Cyber Risks

Question 1

What covers are available for cyber risks?

Answer 1

1. First party includes cost for;
   - Investigating cyber crime
   - Recovering data lost
   - Restoration of computer systems
   - Loss of Income
   - Reputation management
   - Extortion payments demanded
   - Notification costs where req to notify 3rd parties
2. Third party includes cost for;
   - Damages & settlements
   - Cost of defence against claims of a GDPR Breach

Question 2

Typical risks businesses face? (5)

Answer 2

1. Malware
2. Ransomware
3. Hacking
4. Cyber Liability
5. Data Corruption & extra costs

Question 3

Malware?

Answer 3

Form of malicious software that can install via phishing scams & by exploiting software vulnerabilities

Question 4

Ransomware

Answer 4

Form of malware attacks system & encrypts data, attack demands ransom payment for exchange of data

Question 5

Hacking

Answer 5

Gaining potential or full control of compute system & its functions to access important & confidential data

Question 6

Cyber Liability

Answer 6

Legal liability for damages after alleged wrongful transmission of a virus

Question 7

Data Corruption & extra costs

Answer 7

Paying for cost of freeing up or cleaning previously locked or compromised data

Question 8

What are the typical risks covered against? (4)

Answer 8

1. Network security
2. Privacy Liability
3. Network BI
4. Media Liability

Question 9

Network Security Cover

Answer 9

1. In event of network security failure (data breach, malware infection, cyber extortion demand, ransomware or email compromise).
2. Covers 1st party costs
   - legal expenses
   - IT Forensics (how happened & how to rectify)
   - Negotiation & payment of ransomware
   - Data restoration
   - Breach notification to consumers
   - Public relations expertise

Question 10

Privacy Liability Cover

Answer 10

1. Protects PH from liability arising out of a cyber incident or privacy law breach
2. 3rd party costs can arise from
   - Liabilities req in a contractual obligation
   - all the way to regulatory obligations

Question 11

Network Business Interruption Cover

Answer 11

Covers loss of profits following a cyber event

Question 12

Media Liability Cover

Answer 12

1. Provides cover for intellectual property infringement, defamation, negligent transmission of a virus arising from content of a website, social media & the like caused by Insured or hacker

Question 13

Role of the Adjuster?

Answer 13

1. Ensure insured has taken urgent steps to contain attack isolating systems
2. Arrange engagement of specialist cyber response teams
3. Establish how, why & what systems/data breached
4. Liaise with forensic experts
5. Assess policy cover (conditions complied with security standard, notification risks etc)
6. Identify limits, exclusions, BI
7. Guide Insured on GDPR
8. Ensure Insurer appointed legal/PR advisors (reputational management/customer communications)
9. Quantify loss, IT fees, legal & management fees, system rebuild, BI (ICOW), ransomware demands, 3rd party exposure
10. Ensure mitigation (back ups, manual procedures etc)
11. Report to Insurers