Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma.

Slides:



Advertisements
Similar presentations
Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.
Advertisements

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
HIPAA Privacy Rule Training
HIPAA What’s New? What Is HIPAA Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act.
Changes to HIPAA (as they pertain to records management) Health Information Technology for Economic Clinical Health Act (HITECH) – federal regulation included.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Health Insurance Portability & Accountability Act (HIPAA)
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.
Recent Trends and Insurance Considerations March 2015
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
THIS IS With Host... Your Insurance More Insurance This & That Stuff More Stuff Mixed Bag.
Overview of Cybercrime
Instructor’s Manual with Transparency Masters to accompany Introduction to Risk Management and Insurance, 7E - Dorfman © 2002 by Prentice Hall, Inc. A.
Liability and Insurance Issues Theodore A. (Ted) Feitshans Extension Associate Professor Department of Agricultural & Resource Economics North Carolina.
WHAT EVERY RISK MANAGER NEEDS TO KNOW ABOUT DATA SECURITY RIMS Rocky Mountain Chapter Meeting Thursday, July 25, :30 am – 12:30 pm.
Non Physical Business Interruption Malcolm Randles, Underwriter, Kiln Syndicate February 2011.
Quality Integrity Stewardship Courtesy Care Accountability Medical Records ARMA Florida Gulf Coast Chapter Michael Spake Lakeland Regional Medical Center.
AUGUST 25, 2015 Cyber Insurance:
ENCRYPTION Team 2.0 Pamela Dornan, Thomas Malone, David Kotar, Nayan Thakker, and Eddie Gallon.
Policy Review (Top-Down Methodology) Lesson 7. Policies From the Peltier Text, p. 81 “The cornerstones of effective information security programs are.
Is It Worth It? The Cost of Insurance. Insurance Terms Premium Deductible Underwriting.
Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
© 2013 The McGraw-Hill Companies, Inc. All rights reserved. Ch 8 Privacy Law and HIPAA.
CYBER INSURANCE Luxury or necessary protection?. What is a data breach? A breach is defined as an event in which an individual’s name plus personal information.
Imagine a health system that focuses on health, not just health care. Imagine a sustainable health system with one goal: to improve the lives of the people.
Addressing Unauthorized Release of Personal Information at UC Davis August 12, 2003.
HITECH and HIPAA Presented by Rhonda Anderson, RHIA Anderson Health Information Systems, Inc
Cyber-insurance coverage: do you have it? Robert E. Sumner, IV, Esq. and Tosh Siao of Willis Group September 17, 2015.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
1 CONFIDENTIAL ©2015 AIR WORLDWIDE New Approaches for Managing Cyber Risk.
Welcome….!!! CORPORATE COMPLIANCE PROGRAM Presented by The Office of Corporate Integrity 1.
Territory Insurance Conference, resilient future Mr Ralph Bönig, Special Counsel, Finlaysons Cyber Times and the Insurance Industry Territory Insurance.
Top 10 Series Changes to HIPAA Devon Bernard AOPA Reimbursement Services Coordinator.
CHAPTER 14, 14-2 Insurable Risks.
Data Security & Privacy: Fundamental Risk Mitigation Tactics 360° of IT Compliance Anthony Perkins, Shareholder Business Law Practice Group Data Security.
Restaurant 1. 2 There are several different types of restaurant classifications, including: Family Style Fine Dining Fast Food Buffet.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
 Health Insurance and Accountability Act Cornelius Villalon Jr.
HIPAA TRIVIA Do you know HIPAA?. HIPAA was created by?  The Affordable Care Act  Health Insurance companies  United States Congress  United States.
HOW TO AVOID COMMON DATA BREACH PITFALLS IAPP Privacy Academy 2014.
The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.
Cyber Insurance Risk Transfer Alternatives Heather Soronen - Operations Director Rocky Mountain Insurance Information Association.
Cyber: risk without borders Airmic 2016 Harrogate International Centre Tuesday 7 th June 2016.
Retail & Service 1. 2 The Retail & Service industry encompasses a wide variety of businesses. This segment includes: Businesses engaged in selling goods.
Cyber Insurance Overview July 30, 2016 Wesley Griffiths, FCAS International Association of Black Actuaries.
Cyber Insurance - Risk Exposures and Strategic Solutions
Cyber Liability Insurance for an unsecure world
HIPAA Privacy Rule Training
Cyber Insurance Risk Transfer Alternatives
Enforcement, Business Associates and Breach Notification. Oh my!
Financial Institutions – Cyber Risk
Cyber Insurance Overview
Cyber Insurance: An Update on the Market’s Hottest Product
Society of Risk Management Consultants Annual Conference
Cyber Issues Facing Medical Practice Managers
Cyber Trends and Market Update
Understanding Cyber Insurance NASCUS/CUNA Cybersecurity Symposium
By Joseph Carnevale, CIP Partner & Director of Sales
Cybersecurity compliance for attorneys
Types of Insurance Advanced Level.
Forensic and Investigative Accounting
National HIPAA Audioconferences
Cyber Security: What the Head & Board Need to Know
Presentation transcript:

Matt Foushee University of Tulsa Tulsa, Oklahoma Cyber Insurance Matt Foushee University of Tulsa Tulsa, Oklahoma

Newer protection for businesses to consider. Vocabulary Peril – Threat Claim –is paid for covered loss Actuarial – relating to using mathematics and statistics to calculate financial risk. Indemnity – protection against loss. Introduction

Small businesses use brokerages or commercial insurance agents. Commercial Liability Policy with Endorsements Professional Liability Policy with Endorsements Who Provides Cyber Insurance?

Larger businesses use specialized brokerages or commercial insurance agents. Professional Liability Policy with Endorsements Stand-alone cyber risk policies Growing segment. 28 markets. Who Provides Cyber Insurance?

What Do Cyber Policies Cover? University of Tulsa - Center for Information Security Most policies are different but most include: First Party Protection: Loss of Digital Assets Non-Physical Business Interruption Extra expenses – any additional costs (travel, postage, etc.) Cyber Extortion Cyber Terrorism Security Event Costs

What Do Cyber Policies Cover? University of Tulsa - Center for Information Security Most policies are different but most include: Third Party Protection: Network Security and Privacy Liability Employee Privacy Liability Electronic Media Liability Disclosure Law Liability California SB1386

Breach Disclosure Laws University of Tulsa - Center for Information Security California SB 1386 (2002): requires companies to notify any California resident to be notified “whose unencrypted personal information was, or is reasonably believed to have been, acquired by an unauthorized person. “ (SB1386) (SB1386) 46 States now have similar laws. Costs of breach: Notification, Credit Monitoring Services, Forensics, Pubic Relations Expenses

Breach Disclosure Laws University of Tulsa - Center for Information Security HITECH Act (Health Information Technology for Economic and Clinical Health) addresses privacy and security concerns associated with the electronic transmission of health information and strengthens civil and criminal enforcement of HIPAA rules. (HHS.gov)HHS.gov Maximum Penalties - $1.5 million for all violations per provision. “ Cyber insurance is seen as a way to get to a more secure world, without a heavy-handed government mandate that could stifle innovation,“ -Howard Schmidt, White House cyber security coordinator

Breach Disclosure Laws University of Tulsa - Center for Information Security Costs of breach: Notification Forensics Credit Monitoring Services Pubic Relations Expenses Ponemon (3/8/2011) Cost per breach average $214/record.

Post-Breach Services Notification, Credit Monitoring Services, Forensics, Pubic Relations Expenses Insurance companies often have relationships with companies that provide post-breach services to help with compliance of disclosure laws. Common service providers: University of Tulsa - Center for Information Security

What does it cost? Every company is different, has specific risks, and different controls. These attributes help determine the carriers, products, and coverage for which it qualifies. Some insurers price higher because they have little experience or properly realize the risk of cyber threats and expenses. Knowing the details of each policy is important. Risk Managers should be expected to understand these risks and purchase accordingly. University of Tulsa - Center for Information Security

What does it cost? Chevrolet vs. Lexus Example: Small IT company with two employees Only works within one state $100,000 in annual sales Liability Limit: $1,000,000 / incident, $2,000,000/ year Cost: $1200 minimum premium/ year Example: Zurich Security and Privacy Protection Policy Cost: $7,500 minimum premium/ year. University of Tulsa - Center for Information Security

The Betterley Report Details Who buys cyber insurance. Market growth opportunities. Actuarial methods. Market Penetration and Production Awareness. Opinions on Product Features. Perceptions of Insurance Companies, Brokers, and Risk Management Service Providers. University of Tulsa - Center for Information Security

Special Thanks Interviews: Tim Stapleton – Assistant Vice President Professional Liability Product Manager Zurich North America Rebecca Sank – Commercial Underwriter Erie Insurance Group John Meng – Senior Account Executive Victor O. Schinnerer & Co., Inc. Tom DeOrnellas – Senior Commercial Producer Spicer Insurance Agency University of Tulsa - Center for Information Security

Questions ?

References Web References: Interviews: Tim Stapleton – Assistant VP, Professional Liability Product Manager, Zurich North America Rebecca Sank – Commercial Underwriter, Erie Insurance Group John Meng – Senior Account Executive, Victor O. Schinnerer & Co., Inc. Tom DeOrnellas – Senior Commercial Producer, Spicer Insurance Agency University of Tulsa - Center for Information Security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.