A Closer Look at How Buyers are Purchasing Cyber Insurance optimal A Closer Look at How Buyers are Purchasing Cyber Insurance ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Key Issues for Discussion Insurers Key Issues for Discussion Cyber Landscape Market Overview Coverages Purchased Structures Limits Drivers behind Purchases e optimal ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Cyber Trends Evolving Risk Landscape Threat Actors Increased Internet accessibility globally The Internet of Things and interconnectivity Network Interruption claims BI/PD damages? Change in sophistication and malice Organized crime State sponsored espionage Hacktivists Change in motive For profit/financial gain Political Physical damage over economic damage Threat Actors Data and Device Proliferation The Balance between Privacy and Efficiency Consumers wanting easy and quick access but also wanting privacy protections Punitive Legal and Regulatory Environment Chain of contractual liability Additional cyber oversight by regulatory bodies Global changes in legal landscape (i.e., EU Directive) U.S. Federal Cyber Security Proposals under consideration Who owns the data? Who is legally responsible? What ramifications for utilization of a third party vendor? Reputational aspect ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Regulatory Environment – Results from the 2016 California Breach Report Unique regulations in 46 states, D.C., Guam, Puerto Rico, and the Virgin Islands Onerous reporting requirements/timeframes and shift in presumption of use of lost data (“harm” trigger vs. “loss trigger”) Formatting of breach notices and attendant costs Stability in number of breaches, increase in affected individuals 24M Californians affected in 2015 (up from 4.3M in 2014) Breach Types Malware and hacking breaches are caused by intentional intrusions into computer systems by unauthorized outsiders. . Physical breaches result from the theft or loss of unencrypted data stored on laptops, desktop computers, hard drives, USB drives, data tapes or paper documents. Error breaches stem from anything insiders (employees or service providers) unintentionally do or leave undone that exposes personal information to unauthorized individuals. Misuse breaches are the result of trusted insiders intentionally using privileges in unauthorized ways ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
32+ 30+ 9+ Market insights Understanding Risk Appetite 16 $3B $500M Endurance THE NUMBERS 32+ Domestic Markets 30+ Lloyd’s syndicates 9+ Bermuda Markets 16 Number of years that a dedicated policy has been offered $3B Total estimate of current annual premium placed in the market $500M Largest cyber stand-alone program placed in the market 27% Increase in purchasers in 2016, following 32% and 21% in years prior ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Insurance overview Insuring Agreements Explained Third Party Coverage Errors & Omissions (E&O) Coverage for defense costs and damages arising out of allegations of acts, errors, omissions or negligence in providing services to others. Can include specialized Tech E&O or Miscellaneous Professional Liability cover Security/ Privacy Coverage for defense costs and damages arising out of a 1) failure or violation of the security of a computer system or network or 2) a failure to protect confidential information or any violation of a federal, state, foreign or local privacy statute are all included under these coverage grants Can include coverage for PCI fines, penalties and/or assessments as well Regulatory Coverage for costs to respond to a governmental investigation arising out of a privacy event. Includes coverage for fines and penalties to the extent allowed by law Media Coverage for third party claims alleging libel, slander, copyright/trademark infringement, invasion of privacy, etc. arising out of all content distributed by a company Breach Response Coverage for costs to respond to a data breach, including costs to conduct an investigation (including forensics costs) as to the cause of the event, public relations costs, notification costs, costs to offer credit monitoring/ID Theft services Network Interruption Coverage for loss incurred by the insured following a security failure (usually after a waiting period and subject to a monetary retention). Insurable costs can include extra expense caused by the interruption and lost revenue Data Restoration Costs to restore/recreate electronic data after a failure or violation of the security of a computer system Cyber Extortion Coverage for loss incurred by the insured for money paid with the Insurer’s consent to resolve a cyber security threat and costs to investigate the cause of the threat First Party Coverage ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Insurance overview Ancillary Coverages Explained Employed Lawyers (CCP) Liability coverage for defense costs and damages arising out of the work done by employed corporate lawyers. Includes coverage for lawyers’ actions while providing moonlighting and pro bono services. Reputation Guard First party coverage for public relations costs incurred responding to any act or event that, if or when disclosed in a publication and seen by the company’s stakeholders, could have an adverse impact on public perception of the insured. System Failure Broadens the first party trigger for Network Interruption coverage from security failures (e.g. hacks) to any unintentional outage (e.g. computer glitches). ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Risk Management – Underwriting to Issuance Cyber application – Two pages to…many pages Underwriting questions act as risk management guide to best practices (too many “no” answers indicate room for improvement) Spurs interaction with IT department and initiates process improvements IT security calls to in-person meetings Risk Management Assistance Hardware/Software Network protection hardware/software At risk IP Address tracking/denial to support Anti-virus and Firewall protection Educational Tools/Incident Response Assistance JLT Specialty USA | December Board Meeting
Elimination of Sub-limits Tech E&O or MPL with Cyber JLT Cyber Structures Elimination of Sub-limits Tech E&O or MPL with Cyber Overlap with Other Lines – Property, GL, Crime Large Limit Facilities optimal ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
JLT Cyber Limits What limit should I buy? Frequent question. Contractual requirements Number of records/Company Size/Industry Benchmarking Analytics optimal SAMPLE CYBER LOSS SCENARIO QUANTIFICATION Maximum Probable Loss Frequency: Chances of at least one loss occurring in a year Average Severity: If a loss has happened, on average how big will it be? 1-in-100 Severity: If a loss happened, what is the 1-in-100 worst case for how big it could be? 1-in-250 Severity: If a loss happened, what is the 1-in-250 worst case for how big it could be? ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Drivers behind Purchases Contract requirements JLT Cyber Drivers behind Purchases Contract requirements Increase in perceived exposures Board/Management inquiries Media Attention Other? optimal ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance
Questions/Discussion JLT Cyber optimal Questions/Discussion ACI | A Closer Look at How Buyers are Purchasing Cyber Insurance