Cyber Academy: Cyber Insurance

(SPEECH) 

[AUDIO LOGO]

(DESCRIPTION) 

White lights on a dark background blink and form a solid circle.

The circle morphs into the letter C.. Text: Cyber Academy. Travelers.

Cyber Insurance: Protect and Prevent.

(SPEECH) 

Welcome to the Travelers Cyber Academy, a video series on cybersecurity and cyber risk management. We designed it to inform brokers on emerging cyber trends, risks, and threat prevention techniques, and also to excite them about the possibilities. Our topic for today, cyber insurance, protect and prevent.

At a time when businesses are increasingly reliant on technology, cyber insurance provides important protection against a range of technology-based threats. Lost or stolen data is just the start. Cyber insurance also protects against losses from fraud, extortion, and business interruption. A good cyber policy will help both prevent incidents from occurring and minimise the impact of any incident that does occur.

(DESCRIPTION) 

Text: What we'll cover today. A bullet point list appears one point at a time. Text: What does cyber insurance cover? Who needs cyber insurance? How does cyber insurance help prevent losses?

(SPEECH) 

In this video, we will review the coverage provisions that are available in most cyber insurance products, including those offered by Travelers. Cyber insurance protects against first-party losses, such as the expense of conducting a digital forensic examination or notifying affected parties. It also covers third-party liability, such as responding to lawsuits or inquiries from regulatory agencies.

In this video, we'll describe different coverage scenarios to illustrate who needs cyber insurance and why. We'll also show how cyber coverage can help companies prevent losses, not just pay for them.

(DESCRIPTION) 

A circular textbox containing the text Cyber threat landscape. A word cloud. Text: lost smartphones, human error, password sniffing, the dark net, stolen laptops, hacktivism, remote access, rootkits, third-party vendors, spamming, unapproved devices, social engineering, pretexting, malware, data misuse, B-Y-O-D, zero days, financial fraud, botnets, ransomware, spear phishing, disgruntled insiders, improper data disposal, unsecured wireless, spoofing.

(SPEECH) 

In a complex and ever shifting threat landscape, cyber insurance provides valuable protection to businesses and organisations. If just one of these threats gets through a business or organisation's defences, the result could be a costly data breach, a disruption of business operations, regulatory inquiries or lawsuits, perhaps even all of those.

(DESCRIPTION) 

Two people write on documents. Two circular textboxes, containing the text Cyber Insurance, First-party-coverages, and Cyber Insurance, Third-party coverages.

(SPEECH) 

Cyber insurance can provide first-party coverages, which help protect against losses resulting from a cyber incident and third-party coverages, which help protect against liability claims or other potential costs following a cyber incident. Let's start by reviewing some of the first-party coverage provisions that may be available.

(DESCRIPTION) 

A person types on a laptop. A bullet point list appears one point at a time, titled Cyber insurance: Remediation & Notification. Text: Examples of covered costs: Legal consultation ("Breach Coach"), Digital forensic investigations, Notification expenses, Credit or identity monitoring services.

(SPEECH) 

Data breach remediation and notification coverage helps to protect a business when a data breach occurs.

The moment coverage is triggered, the policy provides reimbursement for legal consultation with a breach coach, as described in the Travelers Cyber Academy video after the breach, who to call, what to do. Where appropriate, the policy will also provide reimbursement for digital forensic investigations to determine the scope of the breach and the number and identity of affected individuals.

In addition, it can provide notification expenses. So businesses can draft legally sound documents and establish and maintain a call centre to handle customer inquiries. And if required, the policy could cover the cost of providing credit or identity monitoring services to affected individuals. The limits and deductibles for coverage are usually expressed as an amount in pounds sterling, but coverage could also be available per person affected up to a specified number. Some types of businesses may prefer this.

(DESCRIPTION) 

A W-2 form. Text: Coverage considerations. An excerpt from an IRS News Release. Text: Urgent alert to all employers: "[This] scam has evolved beyond the corporate world and is spreading to other sectors. This is one of the most dangerous email phishing scams we've seen in a long time."

(SPEECH) 

Cyber incidents affect businesses of every size and sector. Companies with employees must ensure they can protect sensitive data. The US tax authorities described a recent tax fraud scheme as one of the most dangerous email phishing schemes seen in a long time.

In a hypothetical claim scenario involving a manufacturing company with 300 staff, the estimated potential cost was close to 150,000 pounds. This coverage is critical for any business or organisation that accepts or processes credit or debit card payments, or that collects or handles health information or other personally identifiable data.

(DESCRIPTION) 

A textbox titled Did you know? Text: 19% of data breaches are self-discovered. 81% are discovered by law enforcement agencies, regulators, card brands, consumers, or others. 2015 Trustware Global Security Report.

(SPEECH) 

A business or organisation cannot simply assume that it's not suffered a data breach just because it's not detected one. Most data breaches are discovered by a third-party, such as a law enforcement agency or an outside cybersecurity vendor.

(DESCRIPTION) 

A man types on a laptop. A bullet point list appears one point at a time, titled Cyber insurance: Cyber extortion. Text: Examples of covered costs: Investigation of ransom demand, Use of legal counsel during negotiation, Payment of ransom demand.

(SPEECH) 

As described in the Travelers Cyber Academy session on ransomware, criminals have also turned to extortion as a way of profiting from the compromise of a computer system or computer network.

Cyber extortion coverage can help a business or organisation that has fallen victim to ransomware by providing reimbursement for the costs of investigating a ransom demand, retaining legal counsel or other assistance in negotiating the demand. And if necessary, actually paying the ransom.

(DESCRIPTION) 

A computer screen displaying a list of numbers. A bullet point list appears one point at a time, titled Cyber insurance: Business interruption. Text: Examples of covered losses: Lost profits resulting from an attack on an insured's systems, network, or data ("business interruption"). Lost profits resulting from an attack on a third party's systems, network, or data on which the insured depends ("contingent business interruption"). Extra expenses incurred in order to reduce lost profits.

(SPEECH) 

A business or organisation could also suffer a loss of income when its computers and networks are attacked or compromised, for example, by being infected with ransomware or through a denial of service attack.

A Denial-of-Service, or DoS attack is when an organisation's servers are flooded with fake traffic in order to block legitimate traffic and impede normal business operations. Business interruption coverage provides protection when computers and networks are targeted by ransomware, denial-of-service attacks or other malicious activity.

A related coverage known as contingent business interruption protects against attacks or outages relating to third parties on which the organisation depends website hosting providers, for example, or cloud service providers. Both business interruption and contingent business interruption insurance provide reimbursement for the extra expenses of mitigating losses, for example, when critical web applications are transferred to a different server.

(DESCRIPTION) 

A finger presses a button on a keyboard labeled DDoS. Text: Coverage considerations. A pie chart titled Ransomware Victims by Sector. The wedges of the pie chart are labeled Services, Manufacturing, Financial, Public Sector, Wholesalers, and Other. A textbox containing a quote. Text: "Distributed denial-of-service attacks are growing in number and intensity. The availability of botnets-for-hire has fueled this increase and we are likely to see the Internet of Things provide more fodder for these botnet armies."

(SPEECH) 

These days, most businesses or organisations rely on data or computers and should consider obtaining business interruption and cyber extortion coverage. According to Symantec's 2016 internet security threat report, denial-of-service attacks are growing in number and intensity, and this threat is likely to continue increasing.

As for ransomware, hospitals and health care providers have been the most recent high profile victims. But Symantec's special report on ransomware and businesses found that almost every sector has been affected by ransomware in recent years. The most frequently targeted sectors listed in order were service industries, manufacturing, financial, public sector, and wholesalers.

Ransomware can, of course, cause losses through both business interruption and extortion. As these threats continue to evolve and become more sophisticated, prudent organisations can protect themselves through cyber extortion cover and business interruption cover.

(DESCRIPTION) 

A person taps the screen of a tablet. A bullet point list appears one point at a time, titled Cyber insurance: Fraud coverage. Text: Examples of covered losses: Fraudulent payments caused by, Hacker directly accessing an insured's network ("Computer Fraud"). Hacker communicating with an insured's bank ("Funds Transfer Fraud").

(SPEECH) 

Cyber insurance may also include coverage for computer fraud and funds transfer fraud. Computer fraud involves the unauthorised use of a business or organisation's computers to conduct a fraudulent transaction.

Funds transfer fraud is committed through spoofing, which does not necessarily involve the use of a business or organisation's computers. In spoofing, a criminal poses as an employee and sends an email message or other electronic communication to a bank in order to conduct a fraudulent transaction. Coverage for social engineering fraud in which an employee is tricked or persuaded by a criminal into transferring money may be found in crime policies or other Travelers Insurance products.

(DESCRIPTION) 

A person types on a laptop. Text: Claim scenario. A disgruntled former employee, using stolen credentials, remotely accesses the company's accounts payable system to transfer £250,000 to an overseas bank account.

(SPEECH) 

Fraud coverage is important for businesses and organisations that engage in business-to-business transactions involving wire transfers or other forms of electronic payment. Consider, for example, a scenario in which a disgruntled former employee uses stolen account names and passwords to access a company's accounts payable system. He could transfer 250,000 pounds to an overseas bank account and then disappear. In this scenario, coverage for computer fraud or funds transfer fraud could help protect the company from a potentially crippling financial loss.

(DESCRIPTION) 

A row of computer servers. A bullet point list appears one point at a time, titled Cyber insurance: Restoration expenses. Text: Examples of covered costs: Restoring lost or damaged data. Replacing damaged or destroyed software. Repairing damaged system files.

(SPEECH) 

Finally, whether a cyber incident involves ransomware or some other malicious activity, there may be significant costs associated with recovering lost data, repairing damaged operating systems, and restoring applications and other important software files. Computer programme and electronic data restoration coverage can help a business or organisation meet these expenses, whether caused by a virus, a hacker, or even a disgruntled employee.

(DESCRIPTION) 

Two people write on documents. Two circular textboxes, containing the text Cyber Insurance, First-party coverages, and Cyber Insurance, Third-party coverages. The First-party textbox disappears.

(SPEECH) 

In addition to protecting against their own first-party losses, businesses and organisations should obtain protection against third-party liability, such as lawsuits and investigations. The types of third-party coverages available include the following.

(DESCRIPTION) 

A computer chip. A bullet point list appears one point at a time, titled Cyber insurance: Network & Information Security Liability. Text: Examples: Claims for failing to, Protect confidential information of others, including PII, PHI, or PCI. Prevent transmission of viruses. Provide access to authorized users. Comply with breach notifications laws.

(SPEECH) 

First, network and information security liability provides coverage against claims that allege a failure to prevent the transmission of computer viruses or other malware, a failure to protect individuals confidential information, a failure to provide access to authorised users, and a failure to comply with data breach notification obligations.

This coverage also protects against claims that a business or organisation failed to comply with its own privacy policy with respect to the protection of personally identifiable information.

(DESCRIPTION) 

A person looks at the screen of a laptop, which displays the word Copyright. A bullet point list appears one point at a time, titled Cyber insurance: Communications & Media Liability. Text: Examples: Claims by third parties for: Copyright infringement, trademark infringement, and similar violations. Infringing an individual's right of publicity. Defamation or other reputational harm.

(SPEECH) 

Communications and media liability coverage helps protect against claims alleging copyright infringement, trademark infringement, trade dress infringement, and similar violations.

Infringements of an individual's right to publicity, including using an individual's likeness or appearance for commercial purposes without authorization and defamation, libel, slander, and other forms of reputational harm. Coverage can be obtained for all the communications of a business or organisation, or specifically for claims based on email communications, social media platforms, internet websites, or other forms of electronic media.

(DESCRIPTION) 

A computer monitor on a desk. A bullet point list appears one point at a time, titled Cyber insurance: Regulatory Defense. Text: Examples: Legal fees incurred responding to formal administrative or regulatory proceedings following a data breach. Regulatory fines and penalties.

(SPEECH) 

Finally, regulatory defence coverage provides protection in the event that a data breach results in a formal administrative or regulatory proceeding by, for example, the police, the health and safety executive, the environment agency, local authorities, financial regulators such as the Financial Conduct Authority, and other professional regulatory agencies.

Coverage may also be available for any resulting regulatory fines and penalties.

(DESCRIPTION) 

A man talks on a phone with a laptop open in front of him. Text: Coverage considerations.

(SPEECH) 

Nearly all entities that collect or store personally identifiable information should consider obtaining network and information security liability coverage to protect against the risk of being sued in the event of a data breach. According to the 2016 Cyber Claims Study, by NetDiligence, legal defence and settlement costs were included in approximately 10% of all cyber claims, with average total costs approaching 650,000 pounds.

In addition, regulatory defence coverage is critical for businesses and organisations that handle the confidential information of others. The regulatory environment is fast-paced and constantly changing.

(DESCRIPTION) 

A New York Department of Financial Services document. A checkbox titled New York DFS Cyber Reg. Text: Cybersecurity program, Risk assessments, Pen testing, Incident response plan, Breach notification, And more!

(SPEECH) 

In March 2017, for example, the New York State Department of Financial Services finalised cybersecurity regulations that establish comprehensive requirements for financial institutions and affiliates, changing how those companies will be affected by a cybersecurity event.

Regulatory investigations can also be costly. For example, a recent hypothetical claims scenario involved a health care provider and 750 stolen patient files. The NetDiligence data breach cost calculator estimated the potential costs of such an investigation at close to 290,000 pounds.

(DESCRIPTION) 

A person holds a credit card while typing on a laptop. A bullet point list appears one point at a time, titled Cyber insurance: PCI Fines, Penalties, and Assessments. Text: Examples: PCI forensic investigations. PCI fines, penalties, and assessments. Chargebacks. Costs to come into compliance with PCI data security standard.

(SPEECH) 

Coverage is also available for businesses and organisations that receive, handle, or process payment card information. There may also be a contractual requirement to pay fines, fees, or assessments in the event of a breach of PCI data. This coverage helps to protect against the cost of conducting PCI forensic investigations, any resulting fines, fees, or assessments, and any chargebacks for fraudulent activity relating to stolen PCI.

Depending on the extent of the breach, these costs can range into the millions of dollars. In addition, if a business or organisation systems are found to be non-compliant with legal security standards after a data breach, coverage may be available for the costs associated with coming into compliance and for obtaining the necessary compliance standard.

(DESCRIPTION) 

A man furrows his brow as he looks at a phone. A bullet point list appears one point at a time, titled Cyber insurance: Technology Errors & Omissions. Text: Claims by third parties for errors and omissions relating to providing technology goods and services, such as: Products that do not meet specs. Software containing "bugs". Services not meeting customer expectations.

(SPEECH) 

Companies that produce or provide technology goods or services should also consider obtaining errors and omissions coverage or Tech E&O. This cover provides financial protection against third-party claims relating to technology products that do not meet required specifications, software that is buggy and not performing as expected, or technology services that do not meet customer expectations resulting in financial harm to the customer or other third parties.

(DESCRIPTION) 

A graphic depicting a magnifying glass over a computer screen. Text: Exposure evaluation. Four bullet point lists appear one at a time. Text: Whose sensitive information do you have? Customers? Employees? Other businesses or individuals? How sensitive is the data? Financial, Medical, Intellectual property, Personal. How is it collected, protected, used, shared, and destroyed? By you, By your partners & vendors, By others that host or have access to your data. What systems and data do you depend on? Critical applications, Data centers, Cloud vendors.

(SPEECH) 

In determining what kind of coverage a business or organisation needs, here are some of the fundamental questions to consider. What sensitive information does the business or organisation collect or store? This can include information obtained from customers, from employees, and from other businesses or individuals. How sensitive is the data? Certain kinds of information are inherently more valuable and more likely to lead to lawsuits or regulatory inquiries than others.

How is sensitive data to be collected, used, shared, and disposed of? Data that is widely shared, for example, whether within a business or with outside parties, is obviously more vulnerable to compromise. And what systems or data does the business or organisation depend on? If the operations of a business or organisation rely on critical applications, data centres or cloud services, there may be a need for robust business interruption coverage.

(DESCRIPTION) 

A man places his index finger on a padlock. Text: Good cyber insurance provides a package of valuable risk management benefits!

(SPEECH) 

A good cyber insurance policy will provide more than just financial protection. It will provide access to other benefits such as pre-breach services that can actually help prevent losses. According to the 2016 Cost of Data Breach Study by the Ponemon Institute, the average cost of a breach was lower for businesses that carried cyber insurance than for businesses that did not.

(DESCRIPTION) 

Four pictures of people working on laptops.

(SPEECH) 

Here at Travelers, we offer a range of cyber insurance products to meet the needs of businesses of all shapes and sizes.

(DESCRIPTION) 

Text: Cyber First Essentials.

(SPEECH) 

CyberFirst Essentials covers small businesses, including tech companies and professionals.

(DESCRIPTION) 

Text: Cyber First.

(SPEECH) 

CyberFirst focuses on mid to large technology companies and upwards, along with public sector entities.

(DESCRIPTION) 

Text: Cyber Risk.

(SPEECH) 

CyberRisk covers everything else from private and non-profit entities, and financial institutions up to the largest publicly held companies.

Additional information about these products can be found at www.Travelers.com/cyber, or from your local independent insurance agent or broker.

(DESCRIPTION) 

A list appears one item at a time. Text: Valuable pre-breach services may include: Cybersecurity assessment tools, Cybersecurity awareness training, Discounted products and services, Cybersecurity expertise.

(SPEECH) 

In April 2017, Travelers announced that it had engaged Symantec. One of the world's leading cybersecurity companies, to provide an array of valuable pre-breach services for Travelers Cyber Insurance policyholders, including one or more of the following, depending on the type of policy purchased.

Access to a cybersecurity assessment tool that helps businesses and organisations better understand their current cybersecurity posture, what is being done well and where improvement is needed. Cybersecurity awareness training, employees who have been educated about cyber threats are the strongest defence against both internal and external attackers. Educating the entire organisation, not only helps to minimise potential attacks, but can also reduce internal security accidents.

Discounts on cybersecurity products and services, such as Norton for small business software, DeepSight intelligence, and Symantec managed security services access to cybersecurity expertise through white papers cybersecurity update or live access to a cybersecurity coach.

(DESCRIPTION) 

A graphic consisting of the word Policy, with four other words intersecting the letters O-L-I-C. From left to right, Protect, Policy, Business, Secure. A bullet point list. Text: Cyber insurance is a critical risk management tool to enhance cyber preparedness. Other lines of insurance are more regularly excluding cyber coverage. Coverage terms and availability can vary, so know your coverage. If you have questions, consult with your local independent insurance agent or broker.

(SPEECH) 

In summary, cyber insurance is an important risk management tool that enables businesses and organisations to address cyber risks. This is important at a time when other lines of insurance are increasingly excluding coverage for cyber-related incidents. However, coverage terms and availability can vary widely, so it's important for a business or organisation to work with a trusted independent insurance agent or broker that can obtain appropriate coverage for its specific needs.

(DESCRIPTION) 

Text: How a business can protect itself. A bullet point list. Text: Know your cyber risks. Work with your independent insurance agent or broker. Obtain cyber insurance with appropriate first-party and third-party coverages. Take advantage of pre-breach services to improve your cybersecurity.

(SPEECH) 

A business or organisation can better protect itself by understanding the cyber risks that it faces and by working with a trusted independent insurance agent or broker to obtain cyber insurance with appropriate first-party and third-party coverages. It can also benefit from the valuable pre-breach services that a good cyber policy provides to help improve its cybersecurity.

(DESCRIPTION) 

Text: Travelers. Cyber Academy. Cyber Insurance: Protect and Prevent.

(SPEECH) 

We hope you enjoyed this session of the Travelers Cyber Academy. Cyber insurance, protect and prevent.

(DESCRIPTION) 

Text: Disclaimer. The material in this presentation does not amend, or otherwise affect, the provisions or coverages of any insurance policy issued by Travelers. In particular, this presentation is not a representation that coverage does or does not exist for any particular claim or loss under any insurance policy. Coverage depends on the facts and circumstances involved in the claim or loss, all applicable policy provisions, and any applicable law. The availability of coverages referenced in this presentation may depend on state regulations and other factors. The Travelers Indemnity Company and its property casualty affiliates. One Tower Square, Hartford, CT 06183.

(SPEECH) 

[AUDIO LOGO]

(DESCRIPTION) 

White lights on a dark background blink and form a solid circle. The circle morphs into the letter C.. Text: Cyber Academy. Travelers.

Travelers dot co dot u k slash technology.

The information provided in this document is intended for use as a guideline and is not intended as, nor does it constitute, legal or professional advice. Travelers does not warrant that adherence to, or compliance with, any recommendations, best practices, checklists, or guidelines will result in a particular outcome. Travelers does not warrant that the information in this document constitutes a complete and finite list of each and every item or procedure related to the topics or issues referenced herein. Furthermore, laws, regulations, standards or codes may change from time to time and you should always refer to the most current requirements and take specific advice when dealing with specific situations. In no event will The Travelers Companies, Inc. or any of its subsidiaries or affiliates be liable in tort or in contract to anyone who has access to or uses this information. Travelers and the Travelers Umbrella logo are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries. Travelers Insurance Company Limited 61-63 London Road, Redhill, Surrey RH1 N.A.. Travelers Insurance Company Limited is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority. Registered office: Exchequer Court, 33 St. Mary Axe, London EC3A 8AG. Registered in England 1 0 3 4 3 4 3. travelers dot co dot u k.