Non Physical Business Interruption Malcolm Randles, Underwriter, Kiln Syndicate 510 01 February...
-
Upload
brice-cook -
Category
Documents
-
view
215 -
download
2
Transcript of Non Physical Business Interruption Malcolm Randles, Underwriter, Kiln Syndicate 510 01 February...
Non Physical Business Interruption
Malcolm Randles, Underwriter, Kiln Syndicate 510
01 February 2011
2
Network Security Threats
Event Probability
Information Warfare
Cyber Terrorism
Cyber Crime
Malicious Hacking
Vandalism
Experimentation
Fin
anci
al L
oss
Severity/Probability Matrix
3
First Party Technology/Network Risks
Direct physical loss - property policyExtortionDirect non-physical damage
Software failuresOperational mistakesMalicious Code (viruses)Denial of ServiceVandalism/Malicious ActsTerrorism
Contingent Business InterruptionUpstream/downstream - suppliers, chief customersCo-dependency on Other Vendors Infrastructure (BPO and IT)
4
Context of risk
Human ErrorDisgruntled Employees/ Contractors
System Failures
Cyber Terrorism
ExtortionProperty
Policy: Natural Disasters
5
Cyber First Party Coverages
Data/Electronic Information Loss• Covers the cost of recollecting or retrieving data destroyed, • damaged or corrupted due to a computer attack
Business Interruption or Network Failure Expenses• Covers cost of lost net revenue and extra expense arising from a computer
attack and other human-related perils. Especially valuable for computer networks with high availability needs.
Cyber-extortion• Covers both the cost of investigation and the extortion demand amount
related a threat to commit a computer attack, implant a virus, etc.
6
Key Kiln Differentiators
Coverage includes administrative or operational mistakes as defined and aspects of accidental damage or destruction, not just computer attacks
No small internal indemnity limits per hour
No sub-limit for virus exposure
Outsourcing/offshoring risks – contingent business interruption and data damage – full policy limits
Ability to endorse agreed amount for BI/EE with peak season adjustment (for example, retailers) and asset value of data
7
Key Kiln Differentiators
Minimum 4 hour waiting period, 10% coinsurance
Reimbursement for employee working time to replace, restore or recreate electronic data (endorsement on predefined billable hrs)
Expanded coverage and limits for Special Expenses - $500,000 or 25% of loss, whichever is greater. Within special expenses, sublimits for $250,000 Customer Notification Expenses and $250,000 Public Relations Expenses
Rogue employee coverage for computer attacks
No “shortcomings in security” or similar exclusions – “computer system is protected by security practices and system maintenance procedures that are equal to or superior to those disclosed in the proposal [application]”
8
Key Industry Groups
Financial services
Health care
Hospitality/Travel
Retail
Technology/Telecom
Media Services
Manufacturers
9
Summary
Threat is real. High value class actions and regulatory enforcements Tailored products Balance of intangible v tangible is changing It’s a board room/D&O issue – network availability and digital assets are critical
to infrastructure and revenues. Many clients think they have coverage under traditional policies or purchased
first generation cyber products with major limitations.