1 / 22

Crawford & Company

Crawford & Company. CYBER & Product Liability & Professional Indemnity ‘ Everything you always wanted to know about claims ‘ Mark Vos, Head of GTS CEMEA June 2013. Version 18 June 2013. Now back to the basics + discussion of a case. What is your Cyber Risk. Many definitions. C .

dinos
Télécharger la présentation

Crawford & Company

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Crawford & Company CYBER & Product Liability & Professional Indemnity ‘Everything you always wanted to know about claims ‘ Mark Vos, Head of GTS CEMEA June 2013 Version 18 June 2013

  2. Now back to the basics + discussion of a case.

  3. What is your Cyber Risk Many definitions C

  4. How structured is your organisation ?

  5. What is Cyber Liability Many definitions C

  6. CYBER Risk definition Criminal Yearly Benefit Emerging Recurring Risk 2011: Norton  2013 USA

  7. It is another Risk, which comes back in every kind of policy likeProperty, Casualty, Construction , Marine & Transportation; without national limitations. Loss of Control and Integrity of * Hardware,* Software, * Data

  8. Product Liability Professional Indemnity Defining the product What is Cyber proof? A Dynamic Risk Encryption & log–in strategy Procurement Over-selling & Under-delivery Misperception of expectation Contract What does the client say, he wants What does the final user actually needs Technical / Functionality specification Validation Warranty & Limited Liability Fit for purpose < -- > Critical in the Business Continuity

  9. Who worries about our safety Chief Information Officer Who worries about the information storage and retrieval Days of the Business Process management data mining Chief Technology Officer Who worries about interconnectivity of systems Chief Digital Officer Who worries about total usage and management of data Big data en IP6 Data Protection Officer EU regulation 2104 applied per 2016: Data Protection Directive 95/46/EC Company > 250 staff Notify breaches to Authorities < 24 hrs

  10. Anti Virus software Fire wall N-1 Anti Virus software N N-1? Response on N-1 System patches

  11. The Contamination

  12. The Contamination

  13. Liability starts at First Partyrunning on Products (Product L + PI) Material damage ?  BI / drop of Share price Virus or hacker Down time and Business Interruption / Loss of Goodwill Regulation impact First Party Policy Requirements Internal protocols Back up USB clause Virus software clause Hardware or Data not necessarily at risk location Computer Centre Cloud (Public, Private, Hybrid) & EU Data Protection Directive 95/46/EC Spread throughout organisation Revalidation of software Master policy coverage versus local policy

  14. Will your Company be hacked? Cyber crime is larger than Narcotics. Identity theft: USA 2007 $56 Billion  2011 $ 37 Billion / 8 Million people You do not die in the Internet Drivers Money transfer/ credit card data Knowledge / espionage Competition benefits Nuisance / power / authority / war Risk factors External Crime Nuisance Internal Content leakage Espionage Rotation of staff Fraud

  15. 10 Steps to Cyber Security

  16. 10 Steps to Cyber Security 1. Secure Configuration 2. Network Security 3. Malware Protection 4. Removable Media Controls 5. Managing User Privileges 6. User Education Awareness 7. Home & Mobile Working Contractors & Consultants The World 8. Information Risk Management Regime 9. Monitoring 10. Incident Management

  17. Incident Management Can you shut down? Generally No, unless you are shut down Pre-select the appropriate companies, which can review your systems, and provide direct 24/7 support. Bring systems back in control. Make an inventory of level of First Party damage, and analyse virus in back-ups. Make an inventory of level of Third party damage, and analyse commercial and legal exposure. Report to insurers & Report to Press. Involve loss adjusters, who understand your problem.

  18. Cyber Risk team Dr Mark Hawksworth, UK Mark Vos, CEMEA, Rotterdam

  19. Crawford & Company Many countries Many languages Many specialists Many services ONE point of contact: www.crawfordandcompany.com

More Related