crawford cyber risk services - us-global · crawford cyber risk services an end-to-end solution for...
TRANSCRIPT
Crawford Cyber Risk Services
A definitive solution for cyber-related events
CYBER-RELATED EVENTS—An Increasing Threat Companies in all industries face an increasing threat of a cyber attack and cyber-related events. The event itself and those responsible for it continue to vary in levels of threat and sophistication, but whether from a hobbyist, criminal or terrorist group, the threat is real. As cyber-related events evolve, so does cyber insurance coverage to provide protection for damage caused by human error, malicious attacks, cyber sabotage/extortion, fraud and other unauthorized access to sensitive information. Traditional liability products were originally designed to protect businesses against third-party claims for bodily injury and property damage; these types of policies are increasingly subject to exclusions as new exposures emerge.
As we understand it today, cyber exposures are largely intangible—which makes determining the cause and coverage of cyber risk a significant challenge. Whether or not you choose to purchase separate cyber liability coverage—the exposure still exists. Crawford can help you manage this difficult, evolving risk.
1995
Hobbyists
Criminals/Terrorists
First MS Wordbased virus
2001Code red
worm attacksWhite House
2005Poison Ivy trojan
takes controlof PCs
2008Koobface virus
spread via socialnetworking sites
2010Industrial controlthreat - Stuxnet
2011First Sony
Playstation®
breach
2012Heartbleed bugaffects billions
of users
2013Target retailbreached
2014Second Sony
breach
2015Substantially
heightened awarenessby Risk Managers
NAVIGATING A CHANGING DIGITAL LANDSCAPE The increasing need for cyber coverage stems not only from deliberate acts, but also from the changing landscape of the digital world. From data breaches, intentional or otherwise, to the fines incurred from such breaches, mitigation of these losses are increasingly tricky.
Loss of Personal Data/BreachData can be lost or compromised accidentally—for example, by employee negligence, loss of hardware and devices, or network process errors. It can also be lost through intentional system attacks, such as viruses/malware, deliberate staff interference, or hacking. Exposure can be controlled, in part, by taking precautionary measures—examples include: monitoring of network and email traffic, controlling data transfer via removable media and installing dynamic virus/malware protection. Organizations must also hold inhouse IT and communications teams accountable for network activity, and strictly control user and administrative privileges.
Incurred FinesSignificant fines can be incurred for loss of data or breaches allowing access to personal data, the parameters of which are interpreted in varying ways. In the European Union, it is defined as any information relating to an identified or identifiable natural person. Further, certain types of personal data are deemed “Special Categories,” as their processing would have heightened impact on an individual’s privacy. In the United Kingdom, for example, this is data revealing information such as racial/ethnic origins, health data, offenses or court proceedings. In the United States, personally identifiable information includes categories such as a person’s first name, middle initial, last name, physical address, contact information and/or financial information. Fines can also be imposed for permanent data loss related to personal data, examples include: costs to the business for notifying data subjects of the loss, purchasing third-party data recovery expertise, and staff to manually recreate lost data.
Cyber Security PlanWhile cyber risks to brand and reputation face all corporations, these risks are especially acute for publicly-traded companies. According to a recent Reuter’s article1—less than half of company boards have the necessary skills to manage the rising threat of cyber-attacks. With four of five respondents, a survey of global investors further suggested they might blacklist businesses that have been hacked.
Crawford understands the critical need for a corporation to secure all proper partners in its cyber security plan (insurance, incident manager, legal professionals, and public relations firms). This crucial element also further demonstrates to institutional and non-institutional investors that your corporation’s cyber threat is effectively managed. Crawford’s Cyber Risk Services addresses this need with the Crawford Incident Manager, an end-to-end solution for Corporations and Insurance Carriers during a cyber event.1Sinead Cruise. (Wed Apr 15, 2015). Company executives poorly placed to handle rising cyber risk: KPMG survey [Reuters.com article] Retrieved from http://www.reuters.com/article/2015/04/15/us-kpmg-cyberpoll-idUSKBN0N616F20150415
IT MEGATRENDS
MobileLandscape
The increased adoption of mobile platforms is leading to an increasing trend of targeted cybercrimes; this is particularly pertinent to the android system due to its open source nature and app distribution model.
Bring YourOwn Device
(BYOD)Revolution
As more and more personal devices are used in the corporate space, ensuring security of data becomes even more challenging. Wewill see a higher frequency of severity losses (>USD 50M).
ContinuedCloud
The increasing use of cloud solutions, particularly the public cloud and on-demand services,means that there is an increased risk of high aggregation losses (both in respect of lost data, fines and penalties and loss of revenues).
Hacker Groupsand
Hacktivism
Advanced online groups will continue to penetrate systems for political reasons or personal gain. As more success is achieved there will be further incidents. Companies that hold sensitive data will be particularly at risk.
High-ProfileData
We are seeing an increasing trend in high profile catastrophe losses through malware infection and hacking. These events result in highly complex losses which are difficult to understand and mitigate.
CybercrimeEconomy
There is a concerning trend regarding the development of cybercrime resources and services under a black economy. This means potentially anyone can have access to cutting-edge hacking tools and know-how to aid criminal activities.
1. FNOLThe FNOL call sets the tone for the entire claim experience regardless of the type of event. This is especially true during a cyber-related event when details are often vague, losses are likely complicated and the atmosphere is frenetic. As with any 24/7/365 days a year operation, staffing, training and accurate claims intake are challenging for any organization. More and more businesses are realizing the benefits of outsourcing FNOL operations to experienced specialists. Our comprehensive call center follows a regulated process to ensure that even the most complicated claims are handled in the timeliest manner with clearly set goals for each hour and with the highest expertise in cyber-related events.
CRAWFORD INCIDENT MANAGER The Crawford Incident Manager solution provides a single, end-to-end turnkey solution. Our three core services (First Notice of Loss [FNOL], Public Notifications and Forensic Accounting) are complemented by key strategic partnerships. For more than 70 years, Crawford has been establishing relationships with leading cyber industry specialists. These specialists are contracted to Crawford and available on a 24/7 basis. Each specialist has successfully completed a rigorous due diligence process to confirm their suitability for the role. From regulatory notifications to public relations, we have the capabilities to handle every aspect of a cyber-related event/incident.
As the go-to incident manager, the entire event response is seamlessly managed from FNOL to resolution, including benefits such as:
• Guaranteed crisis management response • Global capability • Single FNOL center with 200 language capability • Specially selected, trained and accredited incident managers • Contracted specialists, available 24/7 and preeminent in their fields
Our core services are:
1. FNOL2. Public Notifications3. Forensic Accounting
FNOL• 24/7/365 notification• Incident Manager appointed• First response to Insured
24 HOURS• Investigations well underway• Initial indications emerging• Immediate mitigations continuing• Regular updates to stakeholders
5 HOURS• Appoint specialists• Triage calls with stakeholders• Commence investigations• Immediate mitigations• Policy coverage reviewed• Clear action plan emerges
48 HOURS• Initial investigations concluding• Regular updates to stakeholders continuing• Policy coverage view emerging• Immediate mitigation work maturing• Clear solution plans emerging
FNOL 5HOURS
24HOURS
48HOURS
CRAWFORD CYBER RISK SERVICES
An End-to-End Solution for Corporations and Insurance Carriers Every business has the goal to prevent cyber threats—before a breach of a network or loss of data occurs—but in the event that a threat occurs, having a plan in place is vital. Crawford has the tools to help manage events effectively and minimize the impact on your business or your customer’s business. Whatever the event, however complex, wherever in the world, Crawford can have experts on the ground, on the phone, and online—instantaneously.
Our Cyber End-to-End Solution Model Crawford is the reliable resource needed to ensure that your cyber-related event is handled instantly by the proper experts.
Blue indicates services performed directly by Crawford.Gray indicates services performed directly by strategic partnerships.
CRAWFORDINCIDENTMANAGER
PublicNotifications
incl. CallCenter
RegulatoryNotifications
FirstNotification
of Loss
PublicRelations
ForensicAccounting
ITForensic
CyberExtortion
Legal
IdentityProtection
3. Forensic Accounting Services Cyber-related event claims often come with large volumes of data—amounts that can be overwhelming for most claim departments. Crawford Forensic Accounting Services (CFAS) has the resources, expertise and experience to handle large volumes of data and provide immediate assistance in developing claims mitigation and settlement strategies. CFAS offers the market a single solution to meet the financial claims needs of clients, regardless of location.
Services
• Advanced loss of profits/delayed start-up• Arbitration and litigation support• Bankers bond• Business interruption• Contingent business interruption• Credit guarantee
Benefits
• High-caliber specialist adjusters with an extremely differentiated skill set, possessing strong commercial knowledge, combined with a deep forensic insight
• Ability to work seamlessly with our full team of adjusters to provide immediate assistance in developing claims mitigation and settlement strategies
• Outcome-driven focus on fast and effective resolution, reducing claims management and legal costs• Leverages the strength of Crawford’s global footprint and organizational infrastructure• Unparalleled customer service experience
Other ServicesIT Forensic • Legal • Regulatory Notifications • Identity Protection • Public Relations • Cyber Extortion
• Fidelity guarantee• Financial liability• Fraud• Malicious product tampering and extortion• Mediation support
2. Public Notifications Whether a cyber-related event affects one or a million customers, an efficient scalable solution is the best way to protect brand integrity and restore confidence, whether insurance coverage is available or not. Social media enables a cyber-related event to get quickly out of hand. The ability to access the right resources to respond to a cyber-related event is a unique ability of Crawford. Our goal is to be an extension of our clients’ customer relations/legal department and provide scalable resources to match the size of the communications needed to respond to customers.
• Customer intake services• Event cause investigation• Individual claim investigation and resolution• Subrogation demand preparation and support services• Loss funding, check issuance and data services• Local contact and legislative landscape• Report capabilities
Customer Intake Services – Our web intake service captures the nature of the inquiry directly from the customer. We then have the ability to respond directly to the customer complaint via automated email response, live Help Desk and proactive outreach services. These services can be provided on an overflow or primary basis depending on the needs of the client.
Event Cause Investigation – We can work with our client and third parties to determine: 1) the source of issue, 2) location and timeframe when customer was affected, 3) pool of potential claimants and 4) likely impact on customers.
Individual Claim Investigation and Resolution – We enable our clients to work in a positive environment for the customer impacted by an event. We will work to confirm claim details and if valid, reimburse claimants for reasonable costs or damages resulting from the event. Any claims that cannot be confirmed as valid will be denied.
Subrogation Demand Preparation and Support Services – Should the event source be a third party, we can assist our client with preparing a demand package to recover payments and expenses as an additional support service.
Loss Funding, Check Issuance and Data Services – We can provide administrative support for an event by providing check issuance services from an account funded by our clients. Additionally, we can provide our standard claim data file for the event that can be consolidated into our clients’ RMIS system as needed.
Local Contact and Legislative Landscape – Due to its global nature, cyber-related events can affect all companies in all markets. Crawford Cyber Risk Services provides solutions through an expansive global network serving clients in more than 70 countries.
Report Capabilities – We can provide and deploy reporting systems that are as simple or as complex as you need. From a simple report on cyber-related events—that can be analyzed at the data field level—to more complex reports that provide detailed costs and analytics, Crawford’s Risk Management Information System offers different levels of applications giving you unprecedented levels of customization.
LOSS MANAGEMENT AND TECHNICALCLAIM ADJUSTING—GTS™ Cyber Risk GroupFor major insurance claim events, the risk and insurance community needs a team of experts with experience and industry focus to evaluate and assess damages under extreme conditions. Crawford GTS® has the largest, most experienced team of strategic loss managers and technical adjusters in the world. We cover virtually every industry and every geographical region. With more nominated senior technical adjusters than any other independent adjusting resource, we have relationships spanning the insurance industry and with many corporations in the Fortune® 1000. Our teams are run by senior insurance professionals who bring skills much broader than claims adjusting. We marshal every resource to minimize the inevitable disruption of business as usual. Our technical adjusting staff function as strategic loss managers, and we offer the security and confidence that every aspect of large losses will be planned, organized and executed at the highest levels of industry, technical and regulatory standards.
The Crawford GTS Cyber Risk Group has experience and expertise in claims focused on: • First-party information and communication technology equipment losses• Outsourcing information and communication technology services (e.g. cloud, web services)
including privacy policies• Data transmission, corruption, loss and recovery• Secure methods of data disposal and deletion of sensitive data• Software, software licensing and the inherent problems associated with bespoke software• Firewall failures, antivirus protection and virus transmission• Electronic and mobile commerce
CRAWFORD CYBER RISK SERVICES provides the very best expertise and with the most developed global network of specialists backed by the largest independent claim organization.
For more information on how Crawford can help you with your cyber-related event, pleasecall 404.300.1284 or email us at [email protected]
www.crawfordandcompany.com
The Crawford SolutionTM
The most comprehensive global solution for claims administration Powered by Crawford iQTM
NYSE: CRD-A, CRD-B | Crawford & Company 1001 Summit Blvd | Atlanta GA 30319 | 800-241-2541
CRAW-CYBERNOTBRO-0416-TC
GCG®
CRAWFORD,® the CRAWFORD Globe logo,® CRAWFORD & COMPANY,® THE CRAWFORD SOLUTION,TM THE CRAWFORD SOLUTION logo,TM BROADSPIRE,® the BROADSPIRE Globe logo,TM CONTRACTOR CONNECTION,® CRAWFORD CONTRACTOR CONNECTION,® CRAWFORD GLOBAL TECHNICAL SERVICES,® CRAWFORD GTS,® GLOBAL TECHNICAL SERVICES,TM GTS,TM the GTS CRAWFORD GLOBAL TECHNICAL SERVICES logo,® RISK SCIENCES GROUP® and RSG® are trademarks or registered trademarks of
Crawford & Company or its affiliates in the U.S. and/or other countries. Foreign trademark registrations may also protect these trademarks. The foregoing is a non-exhaustive list of Crawford’s trademarks and service marks.