Embed Size (px)
DESCRIPTION
arm
Citation preview
Cyber Risks
OVERVIEW
• Exposures • Stakeholders • Assessment • Prevention Strategies
TERMS
• Cyber • Data Breach • Denial of Service • Virus
CYBER FACTS
A hacker can operate from anywhere in the world. Organized crime rings operate worldwide 24/7.
What DATA is at stake?
• Personal Identifiable Information – Driver’s License – Birth Date – Social Security Number – Financial Account Numbers – Credit Card Numbers – Personal Health Information
• Financial Information • Proprietary Information and Business Secrets
CYBER FACTS A breach can also result from:
• REGULAR E-‐MAIL • ACCIDENTAL E-‐MAIL • IMPROPER DISPOSAL • Laptop • Mobile Device
Where is the Danger?
Are the Risks REAL?
563,656,459 • 50% have 1,000 employees or less • 26% were on companies with 11 to 100 employees
Compliance Law
As of September 1, 2012, only Alabama, Kentucky, New Mexico and South Dakota have no laws related to security breach notification
How Much Does a Data Breach Cost?
The average cost of a data breach in 2012 was:
$194 per lost customer record ($80 notifications + $114 lost business)
Additional Costs 1. Public relations 2. Technology changes and staff retraining 3. Reward expenses 4. Extortion demands 5. Replacing stolen funds or securities 6. Compliance Fines and Fees
STAKEHOLDERS
Administration
• Needs to communicate that cyber security is a priority
• Empower IT to find and implement solutions organization wide – Support financially – Listen to IT’s concerns and recommendations – Facilitate business process changes
• Demand accountability
Information Technology
• Security needs to be a priority • Understand their own abilities and
limitations • Need to be open to and value external
audit
ASSESSMENT
Assessment
• The Cyber Liability Application • Information Security Self-Assessment • Information Technology Audit
PREVENTION STRATEGIES
Prevention Strategies
• Implement Policies • Train Employees • Implement Encryption • Backup • Updates and Patches • Content Controls
Solutions
• Assess Risks • Prevention Policies and Plans • Cyber Liability Insurance
Examples of Gaps in Insurance Programs
Property General Liability
Professional Liability Execu@ve Risk Cyber
Insurance 1st Party Physical Damage to Data Virus/Hacker damage to Data Denial of Service ACack B.I. Loss from IT security Breach IT ExtorHon or Threat 3rd Party TheI/Disclosure of Data AdministraHon Privacy Breach Technology E&O Media Liability (electronic content) Privacy breach expense/noHficaHon Damage to 3rd party data Regulatory Privacy Defense Fines
Coverage Provided Limited Coverage
No Coverage
Overview • Exposures • Stakeholders • Assessment • Prevention Strategies
Contact your Account Executive Questions?
Sources
• State Data Security Breach Notification Laws, Mintz Levin, October 1, 2012 • 2012 US Cost of Cyber Crime Study, Ponemon Institute, October 2012 • Secure Data Seminar, Apogee Insurance Group, September 29, 2011 • I have a Data Breach webinar, OneBeacon Professional Insurance, March 20, 2012 • How will you survive a Data Security Breach, Chubb Group of Insurance Company,
Brochure, www.chubb.com • How much does a Data Breach Cost, Sendinc.com blog, September 17, 2012 • Cyber Liability Insurance FAQs, Madison Risk & Insurance Services,
www.cyberliability.com • Data Protection and Breach Notification Compliance Law, www.vormetric.com • Threat Activities Trends, www.symantec.com
THIS POWER POINT PRESENTATION AND ANY MATERIALS DISTRIBUTED ARE FACT BASED GENERAL INFORMATION AND SHOULD NOT, UNDER ANY CIRCUMSTANCES, BE CONSIDERED SPECIFIC LEGAL ADVICE REGARDING A PARTICULAR MATTER OR SUBJECT. PLEASE CONSULT YOUR LOCAL ATTORNEY OR RISK MANAGER IF YOU WOULD LIKE TO DISCUSS HOW A LOCAL JURISDICTION DEALS WITH ANY SPECIFIC CIRCUMSTANCES YOU MAY BE FACING.
