Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Insurance Overview

Published byIndra Hadiman Modified over 6 years ago

Similar presentations

Presentation on theme: "Cyber Insurance Overview"— Presentation transcript:

1 Cyber Insurance Overview
International Association of Black Actuaries July 30, Wesley Griffiths, FCAS

2 Disclaimer The views expressed in these materials are those of the author and do not necessarily reflect the views of The Travelers Companies, Inc., or any of its subsidiary insurance companies ( “ Travelers” ).  These materials are for general informational purposes only.  This information does not amend, or otherwise affect, the terms, conditions or coverages of any insurance policy issued by Travelers.  This information is not a representation that coverage does or does not exist for any particular claim or loss under any such policy or bond.  Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law.

3 Session Agenda Cyber Policy Overview Coverage Examples Claim Scenarios
Underwriting and Pricing Considerations Q & A

4 Cyber Insurance – The Policy
Policies contain both first and third party coverages. Network and Information Security is typically the only mandatory purchase. Some of the coverages can be purchased as part of a crime, financial institutions bond, or kidnap & ransom policy CONFIDENTIAL & PROPRIETARY

5 CONFIDENTIAL & PROPRIETARY
Typical Coverages Third Party Liability Coverages Network & Information Security Liability Communications & Media Liability Regulatory Defense Expenses First Party Coverages Crisis Management Event Expenses Security Breach Remediation & Notification Expenses Computer Program & Electronic Data Restoration Expenses Computer Fraud Funds Transfer Fraud E-Commerce Extortion Business Interruption & Additional Expenses Per Person Notification Expense Coverage Forensic and Legal Services Expense Coverage CONFIDENTIAL & PROPRIETARY

6 Network and Information Security Liability
What is covered? Failure to prevent unauthorized access of personally identifiable information (PII). Failure to prevent transmission of a computer virus Failure to provide access to authorized users Failure to provide notice of unauthorized access CONFIDENTIAL & PROPRIETARY

7 Network & Information Security– Claim Example
An unauthorized user was able to access a companies commercial bank account and make $150,000 of wire transfers. The breach occurred in the customers computer system but they claimed the bank was negligent in processing the transfer. An insurance company ended up paying $140,000 An insured was contracted to mail out student IDs for a large public university. The ID numbers were inadvertently published in the window of the envelope and found to actually be the student’s social security numbers. Some of the impacted students sued and settled for $5,000 per student. An insurance company paid out $62k in defense and indemnity payments. CONFIDENTIAL & PROPRIETARY

8 Communications & Media Liability
What is covered? Unauthorized use of copyright, title, slogan, trademark, domain name, logo or service name. Plagiarism or unauthorized use of literary or artistic format Defamation, libel, slander or disparagement. Claim Example An advertising company contracted with 3 models to create some photos for client products and ads. The license for the photos expired but the insured continued to use the pictures on their website. The matter was settled between the parties for $900k. An insured used a larger competitor’s logo and trademark to help to re-sell that company’s products on its website. CONFIDENTIAL & PROPRIETARY

9 Regulatory Defense Expenses
What is covered? Defense expenses incurred while defending a claim brought by the Federal Trade Commission, Federal Communications Commission, state attorney’s general, or other federal, state, local or foreign governmental entity. Claim Example A data aggregation organization that had inadequate controls around who it gave sensitive information. There were over 800 identify thefts. The FTC did an investigation and fined the company $15M. Defense costs would have covered. A large private university suffered a large data breach. After the disclosure of the matter, the state attorney general launched an investigation into the breach. The university spent $32k on defense expenses. - CONFIDENTIAL & PROPRIETARY

10 Crisis Management Event Expenses
What is covered? Public relations services recommended and provided by an approved service provider to mitigate any negative publicity. CONFIDENTIAL & PROPRIETARY

11 Security Breach Remediation and Notification Expenses
What is covered? Cost of identifying the owner of the information that was accessed Cost of developing notification materials for affected persons Cost of mailing or other communication to affected persons Cost of 1 year of credit monitoring services for affected persons Cost of establishing a call center for use by affected persons Cost of complying with security breach notification laws Cost of purchasing an identity fraud insurance policy for affected persons CONFIDENTIAL & PROPRIETARY

12 Security Breach Remediation and Notification Expenses
Claim Example A large private university determined that their computer system had been breached and that 160,000 student, prospective student and alumni data records had been stolen. The costs of notification and investigation exhausted their limit and their insurance company paid 750k. CONFIDENTIAL & PROPRIETARY

13 CONFIDENTIAL & PROPRIETARY
Top 10 Data Breaches Between 2009 and 2016, the top 10 data breaches exposed anywhere from 50,000,000 to 191,000,000 records each. CONFIDENTIAL & PROPRIETARY

14 Security Breach Remediation and Notification Expenses
Current Format Dollar limit and retention that apply to notification expenses Same limit applies to forensic expenses as well Per Person Coverage Insurance company agrees to notify a certain number of people outside of the policy limit Separate dollar limit for forensic expenses CONFIDENTIAL & PROPRIETARY

15 Computer Program & Electronic Data Restoration Expenses
What is covered? Cost to restore, replace or reproduce damaged or destroyed computer programs, software, or other electronic data stored within a computer system. Claim Example An insured’s computer system was infected with a Cryptolock virus. The insured had outside vendors spend 60 hours removing the virus, restoring files and checking all servers for the virus. The total cost of the services was $27,000. CONFIDENTIAL & PROPRIETARY

16 Business Interruption
What is covered? Business income or extra expense resulting directly from an intentional attack of a computer system electronically transmitted or a computer virus. There are two forms of evolving coverage Contingent business interruption System Failure coverage CONFIDENTIAL & PROPRIETARY

17 CONFIDENTIAL & PROPRIETARY
Computer Fraud What is covered? Direct loss of money, securities or property from any intentional, unauthorized and fraudulent entry of data or computer instructions into an insured computer system. CONFIDENTIAL & PROPRIETARY

18 CONFIDENTIAL & PROPRIETARY
Funds Transfer Fraud What is covered? Direct loss of money, securities caused by an intentional, unauthorized and fraudulent instruction transmitted by electronic means to a Financial Institution. CONFIDENTIAL & PROPRIETARY

19 CONFIDENTIAL & PROPRIETARY
E-Commerce Extortion What is covered? Any money or securities paid as a demand to someone who has made a threat to transfer company funds, sell or disclose customer information, damage or destroy computer programs or data, introduce a computer virus or an intentional attack that depletes system resources. CONFIDENTIAL & PROPRIETARY

20 Rating and Underwriting of Cyber Coverages
Rating basis used is typically revenue of the organization Final price determined through an underwriting evaluation based on: Types of PII, and number of records Volume of time sensitive transitions made Internal controls (security) Industry being served Online presence (website and social media content) Risk transfer (contractual) Current cyber trends CONFIDENTIAL & PROPRIETARY

Download ppt "Cyber Insurance Overview"

Similar presentations

A GIA is a contract between a surety company and a contractor (or subcontractor)/principal. A GIA is a standard, typical document in the construction.

A GIA is a contract between a surety company and a contractor (or subcontractor)/principal. A GIA is a standard, typical document in the construction.
Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.

Property Inventory Valuation Replacement Cost Value The amount it would take to replace property with like property of the same quality and construction.
Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.

Insurance in the Cloud Ben Hunter, Canadian Underwriting Specialist Technology Insurance Specialty Chubb Insurance Company of Canada.
Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.

Presented at: Ctuit Software and Lathrop & Gage LLP Food & Hospitality Roundtable San Francisco, CA April 29, 2013 Presented by: Leib Dodell, Esq.
©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.

©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008.
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.

IS BIG DATA GIVING YOU A BIG HEADACHE? Risk Reduction - Transactional, International and Liability Issues Oregon State Bar Corporate Counsel Section Fall.
Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,

Cyber Insurance Today: Lots of Interest, Lots of Product Innovation, and Lots of Risk Richard S. Betterley, CMC Betterley Risk Consultants, Inc. Sterling,
Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.

Lockton Companies International Limited. Authorised and regulated by the Financial Services Authority. A Lloyd’s Broker. Protecting Your Business from.
Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved. 4025 W. Peterson Ave. Chicago, IL 60646-6085.

Forensic and Investigative Accounting Chapter 16 Cybercrime Loss Valuations © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.

Financial Institutions – Cyber Risk Managing Cyber Risks In An Interconnected World State Compensation Insurance Fund Audit Committee Meeting – February.
Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.

Presented by: Jamie Orye, JD, RPLU Beazley Group Pennsylvania Association of Mutual Insurance Companies Annual Spring Conference March 12, 2015.
Recent Trends and Insurance Considerations March 2015

Recent Trends and Insurance Considerations March 2015
2 3 4 5 6 www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

Presented by: Paul J. Miola, CPCU, ARM Executive Director October, 2013.

Presented by: Paul J. Miola, CPCU, ARM Executive Director October, 2013.
BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius 4444 50% Hiscox 33 50% to May 2010, replaced.

BACKGROUND  Hawkes Bay Holdings/Aquila Underwriting LLP  Established 2009 utilising Lloyd’s capacity: Canopius % Hiscox 33 50% to May 2010, replaced.
Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.

Cyber Risk Enhancement Coverage. Cyber security breaches are now a painful reality for virtually every type of organization and at every level of those.
ICSA Professional Indemnity, Directors & Officers Insurance for Financial Institutions Magnus McGurk, Business Development Manager, SME Professional Lines.

ICSA Professional Indemnity, Directors & Officers Insurance for Financial Institutions Magnus McGurk, Business Development Manager, SME Professional Lines.
General Awareness Training

General Awareness Training
Managing Risk in Cloud Computing Contracts Henry Ward and Todd Taylor April 30, 2015.

Managing Risk in Cloud Computing Contracts Henry Ward and Todd Taylor April 30, 2015.

Similar presentations

Ads by Google