Vinny Sakore Vinny Sakore is the Chief Technology Officer for NetDiligence®, a Cyber Risk Management company. Former HIPAA Security Officer for Verizon.

Slides:

Advertisements

Similar presentations

Market Reform in the London Company Community John Hobbs Director of Market Services International Underwriting Association March 2008.

Advertisements

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

BalaBit Shell Control Box

Travelers CyberRisk for Insurance Companies

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Peter Brudenall & Caroline Evans- Simmons & Simmons Marsh Technology Conference 2005 Zurich, Switzerland. Managing the Security Landscape – Legal and Risk.

Page 1 Recording of this session via any media type is strictly prohibited. Page 1 The Cloud: A Necessary Risk for Business.

BROTHERS, HAWN & COUGHLIN, LLP 4-STEP PROGRAM TO HIPAA COMPLIANCE.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Northern Insuring Agency 1. 2 Important Notice ●This presentation is not a representation that coverage does or does not exist for any particular claim.

Overview of Cybercrime

WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.

AUGUST 25, 2015 Cyber Insurance:

Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.

Cyber Security Nevada Businesses Overview June, 2014.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Carlsmith Ball LLP Cyber Issues For Lawyers Deborah Bjes October 22 nd, 2015.

A PM’s Guide to Surviving A Data Breach. Compliance: PCI QSA and PCI Gap Analysis FISMA HIPAA SSAE 16 GLBA, Red Flags Response Incident Response and Disaster.

Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.

Looked at a sampling of 140 claims Per Breach Costs –Average claim : $733K Large Co. = $2.9 Mil Healthcare = $1.3 Mil Per Record Costs –Average.

Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.

Legal, Regulations, Investigations, and Compliance Chapter 9 Part 2 Pages 1006 to 1022.

CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)

HOW TO AVOID COMMON DATA BREACH PITFALLS IAPP Privacy Academy 2014.

The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.

Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.

CGL Coverage B and Specific Products Covering Data Breaches Primerus Convocation Amelia Island, FL April 2015.

10/04/2016 David LaPlante, CISO Information Security & Cybersecurity Program Planning Critical Infrastructure Cyber Security Framework.

Cyber Insurance - Risk Exposures and Strategic Solutions

Claims and Losses Panel: Latest trends

Cyber Insurance Risk Transfer Alternatives

Law Firm Data Security: What In-house Counsel Need to Know

Tackling Data Related Challenges in Contracts

Hot Topics in the Financial Industry: Cybersecurity

Executive Director and Endowed Chair

Financial Institutions – Cyber Risk

Comprehensive Security and Compliance at an Affordable Price.

Insurance Technology Forums: ‘IT Matters’ Forum

Managing a Cyber Event Steven P. Gibson President

Regulatory Compliance

Responding to Intrusions

Cyber Incident Response When You Didn’t Have a Plan

GDPR Awareness and Training Workshop

Global Cyber Insurance Market By Manufacturers, Countries, Type And Application, Forecast To 2022 Publish Date : 04-Dec-2017 No of Pages : 116 Single User.

Liability Coverage Structure Self Insured Retention ($3M)

Cybersecurity – Three Perspectives

Cyber Risk Management Through Vendor Contracts

Chapter 3: IRS and FTC Data Security Rules

Agenda Consumer ID theft issues Data breach trends Laws and regulations Assessing and mitigating your risk.

Society of Risk Management Consultants Annual Conference

Andy Hall – Cyber & Tech INSURANCE Specialist

Cyber Security in the Mortgage Industry

Cyber Issues Facing Medical Practice Managers

General Counsel and Chief Privacy Officer

Cyber Trends and Market Update

National Cyber Security

Vinny Sakore Vinny Sakore is the Chief Technology Officer for NetDiligence®, a Cyber Risk Management company. Former HIPAA Security Officer for Verizon.

Cyber Risk & Cyber Insurance - Overview

Tips on Privacy Audits and Assessments Insurance Consumer Affairs Exchange October 2, 2005 Kirk Herath, CPO & Associate General Counsel, Nationwide Insurance.

Anatomy of a Large Scale Attack

Neil Kirton and Zoë Newman

Cyber Security: What the Head & Board Need to Know

Cyber and Social Media in Long Term Care LTC Risk Legal Forum

Session 8: Innovative Uses of Captives: Cyber and Beyond

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Anatomy of a Common Cyber Attack

Presentation transcript:

Vinny Sakore Vinny Sakore is the Chief Technology Officer for NetDiligence®, a Cyber Risk Management company. Former HIPAA Security Officer for Verizon Mr. Sakore speaks nationally and internationally on topics ranging from Cyber Risk, Mobile Threats, Cloud Security, and HIPAA Security. Linked-In:https://www.linkedin.com/in/vinnysakore/ Twitter: @VinnySakore

15+ years supporting the cyber liability insurance industry. About NetDiligence® Sampling of insurers that we support: Aegis AIG Allianz Arch Argo Aspen Axis Barbican Beazley Berkley Berkshire Hathaway Brit Chubb Cuna Mutual DMI Endurance Hiscox HSB Ironshore Kiln Liberty Markel National League of Cities One Beacon Philadelphia Principia QBE RLI Starr Swiss RE Travelers Trans Re USLI Vela XL Zurich 15+ years supporting the cyber liability insurance industry. For loss control service, we support the majority of cyber liability insurance markets. We conduct cyber risk assessments on organizations – and their vendors – all sizes & sectors. We build/ host Breach Response Plans We also support most (60+) cyber risk insurers – and their insured clients – with post data breach crisis support via eRisk Hub We also host four Cyber Risk and Privacy conferences annually. They are located in London, Philadelphia, Santa Monica and Toronto.

How Real is the Threat to the Energy Sector “multi-stage intrusion campaign by Russian government cyber actors where they staged malware, conducted spear phishing, and gain remote access into energy sector networks. - Department of Homeland Security and the FBI How Real is the Threat to the Energy Sector Source: 2016 SANS Study on Cyber Threat Intelligence

NetDiligence® 2017 Cyber Claims Study Claims Submitted: 2,411 Per Breach Costs (N=570) 3-Year Average Breach Cost: $394K Comment: More representative of ‘Main Street’, avg. lowered this year by increased population of SME @ 87%. 2016 1-Year Average: $665K Large Company: $3.2M Per-Record Costs (N=313) 2014-2017 Average Per-Record Cost: $8K (median $46) Cost Range: $0.02-$1.6M

NetDiligence® 2017 Cyber Claims Study Crisis Services Costs (forensics, legal counsel, notification, ID/credit monitoring, etc.) 2014-17 Average Cost of Crisis Services: $249K 2016 Average Cost of Crisis Services: $357K Legal Costs (defense & settlement) Average Cost of Legal Defense: $121K Average Cost of Regulatory Defense: $696K Average Cost of Settlement: $255K 3 yr avg

NetDiligence® 2017 Cyber Claims Study Phishing (N=46)* Average Breach Cost: $181K Ransomware (N=60) Average breach cost: $61K PhishFight® See in eRiskHub® *Phishing includes Phishing, BEC and Wire Transfer Fraud

NetDiligence® 2017 Cyber Claims Study “Breach-less” Claims Denial of Service (DDoS) Breach Response Average claim: $259K BI/Revenue Loss Average: $27K Total Breach Cost Average: $411K Wire Transfer Fraud Average Payout Loss: $180K

NetDiligence® 2017 Cyber Claims Study PII Hacker

NetDiligence® 2017 Cyber Claims Study SMEs approx. 87% Prof Services Health

Trends Driving Risk Assessment and Breach Planning Compliance – HIPAA, DFS and other regulations are driving the need for having an accessible, documented risk assessment and breach response plan Risk Management - Having an active risk management program and an actionable breach response plan at your finger tips or a moments notice is critical Insurance Requirement -- Many leading cyber liability insurance carriers request/require clients to have risk assessments and a breach response plan Partner / Supplier Requirements – Certain business partners they are more often requiring a data breach plan

DR/IR TIPS FROM NETDILIGENCE® TIP 1: Build an Internal Incident Response Team (IRT) Executive Management Compliance, Legal, Privacy & Insurance Risk Management Finance & Audit Human Resources & Customer Service Information Technology (IT) & Information Security Marketing & Public Relations Do they even know that they are part of the team?

TIP 2: Ensure Your Plan is Reviewed by Counsel DFS, HIPAA, SOX, GDPR?

TIP 3: Ensure Your Plan is Accessible and Actionable A twenty page document is NOT actionable? Who is the first call? Is there a checklist of key action items? Who are our experts to engage for help? Breach Coach® lawyer for hands-on guidance, as well as experts such as computer forensic investigators.

Vinny Sakore NetDiligence® Thank you! Vinny Sakore NetDiligence® Vinny.Sakore@NetDiligence.com