cyber ins u rance 101 - black hat briefings
TRANSCRIPT
Cyber Insurance 101 FOR SECURITY PROFESSIONALS
JEFFREY SMITH Cyber Risk Underwriters
KEY TAKEAWAYS
Common GroundValue Proposition What's Included & What's NotCalculating Claims CostsMarket Intel
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Cyber Insurance 101
Q: Cyber Insurance or InfoSec?
"It's scary and confusing...butat least it's boring..." CFO Healthcare Services Provider 2019
A: Yes
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
CEO: "Last time I saw you, Igave you money for moresecurity" CISO: "We've been hacked!"
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
"Jeffrey, slow down.I didn't understand aword you said" Robert "@RSnake" Hansen 2017
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Cyber Insurance Value Proposition
Free second look under the hood can validateexisting security efforts
OUTSIDE PERSPECTIVE
Access to vetted legal, forensics, notificationand other related experts who know how toresolve problems
IMMEDIATE SUPPORT
Reputation management, lost income, fines &penalties, and credit monitoring
FINANCIAL RECOVERY
Continued legal and financial support as well assecurity tools tools to augment your existingefforts
GET BACK TO BUSINESS
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
I N S U R A N C E C O N T R A C TStand-alone policy or endorsed to other business insurance policiessuch as property, medical malpractice, and crime
D I S T R I B U T I O NPrimarily via property & casualty insurance agents and brokers
W A R R A N T I E S & C H A N N E LAlso used to back security vendor warranties and MSSP offerings
Cyber Insurance: What is it?
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
FIRST PARTY COVERAGEYour stuff
THIRD PARTY COVERAGELiability claims brought by a third-party
SERVICESVetted vendors & evolving security services
Cyber Insurance: Product Offering
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
BREACHRESPONSE
Cyber Insurance: "First-Party" RemediesYour Direct Expenses
CYBER CRIME
ExtortionFunds Transfer FraudPhishingTelecom Fraud
BUSINESSINTERRUPTION
OTHER STUFF
Incident ResponseLegal ExpensesNotificationForensicsPublic RelationsCredit MonitoringPost BreachRemediation
HardwareCourt AttendanceReward ExpensesCryptojackingClaims Preparation
System InterruptionDependent SystemInterruptionReputational DamageNet Income &ExpensesData Recovery
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
SECURITY &PRIVACY
Cyber Insurance: Third-Party CoverageLegal Defense and Indemnity
REGULATORYDEFENSE
PCI-DSSLIABILITY
Defense & DamagesAssumed UnderContractMalware TransmissionUnauthorized Releaseof PHI/PII
Regulatory DefenseCompensatory AwardsFines & PenaltiesFederal, State, Localor ForeignInsurable by Law
MULTIMEDIALIABILITY
Defense & DamagesAssessmentsFinesPenalities
Electronic & WrittenLibel, Slander &DisparagementInfringement:Copyright, DomainName, TrademarkPlaigarism
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Legal
Incident Response/ForensicsNotification & Credit MonitoringForensic AccountingPublic Relations
Cyber Insurance: Insurer ServicesVetted Response & Recovery
Claim & Services Timeline
Breach Report & Evaluation
Managing Short-Term Crisis
Managing Long-Term Consequences
Mitigation Tools &Consultation
Breach coach IT Forensics Claim legitimacy Legal and regulatory Engage otherresources
NotificationCredit monitoringPublic relationsData recovery
Loss of income, Brand Management Legal DefenseClass ActionsRegulatory fines &penalties
TrainingPhishing simulationsDomain protectionNetwork monitoring Patch managementPassword managementLegal/PR & securityconsulting
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Coverage limitations includepolicy exclusions but arealso buried in conditions anddefinitions....
Coverage Limitations
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
INSUREDELSEWHERE
Limitations: Typical Exclusions
UNINSURABLEAGAINST
PUBLIC POLICY
Anti-TrustBodily Injury &Property Damage*IP/PatentInfringementManagement Liability
NuclearWar*/Terrorism*Core InternetInfrastructure FailureUtility Power Failure*Domain Revocation
OTHER
Intentional Acts ofSenior ExecutivesSanctionsCriminal ActsFines & Penalties NotInsurable By Law
Outside Policy PeriodContractual*Betterment*Technology E&O*Government Orders
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Limitations: Conditions & DefinitionsTo name a few...
Representations & WarrantiesReporting ProvisionsIn The Event of a ClaimRetentions and Wait Periods
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Courtesy of At-Bay Insurance
How Much DoWe Need?
Scenario 1
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Courtesy of At-Bay Insurance
How Much DoWe Need?
Scenario 2
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
"The cyber insurance market continues to grow and underwritingperformance in this sector remains strong. As well as things are going,there are challenges, with uncertainty around pricing being just one. Underwriting business interruption remains difficult. Also, the threatthat insurers are most worried about remains a systemic event thatcould cause extensive losses and jeopardize a cyber insurerssolvency."
STATE OF THE MARKET 2019
- AM BEST
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
1% of business insurance premiumsSome 200 insurers providing coverage but only about20 serious playersTwo distinct markets: Enterprise & SMETake up rates difficult to measure but under 50%
CYBER INSURANCE 101: FOR SECURITY PROFESSIONALS
Cyber Insurance Market Evolving and competitive