Technology - Airmic

warbarnacleSecurity

Nov 5, 2013 (3 years and 8 months ago)

67 views




BACKGROUND


Hawkes Bay Holdings/Aquila Underwriting LLP



Established 2009 utilising Lloyd’s capacity:


Canopius 4444 50%


Hiscox 33 50% to May 2010, replaced with Brit 2987
50%



Worldwide capacity of GBP5,000,000/USD10,000,000



Primary or excess, direct or reinsurance





TRENDS


Media:



convergence amongst media interests to exploit the Internet and the social
networking generation


digital opportunities for content distribution, subscription income and web
page advertising


expenditure on Internet advertising outstripping traditional TV media buying



Technology:



explosive growth in web applications, bandwidth, business process
outsourcing and development of Web 2.0 or Cloud computing



Brand:


increase in value and importance of intellectual property assets and brand
recognition, aided by exploitation via digital distribution and viral marketing




PRODUCTS


Liability and first party offerings:



Media Liability


Technology PI


Cyber Liability


Unplanned Infrastructure Event


Network Security/Privacy


Brand Protection


Miscellaneous PI


Incidental General Liability


CYBER



A blended media perils, professional liability and network risk
programme aimed at information and web technology users




Cover for claims arising out of negligent acts, errors or omissions in
the provision of services, as well as coverage for “media” claims
including design rights arising out of content distributed
electronically over the internet or otherwise



Cyber liability and elements of network risk coverage are also
incorporated: business interruption, increased costs, data
restoration, data privacy, cyber extortion and crisis management
coverage



UNPLANNED INFRASTRUCTURE

EVENT



Covering business interruption, business restoration, data restoration,
cyber extortion, crisis management and privacy exposures



Triggered by malicious act, hack, denial of service attack, virus, pandemic,
system breach, administrative or operational error affecting the insured or
their business outsource partner



Cover for credit history checks and brand rehabilitation expense





DATA PRIVACY

NETWORK SECURITY



Covering the traditional third party and privacy exposures
with crisis management and public relations expenses
included for businesses that retain significant databases of
personal or sensitive information




The policy will provide defence expense coverage for
regulatory agency investigation and data breach fines



Media perils coverage is incorporated for the content of
websites or advertising liability




RISK ISSUES:



Traditional and web based content and services



Technology infrastructure


own and third party



People


innocent and malicious intent

RISK ISSUES…


Activity:



passive content advertising
products and services or
more interactive


blogs,
discussion forum


social networking and user
generated content


collection of personal
information


downloads and email


purchase of goods or
services using credit cards


linking to other sites


Issues:


media liability exposure to
claims for defamation or
infringement of copyright
or trademark in own or
other’s content


responsibilities under Data
Protection laws for security
of information


virus propagation


liability for fraudulent use
of credit card information


vicarious liability




RISK ISSUES…


Technology:


electrical supply


telecommunications


information technology
and infrastructure
functionality and security


software, data, intellectual
property


servers, PC’s, laptops, PDA


data collection, databases,
data mining


outsource service
providers



Issues:


business interruption,
increased cost of working
and extra expense


loss or theft of data and
subsequent replacement
or restoration costs


breach of security and
subsequent loss or misuse
of private or confidential
information


investigation by data
regulator


loss of PCI status


remedial credit monitoring


RISK ISSUES



Technology:


electrical supply


telecommunications


information technology
and infrastructure
functionality and security


software, data, intellectual
property


servers, PC’s, laptops, PDA


data collection, databases,
data mining


outsource service
providers



Issues:


social engineering scams


impaired functionality or
corruption of data
following targeted attacks
by hackers or disgruntled
employee


cyber extortion threats


denial of service attacks


virus infection of key
operating system


failure of OSP


security,
service levels, pandemic

RISK ISSUES



Cloud computing


internet
-
based computing,
whereby shared resources,
software and information
are provided to computers
and other devices on
demand


users no longer have need
for expertise in, or control
over, the technology
infrastructure "in the
cloud" that supports them.


over
-
the
-
Internet provision
of dynamically scalable and
often virtualized resources



Issues:


loss of control of vendor
selection


reliance on contractual
provisions


jurisdictional and
geographical exposures


cross border breach of
Data Protection legislation


IN SUMMARY:


Losses could fall into both first and third party categories, with liability and
financial implications for an organisation, including business interruption or
reputational damage



Third party risks include media liability from hosted content, as well as liability for
losses of third parties that occur due to shortcomings in the Insured's field of
responsibility. These can be caused by forwarded computer viruses, contractual
penalties due to IT failures, intellectual property and in particular, privacy
infringements after data theft. Breaches of security may leave a company liable to
fines from regulatory bodies on the back of breaches of data protection laws



First party risks are those losses and extra expense directly impacting the
organisation. These include loss of profits due to theft of intellectual property,
destruction of corporate information or data and most significantly, business
interruption due to hacker or virus attacks and software failures. This could also
include lost business as a result of sensitive corporate information being leaked to
a competitor, as well as the consequential loss of reputation or damage to brand