Will the Real Cyber Solution Please Stand Up? Alec Cramsie, US Group Leader for Cyber insurance - Beazley London

Stephanie Snyder Tomlinson, National Cyber Sales Leader, Aon Risk Solutions

Peter Mullen, Chief Executive Officer of Aon Captive & Insurance Management

Mike Douglas, Captive Business Development, Aon Global Risk Consulting

Tuesday March 7th 11am

Session Description

This session will address the current round up of how Cyber Liability Insurance is developing, what is and what is not happening in the cyber world, and how captives are helping move the cyber market and contribute to the coverage conversation.

We will explore the market’s response to this rapidly emerging risk category and will hear the perspectives from the Insurance Carriers, Captive Insurers and Insurance Brokers on where the market is headed.

Introductions

• Alec Cramsie – The Insurance Carrier’s View

US Group Leader for Cyber insurance - Beazley London

• Peter Mullen, Chief Executive Officer – The Captive Manager’s View

Aon Captive & Insurance Management

• Stephanie Snyder-Tomlinson, - The Insurance Broker’s View

National Cyber Practice Leader, Aon Risk Solutions

• Mike Douglas - Moderator

Captive Business Development, Aon Global Risk Consulting

The Insurance Carrier’s View

Cyber liability has exploded into the consciousness of Board rooms around the world. Demand for capacity and coverage with responsive conditions has led to a wide variety of policy forms and coverage options.

Alec Cramsie of Beazley London is the US Group Leader for Cyber insurance and will provide his insights on what coverages are currently available in the marketplace currently and what is expected for the future to meet the growing demand.

The Captive Manager’s View

In addition to the traditional markets, captives have been used to provide cover for Cyber Liability for their parent companies. This area of the market has had a modest beginning with only around 1% of all captives writing the line, but this is increasing rapidly.

Peter Mullen, Chief Executive Officer of Aon Captive & Insurance Management will discuss how captives can help move the cyber market and assist their parent companies in financing this risk in the most efficient manner.

The Insurance Broker’s View

When Aon published its biennial Global Risk Management Survey in February of 2015, Cyber liability ranked at number nine of the top ten risks on the minds of Risk Managers. In the intervening 11 months we have seen the demand for Cyber coverage skyrocket and it is expected that at the next report it will be at number one with a bullet!

Stephanie Snyder-Tomlinson is the National Sales Leader for Cyber Insurance for Aon Risk Solutions. Stephanie will provide her view of the rapid pace of Cyber market evolution and share her vision on how the market will develop, innovate and “THINK BIG” to meet buyer needs.

“Man’s Propensity to Steal

Knows No Bounds!” Professor Mike Irwin

Redbridge Technical College

Insurance and Fraud Class

October 1981

Old Breaches In The News

State of California

Department of Motor

Vehicles

Home Depot | TARGET | Neiman Marcus | ebay

SONY | | JP Morgan

Chase

| Anthem

Michaels

The Pennsylvania State University

Sands | P.F. Chang’s | Sally Beauty Supply

United States Office of Personnel Management

White Lodging | |

The New Face of Cyber….

Two days before Christmas in 2015, hackers attacked the power grid in the Ivano-Frankivsk region of Ukraine with a "virus" that had erased the programs that engineers use to monitor equipment.

For six hours, 103 cities were hit with power outages and another 186 cities were left partially in the dark because devices that route power and change voltages had been disconnected from the grid.

Dealing with Cyber Risk

It’s a Process!

First Understand the Risk

Risk Management

Senior Management

Information Security

Broker / Insurer

Legal Department

Understand the top risks to your company and communicate to management the risks that are and are not insurable. If not insurable, then identify alternative options.

Know and meet regularly with your Information Security / IT Team. Understand incidents or “near misses”.

Understand your contracts with your customers. What risks are your company assuming? What insurance are you required to maintain?

Review your risks with your insurance broker and insurer continually. Insurance coverage is negotiable.

How Does Cyber Analytics Help?

Provides guidance on the

financial impact of decisions

about Cyber risk and insurance

Gives organization-specific

advice to evaluate various

insurance program structures

Provides quantitative results and

can be used in addition to

traditional benchmarking

Helps determine the impact of

program structure on

Retained losses

Insurance recoveries

Losses in excess of

insurance coverage

Premium value

12

2016 Cyber Exposure Trends

Social Media

Network security, privacy, and social engineering

Phishing / Spear Phishing

Regulatory (Domestic and International)

IoT - The Internet of Things

Smart workplaces

Reliance on technology & increasing automation

Cloud Computing / Big Data Analytics

Increased use of outsourced service providers

Cloud provider risk oversight/security

13

What is Available?

Current Snap Shot of the Cyber Market

Global Cyber Insurance Marketplace DOMESTIC

•AIG

•Allianz •Arch

•Argo •Aspen

•AXIS •AWAC

•BCS

•Beazley

•Berkshire Hathaway •Chubb

•CNA •CV Starr

•Endurance •Nationwide

•Hartford •HCC

•Hiscox

•Ironshore

•Liberty Mutual •QBE

•RLI

•SCOR Re

•Swiss Re •Travelers

•XL- Catlin •Zurich

LONDON

•Aegis

•Allianz •ANV

•Ascent

•Aspen

•AIG Lexington

•Berkshire Hathaway

•Barbican

•Beazley

•Brit •CFC

•Chubb •HCC

•Hiscox

•Kiln

•Liberty •SCOR

•Swiss Re

•Axis

•Zurich •Munich Re

•Novae

BERMUDA (Excess only)

•AIG

•Chubb •Markel

•Argo •Aspen

•AWAC

•AXIS

•Endurance

•Iron-Starr

•XL - Catlin

•Global Indemnity

15

Ex

pe

ns

e/S

erv

ice

Se

cti

on

s

Fir

st

Part

y S

ecti

on

s

Lia

bilit

y S

ec

tio

ns

• Failure of Network Security

• Failure to Protect/ Wrongful Disclosure of Information, including employee information

• Privacy or Security related regulator investigation

• All of the above when committed by an outsourcer

• Wrongful Collection of Information (some policies)

• Media content infringement/ defamatory content

• Network-related Business Interruption

• Extra Expense

• System Failure Business Interruption (some policies)

• Dependent Business Interruption (some policies)

• Intangible Asset damage

• Crisis Management

• Breach-related Legal Advice

• Call Center

• Credit Monitoring, Identity Monitoring, ID Theft Insurance

• Cyber Extortion Payments

Defense Costs + Damages + Regulator Fines

Insured’s Loss

Expenses Paid to Vendors

Scope of Cyber Insurance Coverage

16

State of the Cyber Marketplace

Capacity is fluctuating in 2015 both domestically and abroad - While there are over 67 unique markets that can provide Professional Liability and/or Cyber capacity, with new entrants in

2015; some markets have recently reduced capacity or have pulled out all together, while others have entered or increased their capacity

- Markets exist domestically (primary and excess), the UK (primary and excess) and Bermuda (excess only) - Of the available markets, there continue to be 4-5 Tier I markets for large complex accounts

Capacity

Coverage

Retentions

Pricing

Coverage continues to expand in both breadth and limit availability for middle market accounts, but not

large accounts - Carriers continue to differentiate their offerings with new/enhanced coverage components (Goodwill Coupon, Breach

Response Services, PCI Coverage, etc.) - Breach mitigation coverages continue to expand to meet clients’ needs, including higher limits of coverage and the

availability of coverage through a tower

Stronger data is being gathered as more breaches are reported - There continues to be numerous breaches reported with additional reports tracking costs of the breaches - Policies are responding, particularly to the breach mitigation, allowing better tracking of “claims” payments - Much more focus on IT security calls and IT systems relating to Point of Sale (“POS”) systems

Retentions remain stable and varied for middle market accounts, but some material increases for

large accounts - Retentions of all levels are available in the market, but vary based on industry class, revenue and unique exposures, with

recent market pressure to increase retentions, sometimes significantly - Adjusting retentions can lead to more coverage/sublimit flexibility

Pricing continues to trend upwards - Pricing continues to rise in the wake of significant breaches, particularly in the affected industries – increases of 100% -

400% over expiring are not uncommon - Renewal premiums continue to increase even for insureds with no change in exposure profile

Claims &

Losses

Variation based on size, industry & geography, but below is general summary:

17

What is s Good Strategic Market Approach?

Placement strategy discussion

Gather underwriting information

Create coverage specifications via Priority Matrix

Insurers evaluate submission / Underwriting Meetings

Negotiation Period –

Time will depend upon size of the tower

New Program Incepts

21 days

7 days

14 - 21 days

30 - 45 days

The key to a successful go to market strategy is to differentiate our clients.

• Placement Strategy Discussion

• Submission creation

• Coverage Priority Matrix

• Underwriting meeting preparation –

• Market meeting or conference call

• Obtain worldwide market access

18

Questions from the Floor