ObJ 5 Cyber Risk Insurance Ch 11
Malware
software designed to infiltrate or damage a computer system without the user's informed consent
An insurer writing cyber risk coverage must include what as defined by TRIA.
Certified Acts of Terrorism
Identify examples of additional terms used to describe cyber risk
E-commerce, cyber liability, internet liability, cyber coverage (or insurance), cyber security
Hippa
Health Insurance Portability and Accountability Act - 1996- written to protect the privacy of health info.
infringement
Illegal or unauthorized use of someone's intellectual property
Terrorism Coverage
Pays for losses caused by certified acts of terrorism
Intellectual property liability
Provides coverage for intangible property created by individuals or corporations that is subject to protections under trade secret, copyright, or patent law; protects ideas or works from infringement
Technology errors and omissions liability
Provides coverage for liability arising from any negligent act, error, or omission relating to an insured's products or services provided to others. Example customer runs software test that crashes computer systems for week after IT consultant recommendations
Electronic media liability
Provides coverage for liability arising from the insured's electronic content. Pays for liability losses caused by negligence acts, errors, and omissions relating to the insured's EX: being sued for false advertising on Co website
Privacy Liability
Provides coverage for liability arising from unauthorized disclosure or use of the private information of others, or depending on the insuring agreement, liability arising out of an insured's failure to comply with the privacy provisions contained in laws.
Why do we not see cyber risk first party only coverages widely available as those that include third party coverage?
because first party coverage losses can be difficult to assess and quantify
What coverage does an Electronic Data Protection insuring agreement provide?
coverage for costs to recover or restore electronic data that has been altered, destroyed, deleted, or damaged
Cyber Crime insuring agreement
covers theft of money and securities and, depending on the insurer's form, intangible property; normally result from cyber attacks or computer fraud
Describe the cyber risk insurance policies typically offered by insurers
first party only coverage (property and theft), third party-only coverage (liability), or both in a combination policy format
Denial of Service attack
floods a network server or web server with thousands of false service requests to crash the network, prevents legitimate users' access to the system
Extortion
getting money by threats
GLBA
graham leach bliley act. established privacy rules and how creditors handle nonpublic information.
Fiduciary
involving trust, especially with regard to the relationship between a trustee and a beneficiary.
Network security Liability
pays for liability losses caused by security breaches to the insured's computer network, including malware
Cyber Extortion insuring agreement
provides coverage for expenses related to computer network kidnap and/or ransom events; EX: Hacker penetrates computer network & threatens to reveal specific details regarding attacks
Notification or Remediation insuring agreement
provides coverage for expenses related to crisis management during and after a cyber risk loss (typically related to a security breach) expenses include coast to notify customers and public relations campaign
Business interruption agreement
provides coverage for loss of business income, loss of contingent business income, payment of extra expenses incurred as a consequence of business interruption or suspension of the insured's computer systems