Your SlideShare is downloading. ×
Cyber Liability Insurance
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Cyber Liability Insurance


Published on

Cyber liability training course delivered on behalf of the California Surplus Lines Association in May 2013 in San Francisco and Los Angeles.

Cyber liability training course delivered on behalf of the California Surplus Lines Association in May 2013 in San Francisco and Los Angeles.

Published in: Economy & Finance

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Cyber LiabilityGraeme Newman, CFC Underwriting
  • 2. “The Internet?We’re not interested.”Bill Gates, Microsoft Founder, 1993
  • 3. Percentage of Americanswho are onlineAverage number of hoursspent online each dayNumber of years it took theInternet to reach 50 million users.It took radio 38 and television 13.78%4+4Percentage of the world’spopulation now using Facebook16%Number of US marriedcouples who met online1 in 8
  • 4. 10 Things the Internet Has Killed or Ruined…7. Nigeria’s
  • 5. 1,000,000,000,000,000,000Bytes1 Exabyte =
  • 6. File storage through time…The 1950s…=1GB of information
  • 7. The 1970s…=2GB of information
  • 8. Today…=64GB of information(or 5,000 filing cabinets)
  • 9. Ronnie BiggsThe Great Train Robbery, 1963
  • 10. Albert GonzalesHeartland Hack, 2007
  • 11. 20111995200020022007201220092010
  • 12. • Pure play internet business models• Privacy related regulations• High fraud / crime risk• Large customer bases• Storage of very sensitive data• High profile targets• Blended online / offline• Storage of sensitive data• Highly connected• Heavy reliance upon systems• Incidental exposure• Brochure websites• Office-based• Sensitive dataSocialNetworksBanksHospitals GamblingTravel AgentsUniversities / CollegesRetailersMovie TheatersCharitiesAccountants Recruitment ConsultantsLogisiticsManufacturingLawyersInsurance AgentsHigh RiskMedium RiskLow RiskPayment ProcessorsEnergy / Utility Companies HotelsRestaurants Medical ClinicsPublic EntitiesFinancial AdvisorsAirlines MSP / ASP / ISPIT ConsultantsDistributionArchitects Engineers
  • 13. Quiz
  • 14. Cyber & PrivacyCommercialGeneralLiabilityProfessionalLiabilityCrimePropertyManagementLiability
  • 15. “All animals are equal,but some are more equalthan others.”George Orwell, Animal Farmcyber policies
  • 16. • Privacy liability• Virus / hacking liability (cyber liability)• IP infringement / defamation (media liability)• Content liability / Errors & Omissions• Privacy breach notification• System damage• Business interruption• Cyber crime• Brand protection / crisis managementThird partyliabilityFirst partyloss
  • 17. Virus / hacking (cyber) liabilityExtends to cover contractors, vendors and hostingprovidersCovers a computer virus “in the wild”, not just specificAvoid “other insurance” provisions
  • 18. Privacy LiabilityAvoid sub-limits for regulatory actionsFull worldwide jurisdictional coverNo contractual liability exclusionAvoid hard-coded definitions of PII or sensitive dataInclude cover for fines and penalties (where insurable)
  • 19. Privacy breach notificationFull voluntary breach notificationSeparate limit available for breach notification24/7 expert claims responseCoverage for credit monitoring, forensic consultants, call centeType of breach covered: paper / electronic, fault / no-fault
  • 20. Multimedia liabilityEnsure not restricted to just the insured’s website andemailCover for social media liability and “corporate” bloggingCover for digital content, regardless of distributionchannelSeek cover on an “all risks” basis (except patent)
  • 21. System damage“All risks basis” not just named perilsAvoid “security breach” triggerInclude staff overtime and additional cost of workingNo exclusion for lack of risk managementExtends to cover perils at an outsourced or cloudprovider
  • 22. Business interruptionFinancial retention v time retentionScope of perils coveredExtends to cover perils at an outsourced or cloud providerAt least a three month indemnity periodCoverage for contingent loss of future sales
  • 23. Business interruptionTimeRevenueSecurity BreachIndemnity Period (max 3 months)Contingent Period (max 12 months)Direct LossReputational LossWait period
  • 24. Cyber crimeEmployee crime or third party crimeCover for cyber threats and extortionThird party theft of electronic fundsCover for telephone hackingCover for phishing scams
  • 25. Other key considerationsRetroactive date and cover for prior acts“Pay on behalf of” v “Reimbursement” languageWar and terrorism exclusionsExtent of encryption warrantiesRisk management conditions
  • 26. Future trends
  • 27. Underwriting cyber
  • 28. Underwriting cyber
  • 29. Quiz
  • 30. Security Breach: Hospital
  • 31. Denial of Service: Hotel
  • 32. “Spear-phishing”: Charity
  • 33. Quiz
  • 34. CFC Underwriting Ltd.85 Gracechurch StLondon EC3V 0AA+44 (0) 207 220 us