Overview of Cybercrime

Slides:

Advertisements

Similar presentations

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.

Advertisements

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Travelers CyberRisk for Insurance Companies

©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.

Overview of Identity Theft, Data Breaches and Cyber/Privacy Liability Insurance October 6, 2009.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.

Recent Trends and Insurance Considerations March 2015

Presented by: Paul J. Miola, CPCU, ARM Executive Director October, 2013.

BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.

Understanding Privacy Breach Risk: Ontario Universities Risk Management Symposium Presented by Brian Rosenbaum LL.B. Director, Legal and Research Practice.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.

Leadership, Knowledge, Solutions…Worldwide. Privacy & Data Security Understanding Identity theft The art of managing a crisis Jim Leonard – Marsh FINPRO.

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

Non Physical Business Interruption Malcolm Randles, Underwriter, Kiln Syndicate February 2011.

AUGUST 25, 2015 Cyber Insurance:

Part 6 – Special Legal Rights and Relationships Chapter 35 – Privacy Law Prepared by Michael Bozzo, Mohawk College © 2015 McGraw-Hill Ryerson Limited 34-1.

Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.

CYBER INSURANCE Luxury or necessary protection?. What is a data breach? A breach is defined as an event in which an individual’s name plus personal information.

Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave. Chicago,

Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma.

Cyber-insurance coverage: do you have it? Robert E. Sumner, IV, Esq. and Tosh Siao of Willis Group September 17, 2015.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Carlsmith Ball LLP Cyber Issues For Lawyers Deborah Bjes October 22 nd, 2015.

1 CONFIDENTIAL ©2015 AIR WORLDWIDE New Approaches for Managing Cyber Risk.

Friday, October 23, Jacqueline Harris, CPM®, CCIM® Director of Training & Administration Digital Realty Jacqueline Harris, CPM®, CCIM® Director.

Have the Time? Steps to Deal with Cybercrime HFTP Annual Conference Bellevue, Washington October 23, 2015 Presented by: John D. Daum, CPA Scott Perry (Just.

Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Network Security & Privacy Discussion Colorado Community Health Network April 14, 2014 Presented by: Kevin Keilbach – Client Executive – Health Care Jeff.

Restaurant 1. 2 There are several different types of restaurant classifications, including: Family Style Fine Dining Fast Food Buffet.

The Pitfalls of the Small Business Owner Protect Your Assets!

NCBFAA Annual Conference 2015 Orlando Converging Logistics: Realities vs. Possibilities Cyber Insurance Bernie Cissek, Chairman.

Law Firm LLP | Cyber Insurance | July 16th, 2014 Page 1 Cyber Exposure Landscape "The single biggest threat still is people inadvertently bringing down.

Prepared By: John Marshall, CRM, ERMCP, CIC, AAI Jenny Jacobsen, JD Cyber Liability Update April 21, 2016 Welcome.

Being there When you need us Thats our policy. Cyber Awareness – what can be done?

The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

MEDICAL OFFICE COVERAGES. This is a short review over many insurance coverage parts necessary to a doctor’s practice. Not all apply, and there are other.

Retail & Service 1. 2 The Retail & Service industry encompasses a wide variety of businesses. This segment includes: Businesses engaged in selling goods.

Cyber Liability: New Exposures Presented by: Henriott Group © 2007, , Zywave Inc. All rights reserved.

CGL Coverage B and Specific Products Covering Data Breaches Primerus Convocation Amelia Island, FL April 2015.

Cyber Insurance Overview July 30, 2016 Wesley Griffiths, FCAS International Association of Black Actuaries.

Cyber Insurance - Risk Exposures and Strategic Solutions

Cyber Liability Insurance for an unsecure world

Cyber Insurance Risk Transfer Alternatives

Clients and Prospective Clients on the Threat of Cyber Crime

Breaking Down Cyber Liability

Financial Institutions – Cyber Risk

Financial Technology in Cyber Risks

Cyber Insurance presentation for: The 2nd Anti Cybercrime Forum Beirut, 29th November 2016 Alexander Blom, Head of Financial Lines, AIG MENA.

Managing a Cyber Event Steven P. Gibson President

Cyber Insurance – FFs & CHBs

Cyber Insurance Overview

Chapter 3: IRS and FTC Data Security Rules

Society of Risk Management Consultants Annual Conference

CYBER CRIME Matthew Purchase.

Cyber Issues Facing Medical Practice Managers

Cyber Trends and Market Update

Understanding Cyber Insurance NASCUS/CUNA Cybersecurity Symposium

FAIR 2018 – Cyber Risks & Markets

Forensic and Investigative Accounting

Cyber Security: What the Head & Board Need to Know

Presentation transcript:

Cyber loss trends, insurance coverage and claim payouts Presented by Katie Andruchow, MBA, CIP, CRM National Cyber and Privacy Expert Aon Risk Solutions™ Financial Services Group Aon’s Cyber and Privacy Practice

Overview of Cybercrime It is estimated that cybercrime costs the global economy more than $400 Billion USD a year

Overview of Cybercrime

Common Threats: Lizard Squad

Common Threats: Cryptolocker

Real Prize in Caesars Fight: Data on Players Customer loyalty program is valued at $1 billion by creditors The most valuable asset in the bitter bankruptcy feud at Caesars Entertainment Corp. isn’t the casino operator’s opulent Roman-themed resort at the heart of the Las Vegas Strip. It’s the company’s big-data customer loyalty program, valued at $1 billion by creditors.

Common Exposures Employee payroll information: Names, addresses, SIN number Even if payroll processing is outsourced to a third party ex ADP Human Resources records: Employee employment histories, health records, salary information Corporate confidential information Third party intellectual property, M&A documents, CRM system information Network Interruption: Security Breaches causing operational downtime Dependent Business Interruption: Key service providers experience security breaches that in turn interrupt the Insured business Cyber Extortion: threats made against an organization to disclose confidential information “or else”

Types of Privacy Breach Costs Incurred First Party Costs Organization’s out-of-pocket costs Notification Expenses IT Forensics Public Relations Call Centre Expenses Brand Damage Mitigation Efforts Credit Monitoring Identity Theft Monitoring Data Recovery and Restoration Expenses Loss of Intellectual Property Business Interruption Cyber Extortion and Cyber Terrorism Third Party Liability Civil suits From business partners From employees and the general public Legal defense & damages Regulatory investigations and proceedings From privacy commissioners Fines, penalties and civil awards Costs of investigations

What Does a Cyber Policy Cover? Provided on a Claims- made basis; for liability arising out of: Network security breaches to insured computer systems Network security breaches to third party service providers networks Privacy breaches: Failure to protect confidential information Transmission of malicious code to third parties Regulatory investigations, proceedings and penalties Levied by Privacy Regulatory bodies Fines, penalties and civil awards Costs of investigations

What Does a Cyber Policy Cover? Privacy Breach Costs Notifications Legal Advice IT Forensics Credit Monitoring Identity Theft Monitoring Business Interruption Extra Expenses incurred because of loss Ordinary Payroll Lost Income Digital Asset Restoration Costs of Labour to recreate digital records Costs to replace damaged hardware and software Cyber Extortion

What Does a Cyber Policy Cover? Additional First Party Coverage For Financial Institutions Electronic theft of funds Fund theft suffered by clients via phishing attacks For Healthcare Sector Costs and services to obtain new health care numbers For Any Risk Processing Payment Cards Payment Card Industry Fines, penalties and investigation

Causes of Insured Losses 2014 NetDiligence Claims Cost Report

Real Claim Payouts: Third Party vs. First Party

Tort of Intrusion Upon Seclusion Created in Jones v Tsige in 2012 with a 3-part test: No need for economic harm or dissemination Courts expanded on Jones in many cases since this point in time 1. Defendant’s conduct be intentional or reckless 2. Defendant invaded the plaintiff’s private affairs or concerns without lawful justification 3. Reasonable person would regard the invasion as highly offensive, causing distress, humiliation, or anguish

Actual Claim Payouts Hardest hit sectors were Retail and Financial Services. Heath care is a close third Small- to mid-sized organizations experienced the most incidents, while large caps lost the most records per breach The average claim payout was $733,109; Average claim payout for a large cap company was $2.9MM Claims ranged from $600 to $6.5M; most claims fell within $30,000-$400,000 32% of the losses reported has insider involvement Netdiligence 2014 cost of cyber claims study

Questions?