At Chicago, IR Global, eosedge Legal and Lockton announced the launch of the Cyber Security and Insurance Program. For members who attended the kick-off orientation and obtained quick and easy insurance quotes, and those who have already provided feedback, we thank you! We will be in touch soon about the insurance offering, as well as introducing the new website. In the meantime, we wanted share some valuable information which we thought you’d find helpful.
There is a global and national trend toward protecting data privacy rights. Recent examples of the trend include fines levied against companies by the Federal Trade Commission (FTC) in the US, and under General Data Protection Regulation (GDPR) in Europe. Companies large and small have faced similar legal exposures arising from harms caused from the loss of data. eosedge Legal, in the Cyber Market Pulse and in other ways, has emphasized that legal exposure and brand impact are the primary risks associated with a data breach. And cyber insurance helps with addressing these costs.
A cyber insurance policy cannot protect your firm from cyber risk but it can mitigate the risk by helping to offset the costs involved with a cyber theft or cyber breach. Some of the largest exposures that firms face in our digital age are wire transfer fraud, social engineering, extortion, and data breach. Technology, social media, and internet based transactions and communications are all exposures firms have every day. Below are outlines of the different types of cyber-related risks faced by professional advisory firms in an effort to clarify terms and help you think about your own exposures.
The first type of cyber exposure is Computer Fraud and Wire Transfer Fraud. This is a loss resulting in theft of money by a non-employee utilizing a computer system or fraudulent wire transfer instructions sent directly to a financial institution without the firm’s knowledge. This coverage does not apply if the policyholder is tricked into sending the wire instructions themselves, we cover that next.
Two areas of cyber theft on the rise in recent years is Social Engineering Fraud (a.k.a. Fraudulent Impersonation Fraud) and Cyber Extorsion. Social Engineering is when theft of money occurs by a non-employee who purports to be a trusted source and successfully induces an authorized person to send wire or payment instructions resulting in the transfer of funds to the fraudulent party. Cyber Extorsion is the act of cyber-criminals demanding payment through the use of or threat of some form of malicious activity against a victim, such as data compromise or denial of service attack.
There’s one insurance product that actually has the term “Cyber” in its name, Cyber Liability insurance, which pays expenses, legal costs and liabilities arising from the theft of personally identifiable information. This differs from the two listed above, the theft here is data, not money by either an employee or a non-employee via a data breach or “hack”. A breach of customer or employee information will inevitably lead to costs associated with notifications, forensics, public relations, credit monitoring and legal services, and may result in civil legal and/or regulatory liabilities.
This is the start of regular information from IR Global and our partner eosedge Legal about cyber risk and the ways to manage it.
Douglas M. DePeppe | Cyberlaw Attorney | LLM, JD
eosedge Legal | A Cyberlaw and Services Firm
90 South Cascade Avenue, Suite 1100
Colorado Springs, CO 80903
Direct 719.357.8025 | Office 719.386.3056 | c 703.283.2349
Skype ID: doug.depeppe | www.eosedgelegal.com
My Homepage www.cyberjurist.net