Cyber Insurance - Setting the scene - The Scene

Koen Van Loo
Koen Van LooExperienced Digital and IT Executive em -
© Koen Van Loo Cyber Insurance Setting the scene Koen Van Loo 1
© Koen Van Loo Who am I? Koen Van Loo https://about.me/koenvanloo 2004-2016 CIO @ ADMB 2007-2016 CISO @ ADMB Follow me on @kvl0 (i.e. K-V-L-Zero) Ask your questions! 2
© Koen Van Loo A Cyberwar is going on... 3 http://newsmonkey.be/article/66658
© Koen Van Loo Trends in four data breach cost components 4 Ponemon Institute© Research Report
© Koen Van Loo Question 1 How many organisations have done a Security Audit/Assessment? 5
© Koen Van Loo Question 2 How many organisations have a Cybercrime Insurance? 6
© Koen Van Loo What is a Cyber Insurance? Cyber-insurance is an insurance product used to protect businesses and individual users from Internet-based risks, and more generally from risks relating to information technology infrastructure and activities. 7
© Koen Van Loo What is Cyber crime? 8 Business Disruption and Misuse Online Scams Theft and Fraud DDOS Phishing Identity Theft Malware Spear Phishing Theft from Business Software Piracy Pharming IP Theft Espionage Spoofing Customer Data Theft Extortion Purchase Fraud Fiscal Fraud https://www.be.capgemini.com/resource-file-access/resource/pdf/Using_Insurance_to_Mitigate_Cybercrime_Risk.pdf
© Koen Van Loo Quote 9 Traditional insurance is based on sometimes hundreds of years of historical data. They can look back, see where the losses came from, and they price accordingly. ... The (cyber) market is still very, very juvenile. Garrett Droege a cyberinsurance leader
© Koen Van Loo Prevention vs Protection 10
© Koen Van Loo Quote Now into its third major phase of development, cyber insurance is no replacement for robust IT security. However, it has an important role to play as part of a holistic risk management strategy, creating a second line of defense to mitigate cyber incidents. Cyber insurance continues to evolve 11
© Koen Van Loo Quote Mandatory data breach notification regulations are in part a driver for Cyber Liability Insurance Cover as the costs of notifying affected users can be extremely high. 12
© Koen Van Loo Cyber and professional indemnity insurance 13
© Koen Van Loo Who’s buying? 14
© Koen Van Loo Why no disaster recovery plan? Haven't thought about it A data disaster could not happen Withstand disaster without financial loss The perception that disaster plans are too costly to implement (Results from a Carbonite study) 15https://www.flickr.com/photos/2top/9571794304
© Koen Van Loo Questions to ask • What security controls can you put into place that will reduce the premium? • What assistance is provided to improve information governance and information security? • What and how big a difference to your future premiums will a claim make? • The security / protection industry is very fast changing, how can the insurance ensure that your policy is current? • Are malicious acts by employees covered? • Although ignorance of the law is no excuse, we are just not able to keep up with all the compliance issues that may affect all the territories our company works in, would you refuse a claim if you were processing data that may contravene laws in one country but not another – because insurance policies often stipulate that you must not be breaking the law? • What about the limitations? • Could you claim if you were not able to detect an intrusion until several months or years have elapsed, so you are outside the period of the cover, (as with the Red October malware which was discovered after about five years)? • ... 16
© Koen Van Loo Cybersecurity Assesment https://www.flickr.com/photos/acousticskyy/4395455002 17
© Koen Van Loo Thank you! And stay secure... 18
1 de 18

Cyber Insurance - Setting the scene - The Scene

Baixar para ler offline
Negócios

The slides for my presentation on The BELTUG X-change: Sense and Nonsense of Cyber Insurance Policies - 26.05.2016 in Zellik, Belgium. More on www.beltug.be

Koen Van Loo
Koen Van LooExperienced Digital and IT Executive em -

Recomendados

Cyber - it's all now a matter of time! por
Cyber - it's all now a matter of time!Cyber - it's all now a matter of time!
Cyber - it's all now a matter of time!Gloucestershire Professionals
138 visualizações18 slides
10 reasons businesses fail! por
10 reasons businesses fail!10 reasons businesses fail!
10 reasons businesses fail!Gloucestershire Professionals
196 visualizações15 slides
The ever increasing threat of cyber crime por
The ever increasing threat of cyber crimeThe ever increasing threat of cyber crime
The ever increasing threat of cyber crimeNathan Desfontaines
897 visualizações25 slides
Is it a Risk to Be Compliant? por
Is it a Risk to Be Compliant?Is it a Risk to Be Compliant?
Is it a Risk to Be Compliant?PECB
1K visualizações29 slides
Cybersecurity and The Board por
Cybersecurity and The BoardCybersecurity and The Board
Cybersecurity and The BoardPaul Melson
8.3K visualizações21 slides
Top 10 leading fraud detection and prevention solution providers por
Top 10 leading fraud detection and prevention solution providersTop 10 leading fraud detection and prevention solution providers
Top 10 leading fraud detection and prevention solution providersMerry D'souza
42 visualizações48 slides

Mais conteúdo relacionado

Mais procurados

Cyber-risk Oversight Handbook for Corporate Boards por
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate BoardsCheffley White
239 visualizações54 slides
A Breach Carol: 2013 Review, 2014 Predictions por
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 PredictionsResilient Systems
378 visualizações27 slides
Cowie -plenaria_workshop_24-05-13 por
Cowie -plenaria_workshop_24-05-13Cowie -plenaria_workshop_24-05-13
Cowie -plenaria_workshop_24-05-13Agcom Autorità Comunicazioni
246 visualizações9 slides
The Unpleasant Truths of Modern Business Cybersecurity por
The Unpleasant Truths of Modern Business CybersecurityThe Unpleasant Truths of Modern Business Cybersecurity
The Unpleasant Truths of Modern Business CybersecurityGlobal Knowledge Training
655 visualizações36 slides
Cyber Security breakfast briefing - Bournemouth por
Cyber Security breakfast briefing - BournemouthCyber Security breakfast briefing - Bournemouth
Cyber Security breakfast briefing - BournemouthPKF Francis Clark
142 visualizações38 slides
A Hacker's Playground - Cyber Risks During COVID-19 por
A Hacker's Playground - Cyber Risks During COVID-19A Hacker's Playground - Cyber Risks During COVID-19
A Hacker's Playground - Cyber Risks During COVID-19Citrin Cooperman
252 visualizações34 slides

Mais procurados(20)

Cyber-risk Oversight Handbook for Corporate Boards por Cheffley White
Cyber-risk Oversight Handbook for Corporate BoardsCyber-risk Oversight Handbook for Corporate Boards
Cyber-risk Oversight Handbook for Corporate Boards
Cheffley White239 visualizações
A Breach Carol: 2013 Review, 2014 Predictions por Resilient Systems
A Breach Carol: 2013 Review, 2014 PredictionsA Breach Carol: 2013 Review, 2014 Predictions
A Breach Carol: 2013 Review, 2014 Predictions
Resilient Systems378 visualizações
Cowie -plenaria_workshop_24-05-13 por Agcom Autorità Comunicazioni
Cowie -plenaria_workshop_24-05-13Cowie -plenaria_workshop_24-05-13
Cowie -plenaria_workshop_24-05-13
Agcom Autorità Comunicazioni246 visualizações
The Unpleasant Truths of Modern Business Cybersecurity por Global Knowledge Training
The Unpleasant Truths of Modern Business CybersecurityThe Unpleasant Truths of Modern Business Cybersecurity
The Unpleasant Truths of Modern Business Cybersecurity
Global Knowledge Training655 visualizações
Cyber Security breakfast briefing - Bournemouth por PKF Francis Clark
Cyber Security breakfast briefing - BournemouthCyber Security breakfast briefing - Bournemouth
Cyber Security breakfast briefing - Bournemouth
PKF Francis Clark 142 visualizações
A Hacker's Playground - Cyber Risks During COVID-19 por Citrin Cooperman
A Hacker's Playground - Cyber Risks During COVID-19A Hacker's Playground - Cyber Risks During COVID-19
A Hacker's Playground - Cyber Risks During COVID-19
Citrin Cooperman252 visualizações
Cybersecurity for Your Law Firm: Data Security and Data Encryption por Shawn Tuma
Cybersecurity for Your Law Firm: Data Security and Data EncryptionCybersecurity for Your Law Firm: Data Security and Data Encryption
Cybersecurity for Your Law Firm: Data Security and Data Encryption
Shawn Tuma1.6K visualizações
Cyber Security breakfast briefing - Exeter por PKF Francis Clark
Cyber Security breakfast briefing - ExeterCyber Security breakfast briefing - Exeter
Cyber Security breakfast briefing - Exeter
PKF Francis Clark 111 visualizações
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a... por PECB
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
Anti-Bribery Forensics and Compliance on a Multi-National Scale: Challenges a...
PECB 1K visualizações
Cybersecurity & the Board of Directors por Abdul-Hakeem Ajijola
Cybersecurity & the Board of DirectorsCybersecurity & the Board of Directors
Cybersecurity & the Board of Directors
Abdul-Hakeem Ajijola383 visualizações
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur... por Symantec
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec403 visualizações
Cyber Liability Risk por Christopher Rieser
Cyber Liability RiskCyber Liability Risk
Cyber Liability Risk
Christopher Rieser325 visualizações
Role of The Board In IT Governance & Cyber Security-Steve Howse por CGTI
Role of The Board In IT Governance & Cyber Security-Steve HowseRole of The Board In IT Governance & Cyber Security-Steve Howse
Role of The Board In IT Governance & Cyber Security-Steve Howse
CGTI915 visualizações
Cas cyber prez por Dan Michaluk
Cas cyber prezCas cyber prez
Cas cyber prez
Dan Michaluk1K visualizações
Board and Cyber Security por Leon Fouche
Board and Cyber SecurityBoard and Cyber Security
Board and Cyber Security
Leon Fouche1.4K visualizações
Under thehood por Darius Povilaitis
Under thehoodUnder thehood
Under thehood
Darius Povilaitis475 visualizações
CRI Cyber Board Briefing por OCTF Industry Engagement
CRI Cyber Board Briefing CRI Cyber Board Briefing
CRI Cyber Board Briefing
OCTF Industry Engagement5.4K visualizações
Cyber Security for Your Clients: Business Lawyers Advising Business Clients por Shawn Tuma
Cyber Security for Your Clients: Business Lawyers Advising Business ClientsCyber Security for Your Clients: Business Lawyers Advising Business Clients
Cyber Security for Your Clients: Business Lawyers Advising Business Clients
Shawn Tuma392 visualizações
ACFN vISO eBook por Patrick Whelan, CISA
ACFN vISO eBookACFN vISO eBook
ACFN vISO eBook
Patrick Whelan, CISA91 visualizações
Canadian Association of University Solicitors - Privacy Update 2016 por Dan Michaluk
Canadian Association of University Solicitors - Privacy Update 2016Canadian Association of University Solicitors - Privacy Update 2016
Canadian Association of University Solicitors - Privacy Update 2016
Dan Michaluk1.2K visualizações

Similar a Cyber Insurance - Setting the scene - The Scene

Cyber por
Cyber Cyber
Cyber Alberto Peñaranda Echevarría
287 visualizações4 slides
Signacure Brochure por
Signacure BrochureSignacure Brochure
Signacure BrochureDave Lloyd
246 visualizações12 slides
NCVO/Zurich webinar: Beyond cyber essentials por
NCVO/Zurich webinar: Beyond cyber essentialsNCVO/Zurich webinar: Beyond cyber essentials
NCVO/Zurich webinar: Beyond cyber essentialsNCVO - National Council for Voluntary Organisations
412 visualizações32 slides
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv... por
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...James Fisher
157 visualizações70 slides
Law Firm Security: How to Protect Your Client Data and Stay Compliant por
Law Firm Security: How to Protect Your Client Data and Stay CompliantLaw Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay CompliantClio - Cloud-Based Legal Technology
188 visualizações61 slides
CyberSecurity Insurance - The Ugly Truth! por
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!topseowebmaster
26 visualizações6 slides

Similar a Cyber Insurance - Setting the scene - The Scene(20)

Cyber por Alberto Peñaranda Echevarría
Cyber Cyber
Cyber
Alberto Peñaranda Echevarría287 visualizações
Signacure Brochure por Dave Lloyd
Signacure BrochureSignacure Brochure
Signacure Brochure
Dave Lloyd246 visualizações
NCVO/Zurich webinar: Beyond cyber essentials por NCVO - National Council for Voluntary Organisations
NCVO/Zurich webinar: Beyond cyber essentialsNCVO/Zurich webinar: Beyond cyber essentials
NCVO/Zurich webinar: Beyond cyber essentials
NCVO - National Council for Voluntary Organisations412 visualizações
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv... por James Fisher
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
protectingyourbusinessfromcyberrisks-pptforseminarnov122014-141120120959-conv...
James Fisher157 visualizações
Law Firm Security: How to Protect Your Client Data and Stay Compliant por Clio - Cloud-Based Legal Technology
Law Firm Security: How to Protect Your Client Data and Stay CompliantLaw Firm Security: How to Protect Your Client Data and Stay Compliant
Law Firm Security: How to Protect Your Client Data and Stay Compliant
Clio - Cloud-Based Legal Technology188 visualizações
CyberSecurity Insurance - The Ugly Truth! por topseowebmaster
CyberSecurity Insurance - The Ugly Truth!CyberSecurity Insurance - The Ugly Truth!
CyberSecurity Insurance - The Ugly Truth!
topseowebmaster26 visualizações
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018 por Human Capital Department
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
GDPR Pop Up | Human Capital Department - HR Forum - 26 April 2018
Human Capital Department143 visualizações
Privacy 2020: Recap & Predictions por TrustArc
Privacy 2020: Recap & PredictionsPrivacy 2020: Recap & Predictions
Privacy 2020: Recap & Predictions
TrustArc703 visualizações
Omlis Data Breaches Report - An Inside Perspective por Omlis
Omlis Data Breaches Report - An Inside Perspective Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective
Omlis301 visualizações
2014 ota databreach3 por Meg Weber
2014 ota databreach32014 ota databreach3
2014 ota databreach3
Meg Weber222 visualizações
Construction Cyber Risks por Graeme Cross
Construction Cyber RisksConstruction Cyber Risks
Construction Cyber Risks
Graeme Cross104 visualizações
Cybersecurity: What does Cyber Insurance Cover? por Next Dimension Inc.
Cybersecurity: What does Cyber Insurance Cover?Cybersecurity: What does Cyber Insurance Cover?
Cybersecurity: What does Cyber Insurance Cover?
Next Dimension Inc.157 visualizações
Ritz 4th-july-gdpr por Exponential_e
Ritz 4th-july-gdprRitz 4th-july-gdpr
Ritz 4th-july-gdpr
Exponential_e420 visualizações
Do I really need cyber liability insurance? por Crafted
Do I really need cyber liability insurance?Do I really need cyber liability insurance?
Do I really need cyber liability insurance?
Crafted 862 visualizações
The top cybersecurity challenges post-lockdow por Dharmendra Rama
The top cybersecurity challenges post-lockdowThe top cybersecurity challenges post-lockdow
The top cybersecurity challenges post-lockdow
Dharmendra Rama 74 visualizações
Quantifying Cloud Risk for Your Corporate Leadership por Netskope
Quantifying Cloud Risk for Your Corporate LeadershipQuantifying Cloud Risk for Your Corporate Leadership
Quantifying Cloud Risk for Your Corporate Leadership
Netskope1.8K visualizações
nerfslides.pptx por ssusera5ade5
nerfslides.pptxnerfslides.pptx
nerfslides.pptx
ssusera5ade56 visualizações
Cyber liability and cyber security por Helen Carpenter
Cyber liability and cyber securityCyber liability and cyber security
Cyber liability and cyber security
Helen Carpenter76 visualizações
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015 por Jeff Otteson
20 Questions to ask your Cyber Carrier - Wis Banker 12-201520 Questions to ask your Cyber Carrier - Wis Banker 12-2015
20 Questions to ask your Cyber Carrier - Wis Banker 12-2015
Jeff Otteson96 visualizações
Your organization is at risk! Upgrade your IT security & IT governance now. por Cyril Soeri
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
Cyril Soeri603 visualizações

Último

UCA towards I5.0 OECD.pdf por
UCA towards I5.0 OECD.pdfUCA towards I5.0 OECD.pdf
UCA towards I5.0 OECD.pdfAPPAU_Ukraine
7 visualizações16 slides
Discover the Finest Interior Painting Services in Miami Elevate Your Space wi... por
Discover the Finest Interior Painting Services in Miami Elevate Your Space wi...Discover the Finest Interior Painting Services in Miami Elevate Your Space wi...
Discover the Finest Interior Painting Services in Miami Elevate Your Space wi...Florida Painting Miami
9 visualizações10 slides
Top 10 Web Development Companies in California por
Top 10 Web Development Companies in CaliforniaTop 10 Web Development Companies in California
Top 10 Web Development Companies in CaliforniaTopCSSGallery
35 visualizações27 slides
NYKAA PPT .pptx por
NYKAA PPT .pptxNYKAA PPT .pptx
NYKAA PPT .pptx125071081
10 visualizações9 slides
Why are KPIs(key performance indicators) important? por
Why are KPIs(key performance indicators) important? Why are KPIs(key performance indicators) important?
Why are KPIs(key performance indicators) important? Epixel MLM Software
7 visualizações17 slides
Effective Supervisory Skill por
Effective Supervisory SkillEffective Supervisory Skill
Effective Supervisory SkillSeta Wicaksana
14 visualizações26 slides

Último(20)

UCA towards I5.0 OECD.pdf por APPAU_Ukraine
UCA towards I5.0 OECD.pdfUCA towards I5.0 OECD.pdf
UCA towards I5.0 OECD.pdf
APPAU_Ukraine7 visualizações
Discover the Finest Interior Painting Services in Miami Elevate Your Space wi... por Florida Painting Miami
Discover the Finest Interior Painting Services in Miami Elevate Your Space wi...Discover the Finest Interior Painting Services in Miami Elevate Your Space wi...
Discover the Finest Interior Painting Services in Miami Elevate Your Space wi...
Florida Painting Miami9 visualizações
Top 10 Web Development Companies in California por TopCSSGallery
Top 10 Web Development Companies in CaliforniaTop 10 Web Development Companies in California
Top 10 Web Development Companies in California
TopCSSGallery35 visualizações
NYKAA PPT .pptx por 125071081
NYKAA PPT .pptxNYKAA PPT .pptx
NYKAA PPT .pptx
12507108110 visualizações
Why are KPIs(key performance indicators) important? por Epixel MLM Software
Why are KPIs(key performance indicators) important? Why are KPIs(key performance indicators) important?
Why are KPIs(key performance indicators) important?
Epixel MLM Software7 visualizações
Effective Supervisory Skill por Seta Wicaksana
Effective Supervisory SkillEffective Supervisory Skill
Effective Supervisory Skill
Seta Wicaksana14 visualizações
voice logger software aegis.pdf por Nirmal Sharma
voice logger software aegis.pdfvoice logger software aegis.pdf
voice logger software aegis.pdf
Nirmal Sharma23 visualizações
Imports Next Level.pdf por Bloomerang
Imports Next Level.pdfImports Next Level.pdf
Imports Next Level.pdf
Bloomerang72 visualizações
terms_2.pdf por JAWADIQBAL40
terms_2.pdfterms_2.pdf
terms_2.pdf
JAWADIQBAL4016 visualizações
2023 Photo Contest.pptx por culhama
2023 Photo Contest.pptx2023 Photo Contest.pptx
2023 Photo Contest.pptx
culhama25 visualizações
duck railing.pdf por aluminumdeckrailingc
duck railing.pdfduck railing.pdf
duck railing.pdf
aluminumdeckrailingc7 visualizações
Greece opens countless opportunities for techies por Abhinav Immigration Services Pvt. Ltd.
Greece opens countless opportunities for techiesGreece opens countless opportunities for techies
Greece opens countless opportunities for techies
Abhinav Immigration Services Pvt. Ltd.17 visualizações
Building Careers at Specialty TRE 2023 por Jennifer Sanborn
Building Careers at Specialty TRE 2023Building Careers at Specialty TRE 2023
Building Careers at Specialty TRE 2023
Jennifer Sanborn40 visualizações
The 10 Most Iconic Leaders in Supply Chain 2023_compressed.pdf por ciolook1
The 10 Most Iconic Leaders in Supply Chain 2023_compressed.pdfThe 10 Most Iconic Leaders in Supply Chain 2023_compressed.pdf
The 10 Most Iconic Leaders in Supply Chain 2023_compressed.pdf
ciolook16 visualizações
ZARA.pptx por merlinjenma529
ZARA.pptxZARA.pptx
ZARA.pptx
merlinjenma52923 visualizações
Episode 258 Snippets: Rob Gevertz of First Five Yards por Neil Horowitz
Episode 258 Snippets: Rob Gevertz of First Five YardsEpisode 258 Snippets: Rob Gevertz of First Five Yards
Episode 258 Snippets: Rob Gevertz of First Five Yards
Neil Horowitz47 visualizações
Why Networking Events Don't Work_ Why You Should Give Talks Instead por HarryRamsay1
Why Networking Events Don't Work_ Why You Should Give Talks Instead Why Networking Events Don't Work_ Why You Should Give Talks Instead
Why Networking Events Don't Work_ Why You Should Give Talks Instead
HarryRamsay17 visualizações
ANTHROPOIDS WHITE PAPER.pdf por Anthropoids Nfts
ANTHROPOIDS WHITE PAPER.pdfANTHROPOIDS WHITE PAPER.pdf
ANTHROPOIDS WHITE PAPER.pdf
Anthropoids Nfts 39 visualizações
SUGAR cosmetics ppt por shafrinn5
SUGAR cosmetics pptSUGAR cosmetics ppt
SUGAR cosmetics ppt
shafrinn536 visualizações
PMU Launch - Guaranteed Slides por pmulaunch
PMU Launch - Guaranteed SlidesPMU Launch - Guaranteed Slides
PMU Launch - Guaranteed Slides
pmulaunch14 visualizações

Cyber Insurance - Setting the scene - The Scene

  • 1. © Koen Van Loo Cyber Insurance Setting the scene Koen Van Loo 1
  • 2. © Koen Van Loo Who am I? Koen Van Loo https://about.me/koenvanloo 2004-2016 CIO @ ADMB 2007-2016 CISO @ ADMB Follow me on @kvl0 (i.e. K-V-L-Zero) Ask your questions! 2
  • 3. © Koen Van Loo A Cyberwar is going on... 3 http://newsmonkey.be/article/66658
  • 4. © Koen Van Loo Trends in four data breach cost components 4 Ponemon Institute© Research Report
  • 5. © Koen Van Loo Question 1 How many organisations have done a Security Audit/Assessment? 5
  • 6. © Koen Van Loo Question 2 How many organisations have a Cybercrime Insurance? 6
  • 7. © Koen Van Loo What is a Cyber Insurance? Cyber-insurance is an insurance product used to protect businesses and individual users from Internet-based risks, and more generally from risks relating to information technology infrastructure and activities. 7
  • 8. © Koen Van Loo What is Cyber crime? 8 Business Disruption and Misuse Online Scams Theft and Fraud DDOS Phishing Identity Theft Malware Spear Phishing Theft from Business Software Piracy Pharming IP Theft Espionage Spoofing Customer Data Theft Extortion Purchase Fraud Fiscal Fraud https://www.be.capgemini.com/resource-file-access/resource/pdf/Using_Insurance_to_Mitigate_Cybercrime_Risk.pdf
  • 9. © Koen Van Loo Quote 9 Traditional insurance is based on sometimes hundreds of years of historical data. They can look back, see where the losses came from, and they price accordingly. ... The (cyber) market is still very, very juvenile. Garrett Droege a cyberinsurance leader
  • 10. © Koen Van Loo Prevention vs Protection 10
  • 11. © Koen Van Loo Quote Now into its third major phase of development, cyber insurance is no replacement for robust IT security. However, it has an important role to play as part of a holistic risk management strategy, creating a second line of defense to mitigate cyber incidents. Cyber insurance continues to evolve 11
  • 12. © Koen Van Loo Quote Mandatory data breach notification regulations are in part a driver for Cyber Liability Insurance Cover as the costs of notifying affected users can be extremely high. 12
  • 13. © Koen Van Loo Cyber and professional indemnity insurance 13
  • 14. © Koen Van Loo Who’s buying? 14
  • 15. © Koen Van Loo Why no disaster recovery plan? Haven't thought about it A data disaster could not happen Withstand disaster without financial loss The perception that disaster plans are too costly to implement (Results from a Carbonite study) 15https://www.flickr.com/photos/2top/9571794304
  • 16. © Koen Van Loo Questions to ask • What security controls can you put into place that will reduce the premium? • What assistance is provided to improve information governance and information security? • What and how big a difference to your future premiums will a claim make? • The security / protection industry is very fast changing, how can the insurance ensure that your policy is current? • Are malicious acts by employees covered? • Although ignorance of the law is no excuse, we are just not able to keep up with all the compliance issues that may affect all the territories our company works in, would you refuse a claim if you were processing data that may contravene laws in one country but not another – because insurance policies often stipulate that you must not be breaking the law? • What about the limitations? • Could you claim if you were not able to detect an intrusion until several months or years have elapsed, so you are outside the period of the cover, (as with the Red October malware which was discovered after about five years)? • ... 16
  • 17. © Koen Van Loo Cybersecurity Assesment https://www.flickr.com/photos/acousticskyy/4395455002 17
  • 18. © Koen Van Loo Thank you! And stay secure... 18

Notas do Editor

  1. If you haven’t done an audit or self assessment on how cyber secure your company is, be sure to do a Google search for Cybersecurity Assessment. There are lots of good assesment onlines. They give you a good overview of the maturity level of your company on cybersecurity. That overview is a good basis to start your search for a fitting cybersecurity insurance.