Presentation is loading. Please wait.

Presentation is loading. Please wait.

Overview of Cybercrime

Similar presentations


Presentation on theme: "Overview of Cybercrime"— Presentation transcript:

0 Cyber loss trends, insurance coverage and claim payouts
Presented by Katie Andruchow, MBA, CIP, CRM National Cyber and Privacy Expert Aon Risk Solutions™ Financial Services Group Aon’s Cyber and Privacy Practice

1 Overview of Cybercrime
It is estimated that cybercrime costs the global economy more than $400 Billion USD a year

2 Overview of Cybercrime

3 Common Threats: Lizard Squad

4 Common Threats: Cryptolocker

5 Real Prize in Caesars Fight: Data on Players Customer loyalty program is valued at $1 billion by creditors The most valuable asset in the bitter bankruptcy feud at Caesars Entertainment Corp. isn’t the casino operator’s opulent Roman-themed resort at the heart of the Las Vegas Strip. It’s the company’s big-data customer loyalty program, valued at $1 billion by creditors.

6 Common Exposures Employee payroll information: Names, addresses, SIN number Even if payroll processing is outsourced to a third party ex ADP Human Resources records: Employee employment histories, health records, salary information Corporate confidential information Third party intellectual property, M&A documents, CRM system information Network Interruption: Security Breaches causing operational downtime Dependent Business Interruption: Key service providers experience security breaches that in turn interrupt the Insured business Cyber Extortion: threats made against an organization to disclose confidential information “or else”

7 Types of Privacy Breach Costs Incurred
First Party Costs Organization’s out-of-pocket costs Notification Expenses IT Forensics Public Relations Call Centre Expenses Brand Damage Mitigation Efforts Credit Monitoring Identity Theft Monitoring Data Recovery and Restoration Expenses Loss of Intellectual Property Business Interruption Cyber Extortion and Cyber Terrorism Third Party Liability Civil suits From business partners From employees and the general public Legal defense & damages Regulatory investigations and proceedings From privacy commissioners Fines, penalties and civil awards Costs of investigations

8 What Does a Cyber Policy Cover?
Provided on a Claims- made basis; for liability arising out of: Network security breaches to insured computer systems Network security breaches to third party service providers networks Privacy breaches: Failure to protect confidential information Transmission of malicious code to third parties Regulatory investigations, proceedings and penalties Levied by Privacy Regulatory bodies Fines, penalties and civil awards Costs of investigations

9 What Does a Cyber Policy Cover?
Privacy Breach Costs Notifications Legal Advice IT Forensics Credit Monitoring Identity Theft Monitoring Business Interruption Extra Expenses incurred because of loss Ordinary Payroll Lost Income Digital Asset Restoration Costs of Labour to recreate digital records Costs to replace damaged hardware and software Cyber Extortion

10 What Does a Cyber Policy Cover?
Additional First Party Coverage For Financial Institutions Electronic theft of funds Fund theft suffered by clients via phishing attacks For Healthcare Sector Costs and services to obtain new health care numbers For Any Risk Processing Payment Cards Payment Card Industry Fines, penalties and investigation

11 Causes of Insured Losses
2014 NetDiligence Claims Cost Report

12 Real Claim Payouts: Third Party vs. First Party

13 Tort of Intrusion Upon Seclusion
Created in Jones v Tsige in 2012 with a 3-part test: No need for economic harm or dissemination Courts expanded on Jones in many cases since this point in time 1. Defendant’s conduct be intentional or reckless 2. Defendant invaded the plaintiff’s private affairs or concerns without lawful justification 3. Reasonable person would regard the invasion as highly offensive, causing distress, humiliation, or anguish

14 Actual Claim Payouts Hardest hit sectors were Retail and Financial Services. Heath care is a close third Small- to mid-sized organizations experienced the most incidents, while large caps lost the most records per breach The average claim payout was $733,109; Average claim payout for a large cap company was $2.9MM Claims ranged from $600 to $6.5M; most claims fell within $30,000-$400,000 32% of the losses reported has insider involvement Netdiligence 2014 cost of cyber claims study

15 Questions?


Download ppt "Overview of Cybercrime"

Similar presentations


Ads by Google