Do I really need cyber liability insurance? – Rob Thacker, Pound Gates - From website hackings to the loss of unencrypted laptops, cyber security breaches can put your customer data at risk and your reputation on the line. Pound Gates’ Rob Thacker asks whether your business should take steps to improve customer data storage and consider cyber liability insurance.
3. • Quick introduction
• What is Cyber Liability risk?
• Some well known cases
• How would Cyber Liability have helped?
• Who is at risk?
• How can you stop it and other thoughts?
10 minutes Bite Sized explanation
8. Your Risks:
• Cyber Loss or Damage
• Business Interruption or Extra Expenses
• Cyber Theft
• Cyber Extortion
What is cyber liability insurance?
9. The highlights from this incident:
• Complete crash of RBS, NatWest & Ulster Bank’s payment system
for four days;
• Complete failure to register payments;
• Bank extended hours at 1,200 branches;
• Compensation agreed for any/all who suffered financial loss;
• Expected final settlement over £170,000,000
“Failed Automated Software” RBS/NatWest June 2012
10. Your risk from others:
• Cyber Media Liability
• Privacy Liability
• Cyber Security Liability
• Breach of confidentiality
What is cyber liability insurance?
11. The highlights from this incident are as follows:
• Two separate data breaches in April and May 2011 lead to over 100
million individuals details "exposed";
• 12 million credit and debit cards compromised;
• Estimated to spend US$180,000,000 just on these breach related
costs; and
• UK Information Commissioners Office fined them £250,000 in
January 2013 for "preventable data breach".
“Sony Playstation suffers massive breaches” April 2011
12. Any company that stores, manipulates,
or transmits data is at risk of a cyber
or physical theft event
Who is really at risk?
13. • Cyber policies cover businesses whether they are
negligent or not (so no need to have been negligent).
• Physical loss of data account for 45% of losses – lost
laptops and data sticks.
• There were 855 data breaches reported in 2011.
A few more thoughts
14. • Some insurers immediately provide PR support – often
the first issue.
• There are 5 leading insurers.
• Costs:
Below £1m t/o company: £500k limit, premium £1,802
£5m t/o company: £1m limit, premium £4,452
A few more thoughts
15. • You can’t – Sony couldn’t – if people are determined…
• Risk management: Better firewalls, policies to control
staff, continuity plans or not use the internet…
• If it’s news, then it’s on Twitter, and before you know,
everyone else does…
How can you stop it?
16. • Mistakes do happen – we have seen lots of well known
cases now.
• Botnet attacked Wordpress two weeks ago, whilst I
was writing this presentation.
• There is a word called “Hackivism”.
How can you stop it?