Cyber Risks

OVERVIEW

Exposures
Stakeholders
Assessment
Prevention Strategies

TERMS

Cyber
Data Breach
Denial of Service
Virus

CYBER FACTS

A hacker can operate from anywhere in the world.

Organized crime rings operate worldwide 24/7.

What DATA is at stake?

Personal Identifiable Information

Drivers License
Birth Date
Social Security Number
Financial Account Numbers
Credit Card Numbers
Personal Health Information

Financial Information
Proprietary Information and Business Secrets

CYBER FACTS
A breach can also result from:
REGULAR E-MAIL
ACCIDENTAL E-MAIL
IMPROPER DISPOSAL
Laptop
Mobile Device

Where is the Danger?

Are the Risks REAL?

563,656,459

50% have 1,000 employees or less

26% were on companies with 11 to 100 employees

Compliance Law

As of September 1, 2012, only Alabama, Kentucky, New Mexico and

South Dakota have no laws related to security breach notification

How Much Does a Data Breach Cost?

The average cost of a data breach in 2012 was:

$194 per lost customer record

($80 notifications + $114 lost business)
Additional Costs
1. Public relations
2. Technology changes and staff retraining
3. Reward expenses
4. Extortion demands
5. Replacing stolen funds or securities
6. Compliance Fines and Fees

STAKEHOLDERS

Administration
Needs to communicate that cyber
security is a priority
Empower IT to find and implement
solutions organization wide
Support financially
Listen to ITs concerns and recommendations
Facilitate business process changes

Demand accountability

Information Technology
Security needs to be a priority
Understand their own abilities and
limitations
Need to be open to and value external
audit

ASSESSMENT

Assessment
The Cyber Liability Application
Information Security Self-Assessment
Information Technology Audit

PREVENTION STRATEGIES

Prevention Strategies

Implement Policies
Train Employees
Implement Encryption
Backup
Updates and Patches
Content Controls

Solutions
Assess Risks
Prevention Policies and Plans
Cyber Liability Insurance

Examples of Gaps in Insurance Programs

Physical Damage to Data
Virus/Hacker damage to Data
Denial of Service ACack
B.I. Loss from IT security Breach
IT ExtorHon or Threat
TheI/Disclosure of Data
AdministraHon Privacy Breach
Technology E&O

Professional
Cyber
Execu@ve Risk
Liability
Insurance

Media Liability (electronic content)

Privacy breach expense/noHcaHon

Damage to 3rd party data

Regulatory Privacy Defense Fines

1st Party




3rd Party

General
Liability

Property

Coverage Provided
Limited Coverage
No Coverage

Overview

Exposures
Stakeholders
Assessment
Prevention Strategies

Contact your Account Executive

Questions?

Sources

State Data Security Breach Notification Laws, Mintz Levin, October 1, 2012

2012 US Cost of Cyber Crime Study, Ponemon Institute, October 2012

Secure Data Seminar, Apogee Insurance Group, September 29, 2011

I have a Data Breach webinar, OneBeacon Professional Insurance, March 20, 2012

How will you survive a Data Security Breach, Chubb Group of Insurance Company,
Brochure, www.chubb.com

How much does a Data Breach Cost, Sendinc.com blog, September 17, 2012

Cyber Liability Insurance FAQs, Madison Risk & Insurance Services,

www.cyberliability.com

Data Protection and Breach Notification Compliance Law, www.vormetric.com

Threat Activities Trends, www.symantec.com

THIS POWER POINT PRESENTATION AND ANY MATERIALS DISTRIBUTED ARE FACT BASED
GENERAL INFORMATION AND SHOULD NOT, UNDER ANY CIRCUMSTANCES, BE CONSIDERED
SPECIFIC LEGAL ADVICE REGARDING A PARTICULAR MATTER OR SUBJECT. PLEASE CONSULT
YOUR LOCAL ATTORNEY OR RISK MANAGER IF YOU WOULD LIKE TO DISCUSS HOW A LOCAL
JURISDICTION DEALS WITH ANY SPECIFIC CIRCUMSTANCES YOU MAY BE FACING.