Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (15)
Similar to Cyber insurance (linked in) the basics (tcic)
Similar to Cyber insurance (linked in) the basics (tcic) (20)
Recently uploaded
Recently uploaded (20)
Cyber insurance (linked in) the basics (tcic)
- 1. CYBER RISKS & CYBER INSURANCE The Cyber Insurance Consultancy Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 2. ‘CYBER’ – WHERE DID IT COME FROM? First coined from Mathematics Professor Norbert Wiener in 1948. Ground breaking account of various systems that led and influenced AI and complex systems. “Cyber” itself is derived from a Greek term meaning ‘steersman’ or ‘governor’ Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 3. A BRIEF HISTORY OF CYBER TIME First policies bound in the US in the late 1990’s Low product evolution due to Y2K and 9/11 2016 - US – Mature UK/Europe – Growing Asia/AU and NZ – Emerging 2008 – Cyber Premiums in region of $500m Circa. 2000 – First Betterley Report on Cyber Insurance 2020 – Global GWP Estimated at $7.5bn to $15bn Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 4. WHY BUY CYBER INSURANCE? • Privacy Legislation including the Australian Privacy Principles (APPs) • Forms part of an effective risk management framework • PCI-DSS obligations • Ubiquitous exposure - IoT • Lack of coverage within traditional insurance programs • Potential for system vulnerabilities • Benefits of accessing expertise when it is needed • Bad guys attack weaknesses not strengths Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 5. GREAT NEWS !! – YOU HAVE THE SKILLS TO SELL As an Insurance Professional, you already have risk transfer knowledge. Risk considerations and exposures associated with Cyber are very similar to those that businesses already face. Quite simply, a business faces the impact of a Cyber event on their operations and revenue. In addition to first party exposures they have to third parties (customers primarily). In line with tradition, there will be costs and expenses associated with managing impact: - including increased costs of working - business interruption - defence costs - investigation costs - other expenses such as expert services. Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 6. CYBER….YOUR FAMILIAR BUT NEW RISK Fire Damage Business Interruption Event Expenses Third Party Actions E-mail attachment contained the Virus Virus Attack Applications and Data Damage 3 weeks to reconstitute data and 3 months to recover BI Systems & Data recovery experts, Customer comms. Event Expense Customers bring action following exposure of PII Third Party Actions Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 7. CYBER COVERAGE BI Cost to replace, restore (data) from network breach Costs of extortion monies and expenses Business Interruption – loss of income and extra expenses Identity theft Breach of Privacy Failure to protect confidential data Transmission of spyware, viruses & code Notification costs incurred Regulatory Defence costs PR and Crisis Management costs Fine and Penalties 1st Party 3rd Party Costs Damage Event Expense TPAs Event Expense Event Expense Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 8. RISK TRANSFER OR COVER GAP? TRADITIONAL PROGRAM COVERS Versus COVERAGE SHORTFALLS Unlikely that policies will provide cover for data breaches Typically require physical loss or damage and may specifically exclude electronic data Would usually only respond to actions bought against D&Os for ‘Wrongful Act’ Cover is not usually afforded for information/data breaches (unless part of ‘Professional Services) Most Cyber extensions are only as effective as the underlying policy trigger GL D&O /ML PROP PI/ E&O EXTS. Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 9. LOSS SCENARIOS: LOST LAPTOP A laptop which is used by a number of employees is left in a coffee shop in the Sydney CBD. It cannot be located. The Laptop contains 25,000 customers records including names, addresses and banking information. RANSOMWARE A business owner opens their first e-mail of the day.The opening line reads “Your data has been locked by us”. The content is clear, there is a threat that the company data will be erased unless a ransom of 250 Bitcoins is paid. SYSTEMVULNERABILITY Personal and financial information has been obtain via security weaknesses in a computer system. Over 250,000 identities implicated. The Insured was made aware of the breach/es by the Federal Police and immediate cessation of operations is required. Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 10. SCENARIO 1 A company laptop has been left in a coffee shop in the Sydney CBD. It cannot be located. The Laptop contains 25,000 customers records including names, addresses and banking information. LOST LAPTOP Most policies will cover the costs of recovering data (but usually only as a result of a ‘virus’ attack). Policies do not typically cover physical property and the laptop should be insured under a property policy 1st Party Most policies will provide cover for actions bought against the insured for breach or privacy or for damages as a result of personal information impacting a third party e.g. credit history black marks. 3rd Party • Notifying customers of breach • Costs of monitoring credit reports • Defence costs in respect of third party claims or regulatory investigation/action Costs Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 11. SCENARIO 2 Business owner opens an e-mail.The opening line reads “Your data has been locked by us”. There is a threat that the company data will be erased unless a ransom of 250 Bitcoins is paid. RANSOM Extortion threats are usually covered under market forms including the payment of monies to release or prevent data damage. However, the recommendation is that no payment is made, as monies demanded can increase and there is no guarantee that data will be left untouched 1st Party In the event that any PII or PHI is exposed then most policies will respond to actions bought by third parties and/or regulatory authorities 3rd Party • Costs of monitoring credit reports • Investigation and virus removal costs • Defence costs in respect of third party claims or regulatory investigation/action Costs Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au
- 12. SCENARIO 3 Personal and financial information has been obtain via a weaknesses in a computer system. Over 250,000 identities implicated. Federal Police advised insured of the breach and immediate cessation of operations is required. SYSTEM VULNERABILITY Should the investigation result in a material impact to the operations of the business preventing them from operating, some policies do make provision for impact on profit or revenue 1st Party In the event that any PII or PHI is exposed then most policies will respond to actions bought by third parties and/or regulatory authorities. 3rd Party • Costs of monitoring credit reports • Investigation and virus removal costs • Defence costs in respect of third party claims or regulatory investigation/action Costs Chris Stallard – Chief Insurance Imagineer chris@zemstarinsurance.com.au