AUGUST 25, 2015 Cyber Insurance:

Slides:

Advertisements

Similar presentations

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.

Advertisements

Beazley presentation master February 2008 Data Security & Beazley Breach Response Max Perkins October 4, 2013.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Travelers CyberRisk for Insurance Companies

Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO.

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

Page 1 Recording of this session via any media type is strictly prohibited. Edward M. Joyce Partner Jones Day Invasion of Privacy, Hacking & IP Claims:

Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

INFORMATION SECURITY & PRIVACY OVERVIEW September 23, 2014.

Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.

Recent Trends and Insurance Considerations March 2015

September 14, 2011 Network Risk/Privacy Insurance Exposure and Coverage Issues.

BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Northern Insuring Agency 1. 2 Important Notice ●This presentation is not a representation that coverage does or does not exist for any particular claim.

Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.

NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.

Overview of Cybercrime

©2015, Amy Stewart PC Title Here Cyber Insurance: The Future is Now Texas Lawyer In-House Counsel Summit May 8, 2015 Texas Lawyer In-House Counsel Summit.

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

Business Continuity from an Insurance Perspective Presented by Jim Carter Manager, Risk & Insurance.

Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.

CYBER INSURANCE Luxury or necessary protection?. What is a data breach? A breach is defined as an event in which an individual’s name plus personal information.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

. E-Business Risk and Insurance.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2013 CCH Incorporated. All Rights Reserved W. Peterson Ave. Chicago,

Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma.

Cyber-insurance coverage: do you have it? Robert E. Sumner, IV, Esq. and Tosh Siao of Willis Group September 17, 2015.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Managing Your Cyber/E&O Risk with Willis FINEX Robert Barberi, Vice President, Willis Cyber Practice.

Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

The Pitfalls of the Small Business Owner Protect Your Assets!

CYBER SECURITY PRACTICES: AN EXPERT PANEL DISCUSSION February 12, 2015 Harvard Business School Association of Boston.

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

What lessons can we learn from other data breaches? Target Sentry Insurance Dynacare Laboratories 1 INTRODUCTION.

Law Firm LLP | Cyber Insurance | July 16th, 2014 Page 1 Cyber Exposure Landscape "The single biggest threat still is people inadvertently bringing down.

Being there When you need us Thats our policy. Cyber Awareness – what can be done?

Hot Topics in Technology Transactions Presented by: Robert J. Scott

The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

MEDICAL OFFICE COVERAGES. This is a short review over many insurance coverage parts necessary to a doctor’s practice. Not all apply, and there are other.

How can your Captive help you manage Cyber risks?.

CGL Coverage B and Specific Products Covering Data Breaches Primerus Convocation Amelia Island, FL April 2015.

Cyber Liability and Data Security+. 22 AGENDA What is Cyber? Exposure to Cyber Attacks Cyber Risk Management Anatomy of a Data Breach Insurance Coverage.

Cyber Insurance - Risk Exposures and Strategic Solutions

Cyber Liability Insurance for an unsecure world

Cyber Insurance Risk Transfer Alternatives

Breaking Down Cyber Liability

Financial Institutions – Cyber Risk

Cyber Insurance presentation for: The 2nd Anti Cybercrime Forum Beirut, 29th November 2016 Alexander Blom, Head of Financial Lines, AIG MENA.

Managing a Cyber Event Steven P. Gibson President

Regulatory Compliance

Cyber Insurance 101 South Texas Chapter Risk & Insurance Management Society May 17, 2017 Matt C. Green, Marsh.

Cyber Insurance: An Update on the Market’s Hottest Product

Society of Risk Management Consultants Annual Conference

Cyber Issues Facing Medical Practice Managers

Cyber Trends and Market Update

Understanding Cyber Insurance NASCUS/CUNA Cybersecurity Symposium

Cyber Exposures The Importance of Risk Identification and Transfer

Forensic and Investigative Accounting

Cyber Security: What the Head & Board Need to Know

Colorado “Protections For Consumer Data Privacy” Law

Presentation transcript:

AUGUST 25, 2015 Cyber Insurance: Protect Your Wine Business Against Data Security Breaches and Other Cyber Risks Tyler Gerking, Partner David B. Smith, CPCU, ARM, Insurance & Risk Management Consultant

What is “Cyber” Insurance? “Cyber” insurance protects companies against losses and claims arising from data breaches. The cyber insurance market is growing in light of: recent high-profile data security breaches (e.g., Target, Neiman Marcus, Home Depot, Sony, JP Morgan Chase, Anthem, Ashley Madison); BUT not limited to high-profile or large companies; a New York Supreme Court decision finding no coverage under traditional general liability policies (Zurich American Insurance Co., et al. vs. Sony Corp. of America, No. 651982/2011 (N.Y. Sup. Ct. New York City); and The insurance industry’s modification of commercial general liability policies to exclude coverage for data security breaches The coverage is relatively new, so its scope varies among policies.

What Kinds of Information are at Risk? Consumer Information Credit Cards, Debit Cards, and other payment information Social Security Numbers, ITIN’s, and other taxpayer records Customer Transaction Information, like order history, account numbers, etc. Protected Healthcare Information (PHI), including medical records, test results, appointment history Personally Identifiable Information (PII), like Drivers License and Passport details Financial information, like account balances, loan history, and credit reports Non-PII, like email addresses, phone lists, and home address that may not be independently sensitive, but may be more sensitive with one or more of the above Employee Information Employers have at least some of the above information on all of their employees Business Partners Vendors and business partners may provide some of the above information, particularly for Sub-contractors and Independent Contractors All of the above types of information may also be received from commercial clients as a part of commercial transactions or services In addition, B2B exposures like projections, forecasts, M&A activity, and trade secrets Many people think that without credit cards or PHI, they don’t have a data breach risk. But can you think of any business without any of the above kinds of information?

Potential Causes of Data Breach Data breach—theft/disclosure/alteration of private or proprietary information Insertion of computer viruses/malware Denial of service attacks Human error – programming errors, faxing/mailing errors, carelessness in handling sensitive information Misuse/misappropriation of information Cyber extortion Left/loss of computers or unencrypted portable devices (laptops, back-up tapes)

Data Shows Widespread Losses Average total cost to a company of a data security breach in 2013 was $5.9 million, which is 15% higher than the prior year and about $200 per record (See 2014 Cost of Data Breach Study: Global Analysis by Ponemon Institute) Nearly half (44%) of all data security breaches were caused by malicious or criminal attacks; the rest resulted from human error or system glitches (Id.)

Potentially Covered Losses and Liabilities First-party losses Response expenses Crisis management/PR Forensic investigation Legal advice regarding notification req’ts and liability exposures Breach notification Credit monitoring Call center Data restoration Business interruption / reputational harm

Potentially Covered Losses and Liabilities (cont.) Defense costs and liability in third-party actions (e.g., consumers class actions, corporate customer claims) Regulatory scrutiny / investigation / fines and penalties (OCR, HHS, FTC, state AG, SEC) Limits available: Primary: up to $25 million Excess: up to $150+ million First party expenses often sub-limited

Key Issues Buying cyber insurance: What is the market like now? What is the application process? Latent intrusions before policy inception – are they covered? What is the value of first-party coverage? Can you insure against the loss or theft of intellectual property? Breaches of third-party systems – are you covered against related losses? Indemnity agreements with third-party vendors

Key Issues (cont.) Unencrypted mobile devices Coverage territory and location of security failure Trigger First-party coverage (intrusion vs. data loss) Third-party coverage (claims vs. suit) Bodily injury / property damage resulting from a data security breach Cloud providers’ special considerations PCI compliance Insurer-selected service providers

Contact Information Tyler Gerking 415.954.4968 tgerking@fbm.com David Smith 415.954.4435 dsmith@fbm.com