Presentation is loading. Please wait.

Presentation is loading. Please wait.

New A.M. Best Cyber Questionnaire

Published byRodger Robbins Modified over 6 years ago

Similar presentations

Presentation on theme: "New A.M. Best Cyber Questionnaire"— Presentation transcript:

1 New A.M. Best Cyber Questionnaire
This represents a cover page (not sure of use currently – can add text option where appropriate). New A.M. Best Cyber Questionnaire PAMIC Eastern Conference October 2015

2 Agenda Questions Guiding Principles for Boards
The A.M. Best Cyber Risk Questions Cybersecurity Framework Guiding Principles for Boards This slide layout allows for one of the following: Bullets, Tables, Chart/graph, SmartArt, Picture, Clip Art or Media Clip.

3 Cyber Security vs Information Security
Cyber Security is the use of various technologies and processes to protect networks, computers, programs and data from attack, damage or unauthorized access. Information Security is protecting information from unauthorized access, use, disruption, modification or destruction regardless of how the information is stored – electronic or physical

4 This slide layout allows for one of the following: Bullets, Tables, Chart/graph, SmartArt, Picture, Clip Art or Media Clip.

5 Content of the Questionnaire
Cyber Risks Coverage offered Privacy (HIPAA) violations Credit monitoring costs Cloud technologies and exposures General liability exposures Coverage Obtained Business interruption exposures D & O risks Reconstruction costs Reputation risks This slide layout allows for one of the following: Bullets, Tables, Chart/graph, SmartArt, Picture, Clip Art or Media Clip. January 01, 2015 Footer text replaced in Header/Footer area

6 Information from A.M. Best Presentation*
A.M Best Survey Results Show Only 3% of companies surveyed have written over 1000 cyber risk policies Companies with larger surplus positions have experienced more cyber attacks, but size does not eliminate risk 72% of companies report responsibility for cyber-security rests with IT Department. Most significant challenges reported by management is lack of data and consequent oriented analytics *A.M. Best Insurance Industry Update, IASA NY/NJ Chapter, Robert Raber, Senior Financial Analyst, A.M. Best Company, May 18, 2015

7 Information from A.M. Best Presentation*, Continued
A.M. Best added specific questions to the Supplemental Rating Questionnaire and analysts are including cyber coverage in rating meeting discussions A.M. Best Special Report “Cyber Security Presents Challenging Landscape for Insurers and Insureds”, December 5, 2014

8 Cyber Questions Has your company been a target of a data breach/cyber-attack? Where does the responsibility lie in your organization to manage cyber related risks? What controls do you have in place? Do you offer coverage as a separate policy or bundled? What are your premium and loss expectations? What are your costs for Crisis Services (forensics, notification)? What is your legal defense cost?

9 Other Questions Asked What controls (internal and external) do you have in place to manage a data breach / cyber attack (policies and procedures)? How often to you conduct penetration testing? How often do the company’s cyber security professionals receive training? During the past five years, how much have you invested in upgrading systems (hardware and software)? How much of such investment was specifically dedicated to preventive measures on cyber attacks and data breaches? How much are you planning to invest during the next two years? If you use TPA’s, cloud, shared devices (storage or otherwise) how are you managing your risks? Briefly describe your efforts to ensure up to date “best practices” and latest preventative methods are used.

10 Framework for Improving Critical Infrastructure Cybersecurity
National Institute of Standards and Technology (NIST) Framework Identify Protect Detect Respond Recover

11 Five Principles – Boards seeking to enhance oversight of cyber risks
Not just an Information Technology issue I. Cybersecurity is an Enterprise Risk Management issue: II. Boards should understand the legal implications of cyber risks III. Boards should access cybersecurity expertise and discuss regularly – standing agenda item IV. Board should set expectation that management establish an ERM framework with adequate staffing & budget V. Board & Management discussion of cyber risk strategies - avoidance, acceptance, mitigation or transfer – with specific plans National Association of Corporate Directors + AIG + Internet Security Alliance, Five Guiding Principles

12 Contact Information Lisa Cosentino, CPA, CIA, CFE, FLMI Managing Director Cell Office

Download ppt "New A.M. Best Cyber Questionnaire"

Similar presentations

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
The Role of the Director Presented by David Spear State Manager SA/NT MAY 2013.

The Role of the Director Presented by David Spear State Manager SA/NT MAY 2013.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Recent Trends and Insurance Considerations March 2015

Recent Trends and Insurance Considerations March 2015
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Computer Security: Principles and Practice

Computer Security: Principles and Practice
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Auditing Cloud Computing: Adapting to Changes in Data Management IIA and ISACA Joint Meeting March 12, 2013 Presented by: Jay Hoffman (AEP), John Didlott.

Auditing Cloud Computing: Adapting to Changes in Data Management IIA and ISACA Joint Meeting March 12, 2013 Presented by: Jay Hoffman (AEP), John Didlott.
Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.

Why are Small and Mid-Size Companies Easy Targets for Hackers, and What can You do to Protect Yourself? 2/11/2015 Asher Dahan.
The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.

The Financial Impact of Cyber Security 50 Questions Every CFO Should Ask A publication of the American National Standards Institute and the Internet Security.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Insurance Institute for Business & Home Safety Even if the worst happens, be prepared to stay.

Insurance Institute for Business & Home Safety Even if the worst happens, be prepared to stay.
Privacy & Security Policy Meets Technology at the Crossroads: Best Practice Methods & Approaches to Developing Organizational Frameworks to Avoid Collision.

Privacy & Security Policy Meets Technology at the Crossroads: Best Practice Methods & Approaches to Developing Organizational Frameworks to Avoid Collision.
Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.

Cyber Risk Insurance. Some Statistics Privacy Rights Clearinghouse o From 2005 – February 19, 2013 = 607,118,029 records reported breached. Ponemon Institute.
WWW.MISHCON.COM © MISHCON DE REYA 2014 14 MAY 2014 RECRUITMENT INTERNATIONAL FINANCIAL DIRECTORS’ FORUM Protecting your business from unlawful competition.

© MISHCON DE REYA MAY 2014 RECRUITMENT INTERNATIONAL FINANCIAL DIRECTORS’ FORUM Protecting your business from unlawful competition.
℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.

℠ Pryvos ℠ Computer Security and Forensic Services May 27, 2015 Copyright © 2015 Pryvos, Inc. 1.
Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.

Insurance of the risk Policy covers & underwriting issues Stephen Ridley, Senior Development Underwriter.
Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.

Tamra Pawloski Jeff Miller. The views, information, and content expressed herein are those of the authors and do not necessarily represent the views of.
New A.M. Best Cyber Questionnaire

New A.M. Best Cyber Questionnaire

Similar presentations

Ads by Google