Risk Manager, Sunnyvale Former Risk Manager: Symantec Corporation Bert Wells – Partner, Covington & Burling LLP, New York Policyholder-Side Attorney – Insurance Recovery – Transactional Matters – Policy Enhancements

4 Page 4 Recording of this session via any media type is strictly prohibited. Introductions for Networking – Participants Your Name / Company / Location Download slides and handouts at Or use the RIMS 2014 App (Session # IND021)

5 Page 5 Recording of this session via any media type is strictly prohibited. Macro Trends High profile data breaches Increasing centrality of privacy & IT security Regulatory scrutiny & evolving legal landscape Supply chain risk

6 Page 6 Recording of this session via any media type is strictly prohibited. The Compliance Scramble Mismatch Implications Vendor scrutiny Contractual risk transfer Indemnification Insurance requirements

7 Page 7 Recording of this session via any media type is strictly prohibited. E&O/Cyber: Additional Insured Status a. You as Customer perspective Why you require AI status from your customers/partners When your customer/partner will not meet your requirement b. You as Vendor perspective ● Why your customer requires AI status of you as their vendor/partner ● As a vendor, should you provide AI status to customers/partners c. Additional insured endorsements

8 Page 8 Recording of this session via any media type is strictly prohibited. Where Is the E&O/Cyber Policy Today?  Standardization - ISO, markets  E&O blend vs. stand-alone  Prior acts - average discovery lag 253-days  Menu of coverage pieces available: typically offered by special request

9 Page 9 Recording of this session via any media type is strictly prohibited. Deciphering the E&O/Cyber Policy Network Security & Multimedia Liability Cyber Security Liability Computer Security Insurance Network & Information Liability Commerce or Internet Security Insurance Privacy & Network Security Liability Intellectual Property Insurance Internet Security Liability Privacy and Security Insurance Cyber & Crime Liability Data Insurance

10 Page 10 Recording of this session via any media type is strictly prohibited. Cyber Insurance Overview Common Insuring Agreements Insuring AgreementISODescription Third Party Liability Network Security LiabilitySecurity Breach LiabilityNetwork security failure Privacy LiabilityProgramming Errors and Omissions LiabilityFailure to safeguard confidential information Media LiabilityWebsite Publishing Liability or Media Liability Advertising & Personal Injury First Party Privacy Expenses Breach Response CostsSecurity Breach ExpenseFirst party expenses to manage data breach Privacy Regulatory ActionsNot availableDefense costs, fines & penalties First Party Network Interruption Business InterruptionNot availableLoss of net income from network down time Dependent Business InterruptionNot available Vendor downtime Data RestorationReplacement or Restoration of Electronic DataCosts to replace damages information assets

11 Page 11 Recording of this session via any media type is strictly prohibited. Deciphering the E&O/Cyber Policy – Glossary Glossary of cyber insurance terms

12 Page 12 Recording of this session via any media type is strictly prohibited. Role Play: What will you do differently next time? Let’s open dialogue within the group this morning. Chime Your CEO just sent you an … To open: Please turn your chairs into groups of 8-10.

13 Page 13 Recording of this session via any media type is strictly prohibited. Role Play: What will you do differently next time? Congratulations on your brand new job in the Risk Management Department of A RROW S TORES Following a highly-publicized data breach resulting in a 40% sales decline – and attributable to a vendor’s security lapse – your CEO asks your Risk Management team to get the company back on track. Here is your new Please join me for lunch today in my office at high noon. I would like hear from your team: Hindsight – Two steps or protocols Arrow could have implemented to avoid this mess. Lessons Learned – Two steps or protocols you propose we start developing this afternoon. P ERRY N. A RROW CEO A RROW S TORES, I NC.

14 Page 14 Recording of this session via any media type is strictly prohibited. Risk Management – Best Practices Create Tools to manage contract requirements  Provision Templates  Playbook  Escalate to RM as advised (per SOW, regions, fallback/fallforward) Distribute to stakeholders  Post on RM site  Training and partnering: Legal, Procurement, Sales, Finance Develop response protocols  Incident reporting directions (coverage assessment)  Breach response plan: spokesperson, notification process, legal team identified  Breach tabletop exercise

15 Page 15 Recording of this session via any media type is strictly prohibited. Playbook– Prepared Responses to Your Customers’ Requirements & Requests (Hypothetical Example Below) RequestYour Policy CoverageLimitRisk Tolerance Carve out to limitation of liability for data security to allow for unlimited liability Security & Privacy liability $20MSubject to approval, up to $20M

16 Page 16 Recording of this session via any media type is strictly prohibited. Sample Contract Provision for Cyber Insurance Vendor shall procure and maintain the following insurance: Errors and Omissions Liability Insurance to cover loss arising from errors and omissions in the performance of all Services hereunder, including loss arising from destruction of data, in an amount of at least [$_______] per occurrence. Cyber-Risk, Network Security, or other coverage (regardless of name) to cover the first-party losses and liability of Customer arising from breaches of security of data or computer networks of Vendor or Customer due to Vendor’s acts, errors and omissions, including such losses arising from [specific events or causes]; in an amount of at least [$_______] per occurrence. [Other types and amounts of coverage as may be required.] Each such liability policy shall name Customer as an Additional Insured for such liability of the Customer, and each such first-party policy shall name Customer as a Loss Payee. Such insurance shall be worldwide; primary and non-contributing with respect to any insurance or self-insurance of Customer, subject to the reasonable advance approval of Customer and issued by insurers having ratings reasonably satisfactory to Customer.

17 Page 17 Recording of this session via any media type is strictly prohibited. Actionable Points & Issues To share with your brokers, insurers, legal teams Review coverage wordings Bring key IT personnel to underwriting meetings Discuss the reality of claims process

18 Page 18 Recording of this session via any media type is strictly prohibited. Wrap Up and Q&A Q&A

19 Page 19 Recording of this session via any media type is strictly prohibited. Our Next Session: RIMS 2015 in New Orleans Brainstorm Topic ideas for our next Tech Media Communications Industry Session Thank you


Download ppt "Page 1 Recording of this session via any media type is strictly prohibited. Page 1 Technology Media Communications Industry Session Introductions for Networking."

Similar presentations


Ads by Google