16- ala finance section insurance presentation (9.20.16) · 7. this summ cyber/priv informatio...
TRANSCRIPT
Risk ManagementRisk Management(it’s better than insurance)
Regan E Miller Managing DirectorRegan E. Miller, Managing DirectorWortham Insurance & Risk Management
ALA Finance Section Meeting
1
ALA Finance Section MeetingSeptember 20, 2016
1
Why not insurance?
• Insurance is the most expensive form of riskInsurance is the most expensive form of risk management
• What else can I do? ( ’ l d d i f hi !)• What else can I do? (p.s. you’re already doing some of this!)
– AcceptA id– Avoid
– Transfer
2
– Mitigate– Exploit
2
Risk Analyzed… Strategy Determined. Now What?
• Once you have determined everything thatOnce you have determined everything that can’t be transferred, avoided, mitigated or dealt with in any other waydealt with in any other way…
• Now, we procure insurance.Now, we procure insurance.
3
3
Typical Insurance Considerations
Property/Casualty Executive LinesProperty/Casualty• Property• Business Income
Executive Lines• Professional Liability• Management Liability (D&O)Business Income
• General Liability• Hired/Non‐Owned Auto
Management Liability (D&O)• Employment Practices• Crime/Social Engineering
• Workers Compensation• Pollution Liability
• Fiduciary Liability• Cyber/Privacy Liability
4
• Umbrella/Excess Liability • Key Person Life• Key Person Disability
4
Employee Benefits
• Group Health InsuranceGroup Health Insurance• Group Dental, Vision
/S• LTD/STD• Supplemental Life Insurance, Disability Insurance
5
5
Other Insurance Considerations
Business Protection Individual ProtectionBusiness Protection• Key Person Life• Key Person Disability
Individual Protection• Life Insurance• Disability InsuranceKey Person Disability
• Overhead Expense Coverage
Disability Insurance• Umbrella Coverage
• Group Personal Umbrella
6
6
Questions
illRegan E. MillerWortham Insurance & Risk Management
713‐346‐1081 DirectRegan Miller@WorthamInsurance com
7
7
This summ
Cyber/Privinformatiorecords) orbreaches cemployingrequire thaaffected pa
Coverages
Th M Pr Pr D Cy
Some of th
Cuadsepoco
Cuexancore
Cu Yo Co
se
Privacy brenot limitedperson’s se
Security brdenial of sconfidentiamedical orincludes, bthreats or or hardwapersonal in
ary is for descrip
vacy Liability adonal assets. Anr sensitive cliencan result from sends email wat companies tarties and prov
we would reco
hird Party SecuMedia Liability rivacy Regulatorivacy Breach Rata Recovery ayber Extortion
he 1st party expustomer notifidvertising expeecurity breachotential compromputer netwustomer Suppoxpenses, and rnd/or employeompromise or esiding on a coustomer suppoour actual costosts of specialiecurity breach.
each means a d to, a breach oeclusion, publi
reach means tservice, or the ality of non‐pur financial natubut is not limitehazards, failurre, false commnformation.
iptive purposes oL. W
ddresses first any company wnt information
m simple mistakwith unencrypttake certain acviding optional
ommend to be
urity and Privac
ory Actions Response, Custand Business In
penses that wocation expenseenses incurred, privacy breacromise of their
work operated bort and Credit elated advertisees of a securitpotential commputer netwoort and credit mts to restore, reists, investigato.
breach of confof your privacyc disclosure of
he misuse of yactual or allegublic proprietarure, or other peed to, electronre to protect agmunications, or
CYBER LIAEXECU
only and does noWortham & Son,
and third partyho maintains “n on its server hkes such as: 1)ed confidentiations in the evl credit monito
e included in th
cy Liability
tomer Notificancome Loss
ould be includees ‐ reasonable by you and apch or breach or personal infoby you or on yMonitoring Exsing expenses ty breach, privpromise of theork operated bmonitoring expe‐collect or repors, forensic au
fidentiality, infy policy, breachf a person’s pri
your computered act, error, ory corporate inersonal or confic or non‐electgainst unauthor social enginee
ABILITY INSURAUTIVE SUMMAR
ot include full ter LP for actual p
y risks associate“personally idehas a potential) a misplaced oal data to a pervent of a securioring services.
he Cyber Liabil
ation and Crisis
ed in this policye and necessarpproved by us f privacy regulrmation maintyour behalf xpenses ‐ reasoincurred by yovacy breach or eir personal infby you or on yopenses. place your datauditors or loss
fringement, or h of a person’svate informati
r network to momission, or brnformation, pefidential papertronic security orized access, uering techniqu
ANCE RY
rms and conditiopolicy wording.
ed with the Intentifiable inforl exposure to aor stolen mobilrsonal email acity breach. The
ity policy are:
s Management
y would be: ry legal expensto notify third lations that restained by you o
onable and necou and approvebreach of privformation mainour behalf.
a. adjusters reta
violation of ans right of publicion.
modify, delete, reach of duty trsonally identir records or elefailures, failuruse, disclosurees designed to
ons of the policy
ternet, e‐businmation” (inclua security breacle phone/laptoccount. Federaese actions inc
t
ses, postage exparties and/osults in the comor otherwise re
cessary legal exed by us to notvacy regulationntained by you
ined by you fo
ny right to privacity, false light,
corrupt, or deso protect the sfiable non‐pubectronic informre to protect ag or physical tho trick the user
y. Please consult
ess, networks,ding employeech. Security op/thumb driveal or State lawsclude notificati
xpenses, and rer employees ompromise or esiding on a
xpenses, postatify third partiens that results u or otherwise
or reviewing th
acy including, , intrusion upo
stroy data or asecurity and blic informatiomation. This gainst anticipateft of informatr into surrende
t John
, and e
e 2) s on to
elated f a
age es in the
e
but on a
a
n of a
ted tion, ering
Executive Summary 1st Quarter 2016
Special Update
PRESENTED BY THEProfessional Indemnity Practice
• ADA ‘Demand Letters’• Social Engineering Fraud
Plaintiff’s lawyers have been peppering website operators throughout the United States with demand letters sent on behalf of “disabled individuals” who use the internet to “facilitate their access to goods and services.” The root issue behind these letters is the Americans with Disabilities Act (ADA), a sweeping piece of civil rights legislation passed in 1990 which requires “public accommodations” to comply with general accessibilities mandates. The demand letters being sent to website operators cite how “various federal courts have concluded that businesses which offer goods and services to the public through websites are public accommodations that must comply with the general accessibility mandate of the ADA.” The demand letters claim to represent clients suffering from blindness, mobility impairments, photosensitivity and speech-related issues.
Website operators may be tempted to dismiss these demand letters as frivolous, but they are official documents in the eyes of the courts. They also frequently serve as the opening salvo in litigation. Some of the demand letters sent to website operators cordially invite the recipients to contact the law office to explore “a cost effective and pragmatic approach to resolving these issues” within 14 days—thereby avoiding the “immediate filing of a lawsuit.”
Cyber Liability policies may not offer protection.
Many insureds are protected by a cyber liability policy which may include a media liability insuring clause or a standalone media liability policy. These policies are intended to respond to website media content issues. The cyber liability policies may also have an insuring clause that addresses privacy regulations. State and federal statutes and regulations regarding security and privacy of consumer information as well as consumer protection laws would fall under privacy regulation. The recent spate of demand letters has included some that allege deprivation of opportunity to control how a client’s information is collected, profiled, retained and used. Unfortunately, these cyber liability and/or media liability policies typically contain exclusionary language for “any actual or alleged discrimination of any kind including but not limited to age, color, race, sex, creed, national origin, marital status, sexual preference, disability or pregnancy.” Given these exclusions, it’s not surprising that carriers are denying coverage to insureds that seek to file ADA website accessibility claims under their cyber liability policies.
Additional coverage options deserve consideration.
While coverage for claims stemming from these demand letters may be lacking under cyber liability policies, insuredsmay find they have another insurance remedy available to them. Several insurance companies have reportedly extended coverage for these types of claims under “third-party coverage” included under existing employment practices liability (EPL) policies. Third-party claims are typically defined as a written demand for monetary relief or non-monetary relief which is “brought and maintained by or on behalf of a third party against any insured for a third-party wrongful act.” Third parties are typically defined in this way: “Any natural person who is a customer, vendor, service provider or other business invitee of the insured. A third party wrongful act typically includes discrimination against a third party based upon race, color, religion, creed, age, sex, national origin, disability, pregnancy, marital status, sexual orientation or preference, or other protected status.”
Under these provisions, insurance companies can provide their EPL insureds with defense for these types of claims subject to a reservation of rights. But here’s the fine print: the third party coverage typically does not extend to that part of loss, other than the defense costs, which constitutes costs associated with providing any accommodation for persons with disabilities or which constitutes costs of compliance with any order for, grant of or agreement to provide non-monetary relief. With plaintiff’s law firms seeking various accommodations and non-monetary remedies to ensure compliance with the ADA, the potential costs of accommodation and any other costs of compliance are likely to be excluded. The good news, however, is that coverage for defense costs may be available to your company under your existing EPL policy. Remember: if a demand letter shows up in your mailbox, don’t ignore it, and make the all-important first step of reporting its receipt to your Employment Practices Liability carrier.
ADA Website Accessibility Claims
A new modern-day crime has many companies learning an expensive lesson about the importance of strong internal control procedures. The crime is commonly known as Social Engineering Fraud or Impersonation Fraud, and it all starts with a seemingly innocent “notice” from a trusted vendor, business partner or employee. The notice includes either a request to change an existing account number used for wire transfers, or a simple set of instructions from the company CFO to wire transfer funds to a bank in a foreign country (with China the leading country of choice). Acting in good faith, the employee who receives the alert typically complies with the request. Nanoseconds after issuing the “send” command, however, the funds disappear into the ethernet.
Companies that fall victim to these types of crimes typically report their social engineering fraud claims under one of two Crime insuring agreements – Computer Fraud or Funds Transfer Fraud. Given the typical exclusions in these agreements, however, coverage may not extend to these types of losses. Here are thumbnail descriptions of both:
• Computer Fraud typically involves a direct loss of money sustained from the unlawful taking of money resulting from an unauthorized entry into or deletion of data from a computer system committed by a third party.
• Funds Transfer Fraud typically centers on direct losses sustained from a third party’s fraudulent written, electronic, telegraphic, cable, teletype, or telephone instructions –purportedly issued by an organization and issued to a financial institution – directing delivery of monies from an account maintained by the organization, without such organization’s knowledge or consent.
Some insurance companies have denied social engineering crime claims under both of these insuring agreements. The top three justifications cited are :• Payment instructions were received via email – even from “fraudulent” sources – and emails are considered
“authorized entries” into a computer system• Funds were transferred with an organization’s knowledge and consent, rather than “behind someone’s back in
the dead of night.”• Language in the company’s crime policy excludes losses arising out of any employee acting on the insured’s
authority being induced by a dishonest act to “voluntarily” part with money or securities.
Carriers recognize that coverage for social engineering fraud involves many shades of gray, and they have begun offering targeted coverage available via endorsement. Many domestic carriers are now sublimiting the coverage they offer to $250,000 or less (with higher limits considered on a case-by-case basis). Some of these carriers are building into the endorsement itself very specific internal control language that must be followed by the insured. And of course, supplemental applications are standard as part of the underwriting process.
believes sublimits may not provide sufficient protection for larger insureds, and we have developed an exclusive facility in Lloyds of London to provide our clients with more robust limits – up to $100 million, if needed – to cover Social Engineering Fraud. The manuscripted policy from Lloyds expands coverage in many other areas as well, and it may merit an in-depth review by your risk management team.
Given the “popularity” of these types of crime, all companies should take advantage of their next renewal cycle to respond to the growing challenges and seek options for either:• A specific grant of coverage with a sublimit of liability via endorsement from a domestic carrier; or • A full limit option via the Wortham / Lloyds of London exclusive manuscript crime form with the Social
Engineering Fraud insuring clause
If you have any questions about the recent market changes for these coverages, please consult with a Wortham broker in one of the offices cited on the back page of this special update.
Social Engineering Fraud
Professional Indemnity & Surety PracticeFounded in 1915, Wortham Insurance & Risk Management has remained a private limited partnership. Today, we are one of the leading independent insurance brokers in the United States – and the largest with headquarters in Texas.
Our Unique ApproachClients come first at Wortham, where our business model is based on service rather than sales. Wortham neither owns nor maintains a financial interest in any other entity in the insurance delivery system. Independence eliminates conflicts of interest and allows us to develop liability programs that are tailored to the specific needs of our clients. We are extremely proud of the reputations our 500 insurance professionals have earned throughout the industries we serve, and many of our clients have worked with us for 15 years or more. And, of course, Wortham works only with vendors who maintain the strongest financial ratings and service levels.
A Thorough Understanding of Your GoalsWortham’s Professional Indemnity & Surety Practice operates as an extension of a risk management team. Our practice is headquartered in Houston and supports teams of skilled specialists in each Wortham office: Austin, Dallas, Fort Worth and San Antonio. Maintaining one of the largest practices in the state, our professionals have extensive underwriting backgrounds and collectively offer more than 200 years of experience. All told, our group handles more than $125 million of Professional Indemnity and Surety business annually. Our secret to success is simple: we work to thoroughly understand the business and goals of our clients, and we use our talent and expertise to design highly specialized programs to effectively manage risks.
Wide Range of ExperienceWortham has extensive experience in serving a wide range of clients in every industry across Texas and the United States, from Fortune 100 firms to the smallest not-for-profits. Our specialists are directly involved in serving clients’ Professional Indemnity & Surety coverages, including:
• Directors & Officers Liability for public companies, private companies, partnerships, not-for-profit companies and law firms.
• Professional Indemnity (Errors & Omissions) for lawyers, financial institutions, real estate, medical professionals, architect/engineers, owners/contractors, accountants, and other professionals.
• Cyber Liability is one of our other specialties which include Employment Practices Liability, Fiduciary Liability, Crime/Fidelity and ERISA Bonds, Kidnap/Ransom & Extortion, and Surety Bonds.
Seasoned Experts. Comprehensive Solutions.
Wortham, L.L.C., General partnerJohn L. Wortham & Son, L.P.
Visit our website at www.worthaminsurance.com
or call the Wortham Specialists
nearest you.
Houston 713.526.3366Austin 512.453.0031Dallas 214.740.6000Fort Worth 817.336.3030San Antonio 210.223.9171
RISK EXPOSURE SURVEY
Please complete the questionnaire below (Use additional pages as needed). Yes No
1. Are there any new acquisitions, changes, or deletions to the Named Insured, Corporations, Partnerships, Limited Partnerships, or Joint Ventures?
If so, please describe:
2. Have you engaged in any new activity, operations, or foreign ventures or travel? (i.e. operations or products acquired sold or discontinued?)
If so, please describe:
3. Have you purchased, leased, sublet, acquired or assumed responsibility for any buildings or business personal property, computer equipment, signs, improvements, betterments vacant land, or fine art during the past year that we have not been made aware of? Are you interested in Flood coverage for all locations?
If so, please describe:
4. Are you planning any new construction, improvements, betterments or installations? If so, please describe:
5. Have you acquired machinery or equipment that is critical to your business? If so, please describe:
6. Are you concerned about loss of business income in the event of loss of your critical assets including equipment, buildings, or even key employees? (i.e. after a disaster)
If so, please describe:
7. Does any property that you own or are responsible for leave your premises? If so, please describe:
8. Do you have any independent contractors or subcontractors under your direction that are not covered by their own worker’s compensation and general Liability policies?
If so, please describe:
9. Have you or do you plan to perform any activity near or on water, near a railroad, on watercraft, on aircraft at any time?
If so, please describe:
10. Are you interested in discussing insurance protection for allegations of discrimination, harassment, directors & officer’s liability, ERISA liability, or employment practices?
If so, please describe:
RISK EXPOSURE SURVEY
Please complete the questionnaire below (Use additional pages as needed). Yes No 11. Have there been any changes to your vehicles or trailers in the past year we have not
been made aware of?
If so, please attach an updated vehicle (including trailers) and driver list.
12. Do you retain any confidential data or information that could be at risk if your system was hacked or breached?
If so, please describe:
13. Do you make recommendations, give advice, or transact business as a professional in your field?
If so, please describe:
14. Your exposure to a liability loss may exceed your policy limits. Additional limits of liability may be available. Would you like more information on obtaining higher limits of liability?
If so, please describe:
15. Would you like to discuss any additional Commercial Lines coverage or your Personal, Life, and/or Health insurance needs?
If so, please describe:
16. Are you concerned about theft of your money or property by employees, or forgery by outside parties?
If so, what type of coverage?
17. Does your operation generate or store any hazardous substances or fuels? If so, please describe:
18. Has your contact information changed in the past 12 months? If so, please update information below:
Fax Number: E Mail: Completed by: Date:
DISCLAIMER This survey is not intended to be a complete list of all possible exposures to loss which are too numerous to address in a single document. This survey is designed to address the more typical exposures to loss that businesses typically face. If you have any exposures that you wish to discuss, please contact one of our professionals and we will assist you in identifying the best strategy to address your need.
PRESENTED BY THEProfessional Indemnity Practice
Executive Summary 3rd Quarter 2016
Cyber LiabilityState of the Market & Recent Trends
There is no stopping the dynamic growth of the cyber insurance market, at least for now. With estimated annual U.S. premiums up to $3.25 billion (increasing from an estimated $2.75 billion in 2015)1, capacity continues to expand and policy wordings are rapidly evolving. No longer deemed an “emerging risk” for companies, cyber risk and insurance is at the forefront of many insureds’ renewal conversations as the discussion is extending into the boardroom. While breach trends have evidenced losses beyond just compromises of Personally Identifiable Information (PII) and Personal Health Information (PHI), underwrit-ers still tend to group insureds into either low risk or high risk industries, depending on their propensity towards storing large volumes of PII or PHI data. For low risk industries the market is very soft with only a handful of
application questions required for underwrit-ing. Minimum premiums have gone as low as $1,000. For high risk industries (such as healthcare, financial institutions or retail), underwriters are drilling deeper into encryp-tion processes and evaluation of the organiza-tion’s efforts to continually improve cyber risk management. Dedicated large capacity facilities are also being introduced to multi-bil-lion dollar organizations.
As more carriers look to reinvent or introduce their forms, standardizations amongst policy structures are becoming more common. New policy features however, are consistently being introduced. Recent trends of expanded cover have included full prior acts, social engineering fraud crime extensions, theft of intangible assets, system failure, contingent
business interruption, and reputational harm cover. Underwriters are being asked to focus their policies well beyond the scope of credit card breaches and address risks such as bitcoin payments for ransomware demands.
With the expansion of cover have come certain cyber claim denial challenges in courts, where antiquated policy language was in force at the time of the claim. Relatively speaking, the number of such claim denial challenges is still low, however policyholders must be careful to ensure that policy language is up to date with the market.
Did You Know?What is a Hactivist? Otherwise known as an activist using hacking, hactivist attacks involve threat actors motivated by ideology in an effort to maximize disruption and embarrassment to their specifically targeted victims. For this reason, they may be considered as a lethal data breach scenario. Industries targeted: Information, public, financial services.
In Focus: Ransomware Attacks on the Rise
Ransomware is a computer virus that can be installed without the knowledge or intention of the user. This malware encrypts the victims’ files and blocks access to the data on the users’ computer systems. Hackers then threaten permanent encryption or deletion of that data if the requested sum of money is not paid. If the data is not backed up, the only alternative may be to pay the ransom. The intent of the criminals is not to permanently destroy the data, but rather to get a quick payment. The FBI reported it received 2,453 complaints about ransomware holdups in 2015, costing victims more than $24 million dollars2. Many believe that this number might be significantly higher, as a number of
instances may go unreported. Cyber criminals are targeting all types of businesses including hospitals, government agencies, school districts, and companies of all sizes. Ransom demands are ranging anywhere from hundreds of dollars to tens of thousands of dollars. Question: is it a good idea for companies to pay the ransom upon receiving this type of threat? Many security experts urge organiza-tions to prepare defenses against ransomware infections (employee training, anti-virus/an-ti-malware solutions, controls, etc.), as well as backup recovery strategies, to mitigate the fallout from such attacks. Even organizations who choose not to pay the ransom are faced with costs, including downtime associated with taking systems offline, restoring them, using backup systems, etc.
There are many cyber markets that offer policies extending coverage for cyber extortion. In addition, many insurance compa-nies have teams of trained breach responders set up to help clients respond to ransomware threats, as well as other cyber attacks.
2016 State of the Cyber Insurance Market
Source: Verizon 2016 Data Breach Digest
...ITEMS CAN ADD UP QUICKLY AND WILL LIKELY OUTWEIGH THE COSTS OF A CYBER LIABILITY POLICY...
“I don’t need a Cyber Liability Policy, I have a General Liability Policy”In a March 2016 ruling by the U.S. Court of Appeals for the 4th circuit (Travelers Indemnity vs. Portal Healthcare Solutions) the
court upheld that Travelers was obligated to defend PHS under their Commercial General Liability policy for a release of personal
information. The decision stemmed from a lawsuit filed against PHS for publishing private medical records to the internet.
Defense coverage was able to be found under the CGL policy as a publishing and advertising injury. While PHS did not intentionally adver-tise the information, the vague policy wording did not require that information be intention-ally advertised to be considered “published”. The 2012 – 2013 CGL policy also did not contain a “cyber” exclusion which has become the standard on today’s policies. What the decision did not include was the actual costs of the breach including but not limited to notification costs, credit monitoring, and any financial harm caused by the release of information. These items can add up quickly and will likely outweigh the costs of a cyber liability policy that is designed with these expenses in mind. When relying on a General Liability policy to cover cyber attacks, a sliver of coverage may be found, but the chances of all items being covered are extremely unlikely.
Special Update: Cyber Insurance for Energy/Critical Infrastructure Risks While the market has seen interest for these specialty products, there has been more success with removal of cyber exclusionary language either through outright deletions of exclusions or buy backs of cover, depending on the size or scope of the risk.
The brokerage community continues to press underwriters in the property, terrorism and casualty insurance markets to remove exclusionary language pertaining to cyber risk. Specialty products with capacity up to $350mm still exist for the insureds looking to buy separate or difference-in-conditions cover to address gaps for cyber risk in non-cyber insurance programs. While the market has seen interest for these specialty products, there has been more success with removal of
cyber exclusionary language either through outright deletions of exclusions or buy backs of cover, depending on the size or scope of the risk. Recently published attacks such as the Ukrainian power grid highlight evidence that these types of attacks can and will continue to threaten energy companies. For energy or critical infrastructure risks contemplating separate cyber coverage to insure financial loss (non property or bodily injury loss) stemming from a cyber attack, specialized
wordings must be negotiated with underwrit-ers as an off the shelf cyber policy may not be adequate. More domestic markets are show-ing interest in quoting cyber for this industry group and as a result, there has been a soften-ing of rates. Most frequent buyers of cyber liability insurance continue to be within the utility industry, however both midstream and upstream risks have increased their purchas-ing trends in the last twelve months.
PERCENTAGE OF CLAIMS BY REVENUE SIZE(N=160)
Nano-Revenue(< $50M)
Micro-Revenue($50M–$300M)
Small-Revenue($300M–$2B)
Mid-Revenue($2B–$10B)
Large-Revenue($10B–$100B)
Mega-Revenue(> $100B)
Unknown
18%
13%
1%
3%
28%
25%
12%
Source: NetDiligence 2015 Cyber Claims Study
Nano Organizations experienced the most cyber incidents, followed closely by Small Organizations
1 The Betterley Report – Cyber / Privacy Insurance Market Survey – 20162 Federal Bureau of Investigation 2015 Internet Crime Report
Our Unique ApproachClients come first at Wortham, where our business model is based on service rather than sales. Wortham neither owns nor maintains a financial interest in any other entity in the insurance delivery system. Independence eliminates conflicts of interest and allows us to develop liability programs that are tailored to the specific needs of our clients. We are extremely proud of the reputations our 500 insurance professionals have earned throughout the industries we serve, and many of our clients have worked with us for decades. And, of course, Wortham works only with vendors who maintain the strongest financial ratings and service levels.
Wortham’s Professional Indemnity & Surety Practice operates as an extension of a risk management team. Our practice is headquartered in Houston, TX and supports teams of skilled specialists in each Wortham office: Austin, Dallas, Fort Worth and San Antonio. Maintaining one of the largest practices in the state, our professionals have extensive underwriting backgrounds and collectively offer more than 200 years of experience. Our group handles more than $125 million of Professional Indemnity and Surety business annually. The secret to our success is simple: we work hard to thoroughly understand the business and goals of our clients, and we use our talent and expertise to design highly specialized programs to effectively manage risks.
Vast ExperienceWortham has extensive experience in serving a wide range of clients in every industry across Texas and around the globe. We service private companies, public companies, non-profit organizations, partnerships, financial institutions, and professional service firms. Our experience ranges from Fortune 100 firms to the smallest non-profits. Wortham’s specialists are directly involved in serving clients’ Professional & Surety Coverages including:
Seasoned Experts. Comprehensive Solutions.
Visit our website at
www.worthaminsurance.com
or call a Wortham
Specialist near you.
Houston 713.526.3366
Austin 512.453.0031
Dallas 214.740.6000
Fort Worth 817.336.3030
San Antonio 210.223.9171
• Directors & Officers Liability
• Professional Indemnity (Errors & Omissions)
• Cyber Liability
• Employment Practices Liability
• Fiduciary Liability
• Crime/Fidelity/ERISA Bonds
• Kidnap/Ransom & Extortion
• Surety Bonds
Founded in 1915,
Wortham Insurance &
Risk Management has
remained a private
limited partnership.
Today, we are one of the
leading independent
insurance brokers in the
United States – and the
largest with
headquarters in Texas.
Insuring the FutureSince 1915
Wortham, L.L.C., General PartnerJohn L. Wortham & Son, L.P.