View
480
Download
2
Category
Tags:
Preview:
DESCRIPTION
Cyber liability training course delivered on behalf of the California Surplus Lines Association in May 2013 in San Francisco and Los Angeles.
Citation preview
Cyber LiabilityGraeme Newman, CFC Underwriting
“The Internet? We’re not interested.”
Bill Gates, Microsoft Founder, 1993
Percentage of Americanswho are online
Average number of hoursspent online each day
Number of years it took theInternet to reach 50 million users.It took radio 38 and television 13.
78%
4+4
Percentage of the world’spopulation now using Facebook16%
Number of US married couples who met online1 in 8
10 Things the Internet Has Killed or Ruined…
7. Nigeria’s Reputation
PCWorld.com
1,000,000,000,000,000,000
Bytes
1 Exabyte =
File storage through time…
The 1950s…
=1GB of information
The 1970s…
=2GB of information
Today…
=64GB of information(or 5,000 filing cabinets)
Ronnie BiggsThe Great Train Robbery, 1963
Albert GonzalesHeartland Hack, 2007
2011
1995
2000
2002 2007
2012
2009
2010
• Pure play internet business models• Privacy related regulations• High fraud / crime risk• Large customer bases• Storage of very sensitive data• High profile targets
• Blended online / offline• Storage of sensitive data• Highly connected• Heavy reliance upon systems
• Incidental exposure• Brochure websites• Office-based• Sensitive data
Social Networks
Banks
Hospitals Gambling
Travel Agents
Universities / CollegesRetailers
Movie Theaters
Charities
Accountants Recruitment Consultants
Logisitics
ManufacturingLawyers
Insurance Agents
High Risk
Medium Risk
Low Risk
Payment Processors
Energy / Utility Companies Hotels
Restaurants Medical Clinics
Public Entities
Financial Advisors
Airlines MSP / ASP / ISP
IT Consultants
DistributionArchitects Engineers
Quiz
Cyber & Privacy
CommercialGeneralLiability
ProfessionalLiability Crime
Property
ManagementLiability
“All animals are equal,but some are more equalthan others.”
George Orwell, Animal Farm
cyber policies
• Privacy liability
• Virus / hacking liability (cyber liability)
• IP infringement / defamation (media liability)
• Content liability / Errors & Omissions
• Privacy breach notification
• System damage
• Business interruption
• Cyber crime
• Brand protection / crisis management
Third party
liability
First party
loss
Virus / hacking (cyber) liability
Extends to cover contractors, vendors and hosting
providers
Covers a computer virus “in the wild”, not just specific
Avoid “other insurance” provisions
Privacy Liability
Avoid sub-limits for regulatory actions
Full worldwide jurisdictional cover
No contractual liability exclusion
Avoid hard-coded definitions of PII or sensitive data
Include cover for fines and penalties (where insurable)
Privacy breach notification
Full voluntary breach notification
Separate limit available for breach notification
24/7 expert claims response
Coverage for credit monitoring, forensic consultants, call center
Type of breach covered: paper / electronic, fault / no-fault
Multimedia liability
Ensure not restricted to just the insured’s website and
Cover for social media liability and “corporate” blogging
Cover for digital content, regardless of distribution
channel
Seek cover on an “all risks” basis (except patent)
System damage
“All risks basis” not just named perils
Avoid “security breach” trigger
Include staff overtime and additional cost of working
No exclusion for lack of risk management
Extends to cover perils at an outsourced or cloud
provider
Business interruption
Financial retention v time retention
Scope of perils covered
Extends to cover perils at an outsourced or cloud provider
At least a three month indemnity period
Coverage for contingent loss of future sales
Business interruption
Time
Revenue
Security Breach
Indemnity Period (max 3 months)
Contingent Period (max 12 months)
Direct Loss
Reputational Loss
Wait period
Cyber crime
Employee crime or third party crime
Cover for cyber threats and extortion
Third party theft of electronic funds
Cover for telephone hacking
Cover for phishing scams
Other key considerations
Retroactive date and cover for prior acts
“Pay on behalf of” v “Reimbursement” language
War and terrorism exclusions
Extent of encryption warranties
Risk management conditions
Future trends
Underwriting cyber
Underwriting cyber
Quiz
Security Breach: Hospital
Denial of Service: Hotel
“Spear-phishing”: Charity
Quiz
CFC Underwriting Ltd.
85 Gracechurch St
London EC3V 0AA
+44 (0) 207 220 8500
enquiries@cfcunderwriting.com
www.cfcunderwriting.com
www.technologyinsuranceblog.com
www.mediainsuranceblog.com
www.twitter.com/cfcunderwriting
www.linkedin.com/company/cfc-underwriting-ltd.
Contact us
Recommended