1 YOUR PRESENTER Anthony Dagostino Lockton Executive Vice - - PowerPoint PPT Presentation

1

YOUR PRESENTER

Anthony Dagostino Lockton Executive Vice President Global Cyber & Technology Practice Leader ADagostino@lockton.com

Agenda

01 Cyber Facts 02 Cyber Insurance Basics 03 Claims 04 Best Practices 05 Lockton Cyber and Technology Practice

Cyber Facts

General Information and Legal / Regulatory Landscape

75463

Cyber facts

7.7B

WORLD POPULATION

2.5B

MOBILE SUBSCRIBERS

$3.5B

COST OF CYBERCRIME IN 2019 (AS REPORTED TO THE FBI’S INTERNET CRIME COMPLAINT CENTER (IC3)) ESTIMATES ARE THAT ONLY

10%-12%

OF CYBERCRIME INCIDENTS ARE REPORTED TO IC3

$5.2T

COST OF CYBERCRIME BY 2025

$3.92M

AVERAGE COST OF DATA BREACH5

1.2B

PREDICTED INCREASE IN INTERNET USERS FROM 2019 TO 2025

25,575 RECORDS

AVERAGE SIZE OF A DATA BREACH

279 DAYS

AVERAGE LIFE CYCLE OF A BREACH

43%

OF BREACHES AFFECT SMALL BUSINESS VICTIMS

49%

OF C-LEVEL EXECUTIVES HAVE CYBERSECURITY ISSUES ON QUARTERLY BOARD AGENDAS

4%

OF C-LEVEL EXECUTIVES HAVE CYBERSECURITY ON MONTHLY BOARD AGENDAS

KC: 72601

7 LOCKTON COMPANIES |

Cyber Facts

• Every organization is at serious risk without

new-school security awareness training.

• With an average employee susceptibility
• f 29.6 percent, companies could be

exposed to social engineering and phishing scams by more than a quarter

• f their workforce.
• Any organization can strengthen security

through staff training in as little as three months.

• The power of a good training program is

to instill anti-phishing behavior management and social engineering education in a rapid timeframe.

• An effective security awareness training

strategy can help accelerate results, especially for large organizations.

• The struggle of some enterprise leaders

to successfully implement security training effectively across the

• rganization is not surprising. But it

does indicate that leaders can set themselves up for success by assessing their goals and plotting an

• rganizational strategy before rolling
• ut training.

Sources: FBI Internet Crime Compliant Center, IBM, Gartner, Security Magazine, Accenture, Cisco, Nationwide and 2019PhishingByIndustryBenchmarkingReport

39 seconds

Frequency of hacker attacks

67%

Increase in security breaches in the past five years

68%

Don’t have cyber security insurance

91%

Improvement in failure rate in

• rganizations that actively engaged in 12

months of security awareness training and simulated phishing.

Key Takeaways

The cybersecurity solution dilemma

Legal and Regulatory Landscape

CCPA and other privacy regulations

• What data are you collecting on

consumers?

• How is this being disclosed to

consumers?

Cyber Insurance Basics

Marketplace, Coverage, First and Third Party Coverage, Myths and Process

75463

Insert polling question #1

The Marketplace

Sources: Lockton, AM best

$5.5 Billion

Estimate gross written premium globally in 2020

$2.03 Billion

US gross written premium in 2018 based

• n filings

$450 Million

Capacity available in the London wholesale marketplace alone

~ 200

Cyber Insurance Carriers we have a relationship with

The Coverage

75463

Notification, credit monitoring, call center Media liability Forensics, legal advice, public relations Added expense Privacy regulatory fines and penalties PCI DSS fines and penalties Privacy liability Consequential reputational loss Network and information security liability Fraudulent wiring instructions Business interruption Cyber extortion Dependent business interruption Business interruption Social engineering Digital data restoration Property business interruption and resulting physical damage

A Deeper Dive – “First Party” Coverage

Breach response costs

• Legal
• Forensics costs
• Mandatory notification

costs (comply with security breach notification laws)

• Voluntary notification costs
• Call center
• Credit monitoring and/or

identity monitoring/ insurance

• Public relations/

crisis management costs

Cyber extortion

• Reasonable and

necessary expenses incurred as a result of a ransom demand due to the threatened release of PII as a result of a breach

• f a computer system
• Reasonable and

necessary expenses incurred to prevent or end an attack against a computer system

Network business interruption

• Loss of net income and

extra expenses as a result of a security failure of the insured’s computer systems

• Broader coverage

available in the marketplace

Data restoration

• Costs to restore or replace

destroyed data as a result

• f a security failure of the

insured’s computer systems

• Broader coverage

available in the marketplace

Reputational harm

• Loss of net income as a

result of clients deciding to no longer do business with the insured following a cyber event where data is lost or stolen

• Components of

reputational harm coverage can be found within business interruption insuring agreements

A Deeper Dive – “Third Party” Coverage

75463

Network Security Liability

• Claim expenses and

damages emanating from network and non-network security breaches

Privacy Liability

• Claim expenses and

damages emanating from violation of a privacy tort, law, or regulation

Privacy regulatory proceedings and fines

• Claim expenses in

connection with a privacy regulatory inquiry, investigation,

• r proceeding
• Damages/fines (varies

by market) Consumer Redress Fund

• Privacy regulations

fines and penalties

Payment card industry data security standards liability (PCI-DSS)

• Fines, penalties, and

assessments that are incurred as a result of a breach of contract with a card brand or payment processor

• Assessments can include

fraud assessments, card reissuance costs, etc.

Media Liability

• Claim expenses and

damages emanating from personal injury torts and intellectual property infringement (except patent infringement)

• Claim expenses and

damages emanating from electronic publishing (website) and some will provide coverage for all ways in which a company can utter and disseminate matter

Debunking the Myths

75463

Insert polling question #2

The Process

75463

Assessment: What are the risks?

• Risk discovery for insurance program design
• Preparing for the underwriting submission
• In-house loss control and risk consulting
• Partnered technical solutions

Qu Quantification: How big are the risks?

• Data breach
• Business interruption
• Ransomware / malware
• Loss of digital assets
• Third party claims
• Regulatory claims

The Process

75463

Getting a policy that works How much to buy

• Individually tailored insurance

programs

• Uniquely broad proprietary

policy forms

• Coverage gap analysis
• Global carrier relationships and

broader coverage provides clients with more

• ptions.
• Loss modelling
• Comparative benchmarking

analysis

Coverage under other policies

• Comprehensive risk protection

programs with property, casualty, D&O, crime, and more.

Whether to insure

• Dynamic capital modeling to

evaluate whether buying cyber insurance is the most efficient use of capital

Claims

Trends and Impact

75463

19 LOCKTON COMPANIES |

MALWARE

An email purporting to be from your client is sent to one of your project managers, who clicks on the link. Unknown to your project manager or anyone else at your organization, the threat actor installs malware onto your systems. Your project manager thinks nothing of it and deletes the email. Everyone goes back to business and work routines. Four months later, you come into the office and try to turn on your computer, and there is a message stating that your computer has been locked and you will need to pay $575,000 to obtain the encryption keys.

SOCIAL ENGINEERING

An email purporting to be from your CEO is sent to your accounting department requesting that all your employees’ W-2s be sent to the CEO immediately. The accounting clerk sends an email back to the threat actor purporting to be the CEO, attaching all your employees’ W-2s.

PHYSICAL THEFT

Your company issues laptops to your employees so that they can work remotely ,with clear instructions that no work materials should be saved on the desktop. Your employee is working on an important project and, to save time, stores several client health records on the desktop. After a long day working on the project, your employee goes out to dinner and leaves the laptop in the back seat of the car. The car is broken into, and the laptop is stolen.

Sample incidents

FACTORS TO CONSIDER

• How to get back up and operational?
• What happened to cause the incident?
• What are the notification obligations, if any?
• Should this be reported to law enforcement?
• How much are your business interruption losses?
• What are the potential liability exposures of

the company?

• What happened?
• What steps are necessary to contain the incident?
• What steps are necessary to mitigate the incident?
• What are the notification obligations, if any?
• What are the potential liability exposures of the

company because of the incident?

• Is the laptop encrypted?
• Is there the ability to wipe the laptop remotely?
• What information on the laptop is potentially accessible

by a threat actor?

• What are the notification obligations, if any?
• Has a police report been filed?
• What are the potential liability exposures of the

company because of the incident?

Claims Trends

Sources: ABA Benchmarking and Survey Research 2017 BANK INSURANCE SURVEY REPORT

Vendor Management

Claims activity is up and the main trend is issues with vendors; heavy reliance

• n outside vendors for all tech services can lead to substantial revenue loss if

a critical vendor goes down.

Ransomware Events

Demands increasing in size and attack techniques are becoming more sophisticated and successful. Depending on the strain of ransomware, resulting business interruption income loss and duty to notify compromised individuals is common.

Proactive Conversation

We have seen a revenue loss of $1M from 5 days of missed ACH fees. Establish proper vendor management and redundancies to prevent loss of revenue from an outage at a critical vendor.

Tech Errors and Omissions

Many larger companies have started developing or acquiring apps and other software and commercializing it which creates a new exposure.

89% of Survey Respondents

Reported carrying Cyber Security/Privacy insurance.

Ransomware

Sources: Beazley Breach Briefing 2020

54% of Losses

Attributed to Hack or Malware in 2019 across industries

13% of Losses

Attributed to Ransomware in 2019

131% Increase

Rate of Ransomware incident increase since last year

11%

Of incidents result from Ransomware in Financial Institutions

Best Practices

How to prepare for Cyber attacks

75463

What you can do to safeguard

Sources: FBI Internet Crime Compliant Center, IBM, Gartner, Security Magazine, Accenture, Cisco, Nationwide

Our practice

50+ 96,000+

Associates across the globe dedicated to cyber and technology risk advisory Cyber claims in our database of Lockton and third-party sources

3,000+ 200+

Cyber and technology insurance clients Cyber insurance carriers we have relationships with

26

THA THANK YOU F FOR J JOINING U US!

Randy Wilborn | Regions Vice president and Senior Product Manager Treasury Management Division Randy.Wilborn@Regions.com Norman Comstock | UHY Consulting Managing Director Information Technology Expert ncomstock@uhy-us.com Anthony Dagostino | Lockton Executive Vice President Global Cyber & Technology Practice ADagostino@lockton.com

Thank you for joining us for this cybersecurity series! We hope that you have come away with valuable tools to safeguard your company. Feel free to reach out to any of our speakers for more information.