Cyber Insurance - Risk Exposures and Strategic Solutions

Slides:



Advertisements
Similar presentations
Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.
Advertisements

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Recent Trends and Insurance Considerations March 2015
BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
Protection Detail: Insurance Coverage in 2012 Presented By: Nezih Hasanoglu and Kim Singleton M3 Insurance Solutions for Business.
NEFEC - Cyber Liability MICHAEL GUZMAN, ARM ARTHUR J. GALLAGHER & CO.
Overview of Cybercrime
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.
1 General Awareness Training Security Awareness Module 1 Overview and Requirements.
Non Physical Business Interruption Malcolm Randles, Underwriter, Kiln Syndicate February 2011.
AUGUST 25, 2015 Cyber Insurance:
Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
CYBER INSURANCE Luxury or necessary protection?. What is a data breach? A breach is defined as an event in which an individual’s name plus personal information.
Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma.
Cyber-insurance coverage: do you have it? Robert E. Sumner, IV, Esq. and Tosh Siao of Willis Group September 17, 2015.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
Managing Your Cyber/E&O Risk with Willis FINEX Robert Barberi, Vice President, Willis Cyber Practice.
New A.M. Best Cyber Questionnaire
Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Restaurant 1. 2 There are several different types of restaurant classifications, including: Family Style Fine Dining Fast Food Buffet.
Safeguarding Sensitive Information. Agenda Overview Why are we here? Roles and responsibilities Information Security Guidelines Our Obligation Has This.
NCBFAA Annual Conference 2015 Orlando Converging Logistics: Realities vs. Possibilities Cyber Insurance Bernie Cissek, Chairman.
Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
Law Firm LLP | Cyber Insurance | July 16th, 2014 Page 1 Cyber Exposure Landscape "The single biggest threat still is people inadvertently bringing down.
Hot Topics in Technology Transactions Presented by: Robert J. Scott
The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.
Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.
Retail & Service 1. 2 The Retail & Service industry encompasses a wide variety of businesses. This segment includes: Businesses engaged in selling goods.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
Cyber Insurance Overview July 30, 2016 Wesley Griffiths, FCAS International Association of Black Actuaries.
Cyber Liability Insurance for an unsecure world
Cyber Insurance Risk Transfer Alternatives
Breaking Down Cyber Liability
New A.M. Best Cyber Questionnaire
CYBER INSURANCE: APPLICATION REPRESENTATIONS & ONGOING POLICYHOLDER OBLIGATIONS January 26, 2017.
Financial Institutions – Cyber Risk
E&O Risk Management: Meeting the Challenge of Change
Managing a Cyber Event Steven P. Gibson President
Data protection headaches: GDPR, brexit AND perimeter risk
PENNSYLVANIA BAR ASSOCIATION PROFESSIONAL LIABILITY COMMITTEE
E&O Risk Management: Meeting the Challenge of Change
UNDERSTANDING INSURANCE: Risk Management in a High-Risk Environment
Cyber Insurance Overview
Cyber Insurance 101 South Texas Chapter Risk & Insurance Management Society May 17, 2017 Matt C. Green, Marsh.
Chapter 3: IRS and FTC Data Security Rules
Cyber Insurance: An Update on the Market’s Hottest Product
Society of Risk Management Consultants Annual Conference
Cyber Issues Facing Medical Practice Managers
Cyber Trends and Market Update
Current Privacy Issues That May Affect Your Credit Union
Understanding Cyber Insurance NASCUS/CUNA Cybersecurity Symposium
FAIR 2018 – Cyber Risks & Markets
By Joseph Carnevale, CIP Partner & Director of Sales
Cybersecurity compliance for attorneys
cyber insurance Tom Wilson Chief Risk Officer, Allianz SE
Cyber Liability Coverage – Sell it or get sued
Forensic and Investigative Accounting
Retirement Benefit Fund, Trustee and Third Party Provider Insurance
Cyber Security: What the Head & Board Need to Know
Presentation transcript:

Cyber Insurance - Risk Exposures and Strategic Solutions ILTA Webinar January 25, 2017

Speakers Debbie Novy Senior IT Manager of Special Projects Hunton & Williams dnovy@hunton.com Jack Huddleston Director of Administration Thomas Horstemeyer Jack.HuddlestonPhD@thomashorstemeyer.com Gary G. Beck, LL.M. Professional Services Group gbeck@arcxs.com Richard Creel, RPLU,ASLI,MLIS rcreel@arcxs.com

Survey 66.67% of those responding to the Cyber Liability Policy Survey DO NOT have a cyber liability policy in place 60% responded they do not have cyber liability indicating the primary reason was that they were unsure as to what limits and deductibles were appropriate 80% of those responding indicate that they are currently actively working with their broker regarding cyber liability coverage 60% of those responding have a formal incident response plan in place Those having/not having a security breach response team were split (46.67%/53.33%) almost evenly Over half (60%) of those responding indicated that they have a breach response team leader in place Jack

Understanding and Communicating the Business Case Fills gaps in other insurance that may not fully cover cyber liability Risk management – you may still be responsible if a breach occurs even if it involves hosted data Business continuity Provides resources and expertise that you may lack in setting up a risk analysis and ensuring compliance Clients are requiring it… From Jack Transition to Debbie

Understanding and Communicating the Business Case Clients are now requiring their law firms to have cyber insurance. Outside Counsel Guidelines and Security Assessment questionnaires often state a coverage amount and items that must be covered, such as: System Attacks Unauthorized access and use of computer systems Spread of malicious code Crisis management and customer notification expense Privacy regulatory defense and penalties Liability arising from the cost or disclosure of confidential data *Note – Cyber insurance may not cover all of these items. As we will discuss later, it is important to have the right combination of insurance to ensure the maximum level of protection. In addition to covering the firm, clients expect these same protections to the be extended to the law firm’s third party vendors. From Debbie

Legal Landscape: Regulations Lead to New Insurance Needs ABA Model Rule 1.6(c) Personal Data Privacy & Security Act of 2007 Health Insurance Portability and Accountability Act of 1996 (HIPAA) The Gramm-Leach-Bliley Act of 1999 (GLBA) Fair Credit Reporting Act Fair & Accurate Credit Transactions Act of 2003 Electronic Communication Privacy Act of 1986 Family Educational Rights & Privacy Act (FERPA) State Specific Security Breach Notification Laws High Tech Act (enacted with Jan 2009 Federal Stimulus Package) GDPR – New European regulations State Bar specific canons/rules and state laws Debbie (Gary would address any questions) Debbie hand off to Rick

Current Market Overview Cyber market is broadening-Significant capacity available Growth coming from small to medium firms newly aware of the possible liability Annual gross written premium estimate-$3.25 billion (up from $2.75 billion) Improved Risk Management services Sublimits reduce insurer exposure Rick

How does Cyber Coverage fill potential gap issues? Lawyers Professional Liability (LPL) Policies built to cover lawyers for malpractice Not designed to cover cyber risk (endorsements may exist) Should provide defense expenses and damages for certain third-party cyber claims First-party Property Cyber Risks are arguably not covered unless specifically included under sublimits Kidnap & Ransom Covers Ransomware/Cyber Extortion related payments Crime 1st party identity fraud expense reimbursement Rogue employee sabotage Computer crime by a third party Property / Business Interruption Physical data destruction due to fire, water, or property damage Cyber coverage excludes physical damages due to non Cyber exposures Rick/Gary

What does Cyber Insurance Cover? Common First-Party covers direct financial and consequential losses Forensic investigation of the breach Legal advise to determine your notification and regulatory obligations Business Income & Extra Expenses (due to breach) Crime Extortion Public relations Common Third-Party (includes third-parties with no direct contact) if you fail to protect your client confidential information Financial damages to that party Legal defense Settlements, damages and judgements related to the breach Regulatory fines & penalties (including Payment Card industry fines) Costs of responding to regulatory inquiries Professional liability Rick/Gary

What to Look for or Consider when Placing Cyber Insurance Liability-defense and settlement costs for the insured arising out of its failure to properly care for private data Remediation-response costs following a data breach, including investigation, public relations, customer notification, and credit monitoring Regulatory Fines and/or Penalties-the cost to investigate, defend and settle PCI (Credit Card) Fines & Penalties Business Interruption Restoration No Terrorism Exclusion No Sublimits Choice of Defense Counsel Enterprise wide protection for all your data even when its outsourced to the cloud Alternative flexible D.I.C Cyber policy can be primary, excess, or co-primary depending on LPL coverage From Gary/Rick

What to Expect When Purchasing a Policy It can be a complex process Use a broker with law firm cyber liability insurance experience Application process can be long and detailed – each carrier has their own application Present your risk in the best possible way Cost Rule-of-Thumb: 10% of the LPL premium Questions to ask: Are international offices are covered? Who is responsible for breach of data stored in the cloud? The law firm, the cloud services provider, both? A broker can help simplify the entire process From Debbie/Rick/Gary

Audience Q&A