Chapter 7 Flashcards
Under a commercial property broad form, a data problem is defined as what?
-Erasure, destruction, corruption, misappropriation, or misinterpretation of data
-Error in creating, amending, entering, deleting, or using data
-In ability to receive, transmit, or use data
Explain equipment breakdown insurance
-Cover property directly damaged in an accident
-Equipment increasing relies on technology, information systems, and the internet to operate, and is vulnerable to cyber attack
-Some EBI policies offer cyber coverage (some don’t), but there is no standardized coverage
Explain identity fraud coverage
-Widely available, but awareness is low
-May be offered as endorsement on habitational insurance or included as a basic coverage
-Insurers focus on prevention, restoration, and recovery services while direct losses are not covered
Explain cyber policy basics
-Claims-made basis of coverage
-Some policies have no coverage prior to a retroactive date, while others offer full prior acts coverage
-Provides two types of coverage: first-party coverages (expense driven coverages) and third-party coverages (liability coverages)
Define claims-made basis
A provision in some insurance and reinsurance contracts covering only claims made during the term of the contract
Define retroactive date
A provision in some liability policies written on a claims-made basis that prohibits claims for instance that happened prior to the stated date
Define prior acts coverage
Liability insurance coverage for claims arising from acts that occurred before the beginning of the policy period
What are some expenses under the expense coverages (first party) in a cyber policy?
Notification costs
Forensic investigation costs
Business interruption costs
Crisis management expenses
Data restoration costs
Cyber extortion costs
Regulatory proceedings costs
Explain notification costs
The cost associated with letting all of those affected by the breach know that it has occurred. This includes cost such as mailing campaign, credit monitoring, and call centres to handle questions.
Explain forensic investigation costs
The cost associated with higher professional third-party to determine where, when, and how the breach occurred. Investigative costs are often a costly part of responding to a breach.
Explain business interruption costs
The cost associated with loss income as a result of the breach during the period of restoration
Explain crisis management expenses
The cost incurred in hiring a professional team to help prevent reputational harm to the business. This can include a public relations team, a lawyer to draft a press release, and other crisis management professionals.
Explain data restoration costs
The cost to restore the network and data to the point that they were at before the event occurred. Cost can include both hardware and software replacement.
Explain cyber extortion costs
The cost to respond to a demand for compensation to stop the attacked. Most extortion demands are made in bitcoin or another cryptocurrency because is untraceable.
Explain regulatory proceedings costs
The cost associate with being called in front of a civil, administrative, or regulatory proceeding
What coverages fall under liability coverages (third party) in a cyber policy?
Network security liability
Privacy liability
Internet media liability
Explain Network security liability
This covers damages and claims expenses associated with the unauthorized access to, degradation of, or disruption to the insured net network through the use of malware, denial of service attacks, phishing, and other cyber attacks that cause loss
Explain privacy liability
This covers the unauthorized collection disclosure, use, access, destruction, or modification of personal, protected information
Explain internet media liability
This refers to liability resulting from allegations of infringement of privacy, defamation, disparagement, piracy, copyright infringement, and so on
Define sublimit
A limitation in an insurance policy on the amount of coverage available to cover a specific type of loss
What other types of coverages are available to be added to a cyber policy to be tailored to that insured
Reputational harm
Social engineering fraud
Contingent supply chain coverage
Contingent business interruption
Crime coverage
Hardware “bricking”
Define bricking
Refers to the loss of functionality of a hardware device that has been damaged beyond repair following a cyber attack
Explain the evolution of cyber coverage
-Cyber insurance is a relatively new and evolving market
-As technology changes, so do cyber exposures
-As new types of losses happen because of evolving cyber risks, cyber coverage must evolve as well
-A few insures globally have begun to offer coverage that addresses risks of equipment failure, property damage, and bodily injury from a cyber attack
Explain Internet of Things (IoT)
-Is the interconnection via the Internet of devices with embedded electronics sensors for; example smart watches, thermostats, and cars
-This interconnection allows information to be transmitted between the devices and external sources and facilitates other functions and analysis
-Because of their nature devices can also present exposure or the possibility of injury or property damage
-Devices have been designed with purpose, not security and thus are inherently vulnerable
What are common cyber insurance exclusions?
-Lost intellectual property: a work or intervention that is the result of creativity including patents, copyright, trademarks, and trade secrets
-Contractual liability
-Acts of God
-Vicarious liability
-War and terrorism
-Bodily injury
-Reputational damage
-Bodily injury and property damage
