Transcript Cyber ExposuresThe Importance of Risk Identification and
Presented By: Joe Weipert
◦ ◦ ◦ ◦ ◦ My Goal Today: Getting Your Attention in 30 Minutes Average Claim Loss Costs by Line of Business* Property: $44,800 General Liability: $26,400 Workers’ Compensation: $10,200 Auto: $6,300 Cyber Errors & Omissions: $250,000 Defense Only!
Does not include damages payment. ◦ Bottom Line: More Complex and Higher Damages Exposure.
More Significant and Catastrophic Potential * Data from Hartford Technology
◦ ◦ ◦ ◦
Where to Start?
What does it cover?
Bodily Injury: Understand the definition, does it include Mental Anguish?
Property Damage: Tangible v. Intangible Data? Beware if you host data!
Personal Injury: Other than Bodily Injury - Includes Libel, Slander, Defamation, Invasion of Privacy Advertising Injury: Advertising “your” goods and services. Infringement of Copyright, Libel, Slander Limitation: Print media?
What is a policy exclusion?
◦ Do you know and understand the exclusions attached?
Professional Liability?
Internet Access Provider?
Breach of Contract? What is the purpose of exclusions?
What is a policy sublimit?
◦ Limits recovery ◦ ◦ Buy additional limits?
Good or Bad? Not a Solution!
◦ ◦ ◦ ◦
Purpose: Compliments the CGL policy and its limitations.
Claims of a third parties financial harm.
AKA: Errors & Omissions Coverage
Technology E & O History Beware: No two forms are the same! Some companies have multiple forms.
Failure of Products or Services Personal Injury Cyber Liability: What is the difference?
Hybrid Forms
Consulting Installation System Integration Warehousing of Data Administration, management, operation or hosting of another party’s systems, technology or computer facilities Internet access and connectivity services Telecommunications services Telecommunications products Enhanced Telephone services Activities on your own website!
◦ ◦
University of Utah Hospital and Clinics
◦ Data Storage Employee returning to storage facility.
◦ ◦ 1.5 million patient records breached.
Hospital incurs $3.4 million in costs associated with breach. Credit monitoring Notification Phone Bank Damage to reputation $30 million lawsuit.
Hewlett-Packard Corporation
◦ Theft of a laptop ◦ 196,000 current and former employees personal financial information (BYOD: Be Careful!)
Citibank
◦ UPS “misplaces” a box of computer tapes with personal information of 3.9 million customers
ISP – Contributory Trademark Infringement ◦ ISP offers to link local author’s book from ISP’s website. Author violated copyright on his book. ISP sued for Contributory Trademark Infringement ISP Sued for Defamation ◦ Based on statement’s by a customer on a bulletin board. ISP failed to monitor or censor forum.
What do they have in common?
Personal Health Information and Personal Financial Information ◦ Employees ◦ Customers ◦ Third Party Information Regulatory – State, Federal
Caution:
◦ Warranty Statements ◦
Contract Review
◦ Services agreeing to perform clearly stated ◦ Misrepresentation Ask a lawyer to review ◦ ◦ Familiar with contracts Beware of generic contract forms Identify all parties Third parties, subsidiaries
Contract Review
◦ Do you have a remedies provision?
◦ ◦ Breach of Contract – how to terminate a contract Goals: 1.
2.
Risk Transfer Manage Customer Expectations Privacy Statement User Agreements
Funding losses ◦ They will happen ◦ Understanding exposure ◦ ◦ Risk Assesment Retaining risk ◦ What risks?
◦ ◦ ◦ How much?
Best practices?
Risk mitigation Transferring risk ◦ What is your goal?
Understand the product?
Seek out an expert?
◦ ◦ ◦ ◦
Contract Control – 1
st
line of defense Technology Errors and Omissions Liability Policy – May be your most important policy
What is the goal?
Identify the proper form to use 3 rd 1 st party coverage party coverage Beware of Exclusions (Breach of Contract) Claims made policies Claims made and reported Don’t rely on your Umbrella policy Know your risks & Understand your coverage
Joe Weipert, ARM, CIC Sr. Vice President 402-434-7270 [email protected]
www.unitelinsurance.com