Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber Risk Management in the New Digitalisation Age - Mitigating Risk with Cyber Insurance

Presentation slides from Webinar 11th Dec 2020 by Elsa Xu, Financial Lines Manager. Chubb Singapore

  • Be the first to comment

  • Be the first to like this

Cyber Risk Management in the New Digitalisation Age - Mitigating Risk with Cyber Insurance

  1. 1. Ignorance is Risk CYBER INSURANCE
  2. 2. Common Misconceptions About Cyber Insurance 2 “ My company is not exposed to cyber attacks” “We outsource so I have no risk” “Cyber attacks are only a problem for big companies” “Cyber Insurance is too expensive, I have no budget”
  3. 3. Chubb’s Global Cyber Practice Years of experience writing cyber insurance Countries with cyber policies Cyber claims handled Chubb employees in the global cyber practice Million individuals notified following privacy breach 3
  4. 4. Too small to fail? Types of Cyber incidents experienced by Companies 4
  5. 5. Chubb’s Reported Incidents by Industry Over the Last Decade 5
  6. 6. Chubb’s Three Year Average Cost of First Party Expenses following a cyber event 6 $29,830 $191,544 $74,337 $56,879 $27,423 $0 $50,000 $100,000 $150,000 $200,000 $250,000 Legal Costs Forensics Notification/Call Center Credit Monitoring PR/Crisis Response 63% of Chubb’s reported incidents are less than 100 compromised records
  7. 7. Chubb’s Exposure Statistics by Triggers Over the Last Decade 7 Human Error, 24% Hack, 19% Privacy Violations, 19% Lost/Stolen Devices, 15% Phishing, 13% Malware, 7%
  8. 8. “I’ve got nothing they want” 8 Source: Symantec 2019 Item Cost ▪ Fake ID, Drivers License Passport ▪ Hacked emails accounts ▪ Scans of Real Passports ▪ Custom Malware ( ex banking trojans) ▪ Cash redirector service ▪ Stolen Cloud Accounts ▪ Ransomware toolkit ▪ $25 to $5,000 ▪ $1 to $15 ▪ $1 to $35 ▪ $5 to $200 ▪ $5 to 1% of value ▪ $2 to $12 ▪ $0 - $250
  9. 9. Cyber Claims Examples and Incident Response Platform
  10. 10. Cyber Enterprise Risk Management Case Study 1: Ransomware attack With the servers down, the Insured was unable to fulfil their clients’ orders. Business interruption loss was estimated to cost over $250,000 a day. The hacker demanded a ransom to decrypt each server, with the ransom amount increasing if payment was not made within 2 days. The Insured is a company operating in the advertising industry, with an annual revenue of $30 million. Day of Incident During the weekend, a malicious file infected the company's servers and all files including artwork, historic and current project data were affected. The Insured reported the incident, and spoke to the Incident Response Manager on the same day. An IT forensics firm was deployed immediately.
  11. 11. Chubb's Incident Response Team assisted the Insured with a mitigation strategy by identifying less business-critical servers that could be restored from backups, and negotiating the ransom amount to release business-critical servers. 10 Days from Incident 100% of operations restored. The IT Forensics provided an incident report to the Insured, with recommendations to improve cyber security and prevent future incidents. Legal advisors assisted the Insured with the filing of a formal criminal complaint as well as other regulatory documentations. 3 Days from Incident The response team removed the ransomware from the affected servers, allowing the company to operate at 70% of typical capacity. The response team also engaged a crisis management firm to assist with client communications.
  12. 12. This cyber incident was reported through Chubb's 24/7/365 Cyber Alert mobile application, and the following stakeholders were activated to provide a holistic response to the Insured's cyber incident. Legal and Regulatory Advice IT Forensics Crisis Management Firm Forensic Accounting Report Incident Cyber Alert Incident Response Manager
  13. 13. 13 Case Study 2: Ransomware Attack, infected local drives Description of Event A construction company that outsourced its IT operations suffered a ransomware attack because an employee clicked a malicious email link, causing the company’s customer and project data to be encrypted. The ransomware infected local hard drives and data that was backed up online. Without access to the digital records, the company could not operate its business as usual. Due to the failed attempts to negotiate with the extortionist, additional costs were incurred to re-construct and re-enter customer project records. This resulted in significant downtime and major loss incurred to the business. Coverage Triggers: Ransomware, Incident Response Expenses, Data Asset Loss, Business Interruption Client Profile Location: Singapore Industry: Construction Revenue: S$5 million
  14. 14. 14 Case Study 3: Laptop Stolen Results In Invasion of Privacy Description of event: An energy company executive’s laptop was stolen from a corporate vehicle. The laptop contained significant private customer and employee information. Although the file was encrypted, the overall password protection on the laptop was weak and the PIN for accessing the encrypted information was compromised. Resolution: After assessing the nature of the information on the laptop with a forensic expert and outside compliance counsel at a cost of $50,000, the energy company voluntarily notified relevant customers and employees and afforded call centre, monitoring, and restoration services, as appropriate. While the additional first-party cost was $100,000, the energy company also incurred $75,000 in expenses responding to a multi-state regulatory investigation. Ultimately, the company was fined $100,000 for deviating from its publicly stated privacy policy Coverage triggers: Incident Response Expenses, Data Asset Loss, Privacy Liability, Business Interruption, Recovery Costs, Regulatory investigation, Potential Payment Card Loss Client Profile Location: Singapore Industry: Energy Firm Revenue: S$20 million Number of Employees: 100
  15. 15. Case Study 4: Unauthorised Access - Employee Accesses HR Site, Sells Personal Information December, 2020 Client Profile Location: Singapore Industry: Professional Services Firm Revenue: S$7.5mil 15 Description of event: A rogue employee accessed the human resource platform of a professional service provider. The employee acquired and sold social security information on the black market before being apprehended by law enforcement. Thereafter, several cases of identity theft were perpetrated against the professional service provider’s employees. Resolution: The professional service provider engaged a forensics investigator and outside compliance counsel. It also notified employees of the breach, established a call centre, and provided monitoring and restoration services to impacted employees.
  16. 16. Client Profile Location: Hong Kong Industry: Hospitality Revenue: US$150k - US$200k Case Study 5: Human Error November 25, 2020 16 • The Insured outsources its data hosting to a third party company. • One evening, before heading home, an engineer at the hosting location turned off the Insured’s firewall, by accident • The firewall remained turned off for a little over 12 hours, causing a number of servers to malfunction, which led to discovery of the error Situation • The Insured’s broker notified Chubb directly. • The Insured provided a project brief outlining the work that had to be done (including forced shutdown to isolate the potential areas of damage, installation and migration to a new host and determining the extent of any malware attack) • They sought Chubb’s assistance with identifying a suitable vendor and agreement to the brief/budget Activation
  17. 17. November 25, 2020 17 Response & Coverage Chubb acknowledged notification from broker immediately, and advised next steps. Following a sweep, it was found that no malware had been introduced. Focus was on restoring the data lost due to the malfunctioning servers, which data was restored mainly via the Insured’s backup server. Insured chose to use their own legal vendor to assist with regulatory compliance requirements, including notification of the incident to the authorities. Policy responded to cover: • Incident Response Expenses • Data & System Recovery costs
  18. 18. Chubb’s Cyber Incident Response Platform 18 Call our Hotline 24/7/365 Guaranteed response Client report cyber event using any of the following methods
  19. 19. Insurance Coverage There are first party and third party covers Data and System Recovery ** Increased cost of work and other costs to recover data, repair or restore software, identify and remove malware, and to recover business operations. > Triggered by Business Interruption Incident. FirstParty ThirdParty Business Interruption ** Covers loss of net profit and continuing operating and payroll expenses. > Triggered by Business Interruption Incident. Cyber Extortion Covers a cyber extortion payment and the cost to hire a crisis negotiation specialist. > Triggered by Cyber Extortion. Privacy & Network Security Liability ** Defence and damages for claims arising from: • Duty to maintain confidentiality of personal or corporate information • Duty to maintain a secure network for third parties Media Liability ** Defence and damages for claims arising from improper online media activity. Incident Response Costs to mitigate any cyber incident: • Incident Response Manager • IT Forensics • Legal Advice • Notification • Fraud Restoration • Call Centre • Public Relations
  20. 20. To be insured, or not? 59% do not fully understand the insurance solutions available. 62% have never purchased cyber insurance before or after an incident. The role of Insurance 53% would value having a hands-on response service. 54% would value the ability to identify and minimise the impact of a cyber incident. 20
  21. 21. Chubb. Insured.