Wednesday, August 6, 2008

Cyber Security Insurance Protection

Hey folks,

Thought I would bring up a fun topic that has IT managers and CIO's up at night.

So what happens when you systems are breached? Did you lose client information? How about employee information? How about your own proprietary data? What is the cost of the disruption of your business, are you losing revenue? Are you now being sued by clients or employees as a result? What costs are associated with the remedy?

Your systems, data, proprietary models and investor information are the cornerstone of your business. How safe are they? We have talked through and asked questions about your backup systems and redundancies, but what happens in the event of true breach? Most of the property policies will cover just the damage to the servers or hardware and little else. The crime policy will provide protection if your employees breach the system, but what of the external hacker?

There are several players offering the coverage: Chubb, AIG, Hartford, Media Professional, and ACE to name a few. The following is a synopsis of the Chubb offering and many of the other markets have similar protections.

This is an often overlooked coverage and has major ramifications for an enterprise. Costs are in the $70K to $125K for $5MM in protection for a financial enterprise and less costly for software and life science companies.

CyberSecurity by Chubb
Chubb Specialty Insurance

Are your financial institution's computer systems impenetrable?

Even if you have the most state-of-the-art security controls, your customers, shareholders and corporate assets could be at risk. Spamming, hacking, pinging and denial of service are just a few of the fraudulent cyber-attacks that can bring your computer systems to a grinding halt.

CyberSecurity by Chubb for Financial Institutions offers a solution to the risks associated with doing business in today's technology-dependent business environment. CyberSecurity by Chubb provides insurance for direct loss, legal liability and consequential loss through six unique insurance coverages to help protect financial institutions from the emerging risks associated with e-business.

Cyber-risk and traditional insurance

The risk
Conducting business over the Internet, sending confidential information over networks or even just hosting an informational web site puts your financial institution at risk to fraudulent and criminal acts such as:

  • Hacking into an organization's network and copying confidential information
  • Unauthorized access into a financial institution's system to steal money or securities
  • Using a fraudulent electronic signature to apply for and receive a loan online
  • Hacking into a web site and posting lewd or false information on that site
  • Launching a virus that destroys critical corporate data
  • A spamming event that shuts down an organization's online service

Insurance gap
Does your institution relies solely on its fidelity bond or other traditional insurance products for protection against cyber crimes? If so, it may have some serious gaps in its insurance portfolio.

  • Fidelity bonds protect from the loss of property as a result of first-party crimes such as employee dishonesty, forgery, theft, destruction or disappearance. Fidelity bonds don’t protect your financial institution from hacking, spamming, theft of confidential customer information, cyber attack, business interruption or electronic signature fraud.
  • Property policies work well when addressing physical damage to insured property and the resulting business income and consequential loss if it results from direct physical loss or damage to tangible property. This means that your business could be inadequately protected against the financial impact of a hacker or cracker taking down your web site.

Our policy

CyberSecurity by Chubb for Financial Institutions is intended for all financial institutions, addressing their most vulnerable e-commerce exposures in one straightforward policy. The policy consists of six insuring clauses:

  • E-Theft
    Designed to help protect from losses resulting from:
  • The transfer, payment or delivery of funds or other property due to a cyber attack
  • The misappropriation, copying or duplication of confidential customer information or records by hackers, crackers or employees who breach network security
  • The physical loss or damage of stolen electronic media
  • Denial or Impairment of E-Service
    Helps protect your financial institution when your system is subject to a cyber attack or fraudulently accessed, regardless of whether there has been direct physical loss or damage to tangible property. This includes system slowdowns or shutdowns caused by cyber attacks, such as worms or spamming.
  • E-Communication
    Despite firewalls and encryption, it is impossible to guarantee that transactions over the Internet are 100% secure. This insuring clause applies to loss when an electronic communication is sent from your institution to another institution to initiate, authorize or acknowledge a monetary transaction, and the communication was either not sent by your institution or was fraudulently modified during the electronic transmission.
  • E-Vandalism
    Hackers and crackers have made e-vandalism – the malicious vandalism of any data, instructions or communications within your system – an even greater issue to manage than property vandalism. E-Vandalism insurance helps your institution pay for the direct cost of restoring the integrity of your site in the aftermath of such an event.
  • E-Threat
    In the past, kidnap, ransom and extortion referred primarily to people or physical property. Today, it can refer to threats made against your system that could result in taking your system off line or a breach in your network security (e.g., the release of confidential customer information). This insurance reimburses for expenses you incur to mitigate loss in the event of an alleged threat (provided the threat is technologically credible), rather than wait for the perpetrator to act on such a threat and risk any downtime. We will also pay for fees and expenses of any independent public relations consultant if your firm has been the target of such a threat.
  • E-Signature
    In June 2000, the United States enacted the Electronic Signature in Global and National Commerce Act – allowing consumers and businesses to sign contracts online and know that their "electronic signature" is just as valid as a "wet signature." E-Signature helps protect your institution from direct loss resulting from accepting a customer's electronic signature on loan agreements secured by real property, such as a mortgage, and then discovering that the electronic signature is fraudulent.

Specialized claim service

We know that financial institutions require specialized claim handling due to the unique nature of the losses. E-business risks increase your need for claim professionals who not only have a deep knowledge of your industry, but know how to handle e-commerce claims. Chubb claim professionals offer the following:

  • Our team of fidelity claim experts have a deep knowledge of your industry
  • Our claim specialists understand technology and how CyberSecurity by Chubb responds in the event of a loss
  • We provide local claim presence in field offices around the world
  • Chubb's hallmark claim service means that your claims will be handled with empathy in a prompt and fair manner
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

About the Author

My photo
Mr. Maloy is the fifth generation of the family to lead Maloy Risk Services, which was founded in 1872 by his great, great grandfather Joseph Maloy. Based in Princeton and NYC, Mr. Maloy runs one of the oldest continually family operated insurance agencies in the country. Mr. Maloy retooled the agency in 1995 to focus on niche industry sectors providing risk management and insurance placement services to emerging growth companies in the Technology, Life Science, Venture Capital, and Hedge Fund industries. In 2004, Mr. Maloy created TriPro Managers, an insurance wholesale brokerage operation to augment Maloy Risk Services retail brokerage operations. TriPro Managers assists retail brokers in the placement of specialty professional liability coverage for the Technology, Life Science, Venture Capital and Hedge Fund industries. Mr. Maloy is a Certified Insurance Counselor, Certified Risk Manager and serves on the Board of Directors of the New Jersey Technology Council and is a past Alumni Advisory Board member of Wake Forest University. Mr. Maloy, is a member of Terrier Tri, a triathlon club in New York City. Mr. Maloy holds a BA from Wake Forest University.