RiskProNet News

 

Check That Cyber Policies Cover Data in the Cloud

Two key messages came through loud and clear at a recent cyber liability practice group conference call, 1) cyber insurance polices should cover information stored in the cloud as well as on your premises and 2) there should be no terrorism exclusions.

Pushing information to the cloud does not necessarily make it more secure, Cyber Liability Practice Group members agreed at a recent teleconference.

FedEx, for example, is now dealing with the fact that passports, driver’s license numbers and other sensitive information about its customers was left online in a publicly available Amazon S3 bucket.

Terrorist Attacks by Cyber Hackers

Terrorism is another issue where cyber security can come into play, as the recent attack on the Olympics opening ceremony showed. Hackers shut down internet access and telecasts, grounded broadcasters’ drones and prevented spectators from printing reservations, resulting in an unusually high number of empty seats. Indications are that the hackers had the ability to do more damage than they did, but primarily wanted to make a statement.

The message for RiskProNet clients: Check terrorism policies to be sure they cover cyber attacks.

Protect W-2 Forms

With tax season approaching, phishing attacks to obtain W2 forms and the accompanying information are expected to be increasingly common. Last year more than 200 employers were affected.

“This is a good talking point for conversations with clients,” one practice group member suggested. “Be certain that information is being stored and transmitted properly both within and without the organization.”

Online Cyber Policies from RPS

Manny Cho of Risk Placement Services, Inc., joined the call to discuss an online rating system that will provide a quote on cyber insurance and issue a policy in “less than two minutes.” The product is backed by Lloyds of London and fronted by Blue Cross/Blue Shield paper, he said.

In addition to the speed of issuance, a major benefit to the policy is that there are only six questions, and they are easy to answer. The questions cover past occurrences and claims, as well as antivirus protection, outsourcing and backup data storage. There are additional questions if the client wants coverage for crime and deception.

The online policies were first offered about two years and the average premium is around $3,300. Fitch lists RPS as the top cyber carrier in the U.S. with about 20,000 policyholders from all industries.

The policies appeal primarily to clients with revenues under $20 million, although the online portal can be used for clients with up to $100 million in revenue. The typical client is a contractor or manufacturer that doesn’t want to fill out a lengthy application, but also doesn’t want to face possible costs of $15,000 to $25,000 if a security breach occurs.

The portal is now structured so that a second quote from Axis is available for clients with up to $50 million in revenue. Although Chubb also has an online placement tool, its upper revenue boundary is $10 million.

The policy can run from six to eighteen months and can be signed electronically.