NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

The Essentials of Cyber Insurance:A Panel of Industry Experts

Patrick FlorerRisk Centric Security, Inc.

Co-Author: NetDiligenceCyber Claims Report & Ponemon Contributor

Mark KnepshieldInsurance Broker,

Specializing in Cyber

McGriff, Seibels & Williams

John SouthreyDirector of Prod.

Development,

Specializing in Cyber

Tex. Med. Liab. Trust

Shawn Tuma(Moderator)

Cybersecurity & Data Privacy Attorney

Scheef & Stone, LLP

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Speakers

2

Patrick FlorerCTO and Cofounder

Risk Centric Security, Inc.

• Information technologist for 38 years

• Database designer/statistical analysis in evidence-based medicine for 17 years in parallel

• Member, RIM Council (Responsible Information Council), Ponemon Institute, since 2009

• Distinguished Fellow, Ponemon Institute, since 2009

• Co-author and co-analyst of the 2016 & 2017 NetDiligence© Cost of Cyber Claims report (along with Heather Goodnight-Hoffmann)

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Speakers

3

Mark KnepshieldSenior Vice President

Financial Services Division

McGriff, Seibels & Williams, Inc.

• Mark specializes in cyber liability insurance placement and claim handling.

• Mark assists clients on implementing strategic incident response and breach preparedness plans.

• Mark’s experience includes cyber insurance claim workouts on a number of high profile breaches and as well as the expected financial impact to companies.

• Mark is a frequent speaker at insurance industry and financial services related events around the country.

• McGriff Seibels & Williams, Inc. is a subsidiary of BB&T Insurance Services, the 5th largest insurance brokerage house in the United States.

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Speakers

4

John Southrey,

CIC, CRMDirector, Product Development & Consulting Services

Texas Medical Liability Trust

• Over 37 years in insurance industry and is a Certified Insurance Counselor and Certified Risk Manager.

• John leads the development and marketing of standalone cyber liability and technology errors & omissions liability insurance for medical-related firms and law firms at TMLT.

• TMLT (Texas Medical Liability Trust) (www.tmlt.org) is the largest medical professional liability insurer in Texas.

• In 2004, started with TMLT and worked in the Claims dept as claims supervisor, in the Sales department as a Sales Manager.

• A prolific writer with many published works.

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Overview

• Frequently used insurance terminology

• Who are the key players?

• Role of cyber insurance in risk mgt?

• Why do companies need cyber risk insurance?

• What kind of cyber risk coverage is available?

• What are specific issues to look for in cyber risk insurance?

• What is the process for obtaining cyber risk insurance?

• How much coverage do you need?

• What is the process for making a claim on your policy?

• What are the most common mistakes insureds make?

• What are the most common claims costs for items in a breach?

• What are the most common things not covered?

5

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Frequently used insurance terminology

• CGL – Commercial General Liability insurance

• D&O – Directors’ and Officers’ insurance

• E&O (PLI/PII) – Errors and Omissions (sometimes called Professional Liability or Professional Indemnity Insurance)

• K&R – Kidnap and Ransom

• ISO – the Insurance Services Office

• Policy

• Risk / Peril

• Retention

• Limits / Sub-limits

• Exclusions

• Re-insurance

6

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Who are the key players?

• The Insured

• The Broker / Agent

• The Underwriter

• The Actuary

• The Insurer / Carrier

• The ISO – the Insurance Services Office

7

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Role of cyber insurance in risk mgt.

In March 2016, the Cybersecurity and Infrastructure Protection Subcommittee (part of the U.S. Department of Homeland Security) at a hearing titled “The Role of Cyber Insurance in Risk Management” noted the following:

“The purpose of the hearing was to examine the potential opportunities to promote the adoption of cyber best practices and more effective management of cyber risks through cyber insurance.” https://homeland.house.gov/hearing/the-role-of-cyber-insurance-in-risk-management/

In March 2015, at a U.S. Senate hearing on “Cyber Insurance” it was also noted:

“Simply engaging in the process of seeking cyber insurance coverage can assist businesses to develop the correct approach to mitigate risk. Insurance can bring all relevant stakeholders in an organization together, encouraging an enterprise-wide risk management approach.”

http://www.propertycasualty360.com/2015/03/20/cyber-insurance-in-the-spotlight-senate-mulling-fe

8

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Why do companies need cyber risk insurance?

• Do traditional CGL or other policies usually cover cyber risk or cyber-caused losses?

• Are cyber risks usually excluded from non-cyber policies?

• Do only big companies, small companies, or “tech” companies need cyber risk coverage?

9

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What kind of cyber risk coverage is available?

• What kind of cyber risk coverage is available?

• How expensive is this coverage?

10

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What kind of cyber risk coverage is available?

First-Party Coverages:• Privacy Breach Response Costs • Network Asset Protection• Cyber Extortion & Cyber Terrorism• Cyber Crime• Reputational Harm• Corrective Action Plan Costs

Third-Party Coverages:• Multimedia Liability• Security and Privacy Liability• Privacy Regulatory Defense and Fines & Penalties• PCI DSS Liability

11

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What are specific issues to look for in cyber risk insurance?

• Social engineering?

• Computer fraud / crime language?

• Contractual liability, such as indemnification agreements?

• Pre-existing “issues”?

12

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What is the process for obtaining cyber risk insurance?

• What is the process for obtaining cyber risk insurance?

• Application / underwriting process

• Should IT / infosec be involved to ensure accuracy?

• Risk assessments

• What do they look like?

• Do they impact premiums?

• Prior incidents

• Do they impact premiums?

• Must they be disclosed?

• Latest tech tools, services, gimmicks

• Do they impact premiums?

13

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

How much coverage do you need?

• How much coverage does your company need?

• How do you calculate your company’s risk exposure?

14

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What is the process for making a claim on your policy?

• What is the process for making a claim on your policy?• Is this like the first, second, or third call you need to make after discovering an

incident?• List of approved panel providers

• Attorneys

• Forensics

• Credit product / notification logistics

• Public Relations

• Timeliness• Notice

• Carrier may not pay for services provided without prior approval

• Appoint legal counsel as breach guide• Process

• Any input from the insured on who represents them?

• Can this be addressed when obtaining coverage, if they have counsel they trust?

15

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What are the most common mistakes insureds make?

• What are the most common mistakes you see insureds make that jeopardizes their coverage?

16

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What are the most common claims costs for items in a breach?

• In an incident, what are the most common claims costs for things such as:

• Forensics

• Remediation

• Public Relations

• Notifications / Credit Product / Logistics

• Legal

17

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What are the most common things not covered?

• What the most common things that insureds seem to expect would be covered but, in reality, are not covered?

• Warranties or exclusions in relating to the Insured’s failure to maintain the security of its computer network in accordance with industry standards or “best practices,” internal policies, and/or regulations. (These exclusions can defeat the purpose of the cyber insurance.)

• No coverage for unencrypted mobile devices.

• What lessons should this teach them?

18

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Questions?

Patrick FlorerCTO and CofounderRisk Centric Security, Inc.214.828.1172 (office)214.850.8539 (cell)www.riskcentricsecurity.com

Mark KnepshieldSenior Vice PresidentFinancial Services DivisionMcGriff Seibels & WilliamsDirect: 469-232-2126Mobile: 303-885-5843

John SouthreyDirector, Product Development & ConsultingTexas Medical Liability TrustP.O. Box 160140, Austin, TX 78716-0140direct: 512-425-5976 | cell: 512-589-4543www.tmlt.org

Shawn TumaScheef & Stone, L.L.P.Cybersecurity & Data Privacy Attorney2600 Network Blvd., #400, Frisco, TX 75034Direct: 214.472.2135 | Mobile: 214.726.2808Email: shawn.tuma@solidcounsel.comBlog: www.BusinessCyberRisk.com

19

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

20

Thank you