Page 10 - UZAZOO.BH964
P. 10
Network Security and Privacy
The first step in creating such a policy is defining a “breach.” that nearly every entity will suffer some type of security or privacy
Everyone understands that when criminals hack into a company’s incident at one time or another and reducing the impact of a
network that a security breach has occurred. However, a security breach is essential. Therefore, insurance underwriters focus almost
breach occurs virtually every time an employee loses a cell phone as much on the robust data breach incident response policy as all
or has a laptop stolen. A useful policy must define what a breach of the prevention measures.
is, and set forth a process designed to respond effectively to
each specific incident based on the specific circumstances of the
breach and the precise nature of the information compromised. Network Security and Privacy Insurance
Different measures are required depending on the sensitivity of
the information involved. Failure to respond promptly, effectively, Work with your client’s insurance broker to analyze property and
and in compliance with applicable laws can expose a business general liability insurance policies and determine any potential
to material liability. Furthermore, insurance underwriters assume gaps in existing coverage. Your client should consider specific
network security and privacy insurance to fill any obvious gaps. 31
Cyber Maximum Probable Loss Curve
Liability / Defense Event Expense
75M 5% of incidents > $20M
10% of incidents = $1M-20M
85% of incidents < $1M
Severity 50M
15M
10M
15M
Liability / Defense Event Expense
Source:
rvlet?documentId=tirVQewp3WujFno1EgNuTA==&system=prod (Zurich sought declaratory judgment that it has no duty to defend or indemnify Sony against class actions
relating to hacking of 100 million PlayStation customers under the primary commercial general liability and excess liability policies because, Zurich asserts, the customers’
Aon Risk Solutions | Cyber Insurance 10
