90 likes | 281 Views
Non Physical Business Interruption. Malcolm Randles, Underwriter, Kiln Syndicate 510. 01 February 2011. Severity/Probability Matrix. Information Warfare. Cyber Terrorism. Cyber Crime. Financial Loss. Malicious Hacking. Vandalism. Experimentation. Event Probability.
E N D
Non Physical Business Interruption Malcolm Randles, Underwriter, Kiln Syndicate 510 01 February 2011
Severity/Probability Matrix Information Warfare Cyber Terrorism Cyber Crime Financial Loss Malicious Hacking Vandalism Experimentation Event Probability Network Security Threats
First Party Technology/Network Risks • Direct physical loss - property policy • Extortion • Direct non-physical damage • Software failures • Operational mistakes • Malicious Code (viruses) • Denial of Service • Vandalism/Malicious Acts • Terrorism • Contingent Business Interruption • Upstream/downstream - suppliers, chief customers • Co-dependency on Other Vendors Infrastructure (BPO and IT)
Cyber First Party Coverages Data/Electronic Information Loss • Covers the cost of recollecting or retrieving data destroyed, • damaged or corrupted due to a computer attack Business Interruption or Network Failure Expenses • Covers cost of lost net revenue and extra expense arising from a computer attack and other human-related perils. Especially valuable for computer networks with high availability needs. Cyber-extortion • Covers both the cost of investigation and the extortion demand amount related a threat to commit a computer attack, implant a virus, etc.
Key Kiln Differentiators • Coverage includes administrative or operational mistakes as defined and aspects of accidental damage or destruction, not just computer attacks • No small internal indemnity limits per hour • No sub-limit for virus exposure • Outsourcing/offshoring risks – contingent business interruption and data damage – full policy limits • Ability to endorse agreed amount for BI/EE with peak season adjustment (for example, retailers) and asset value of data
Key Kiln Differentiators • Minimum 4 hour waiting period, 10% coinsurance • Reimbursement for employee working time to replace, restore or recreate electronic data (endorsement on predefined billable hrs) • Expanded coverage and limits for Special Expenses - $500,000 or 25% of loss, whichever is greater. Within special expenses, sublimits for $250,000 Customer Notification Expenses and $250,000 Public Relations Expenses • Rogue employee coverage for computer attacks • No “shortcomings in security” or similar exclusions – “computer system is protected by security practices and system maintenance procedures that are equal to or superior to those disclosed in the proposal [application]”
Key Industry Groups • Financial services • Health care • Hospitality/Travel • Retail • Technology/Telecom • Media Services • Manufacturers
Summary • Threat is real. • High value class actions and regulatory enforcements • Tailored products • Balance of intangible v tangible is changing • It’s a board room/D&O issue – network availability and digital assets are critical to infrastructure and revenues. • Many clients think they have coverage under traditional policies or purchased first generation cyber products with major limitations.