Useful summary of the threats that come with digital transformation...: The greatest cyber security challenge is simply keeping up with the rapidly evolving threat, Aon said today. The global professional services firm released its 2019 Cyber Security Risk Report, detailing the most severe cyber security threats and challenges organisations are currently facing. “The rapid enhancements and pace of technological adoption, has meant that the number of touch-points within

Two lessons here: be on alert for fraud and train your staff to be aware; use a specialist broker to get the right insurance cover that will actually pay out...: [...] News stories about cybersecurity incidents involving phishing are routine. However, just because phishing schemes are a well-known attack vector does not lessen the risk that organizations face from these schemes. The town of Farmington, Connecticut learned that lesson when city coffers lost over $2 million to

You need a specialist broker to help you understand what is, and what is not, covered by insurance...: In late January 2019, the French data protection authority, CNIL, imposed a fine of €50 million—or roughly $57 million—on Google for violations of the GDPR. The fine is the largest imposed to date under the GDPR, since it came into effect in May 2018. The Google fine highlights a couple of things: the GDPR has teeth, and regulators in the EU won’t hesitate to enforce the re

We're probably due a market correction soon...: [...] However, one reason cyber is more profitable than other lines of coverage is that the insurance industry has yet to experience a cataclysmic cyber event — one that triggers major claims payouts from a large numbers of customers, a report recently released by Lloyds suggests. “In the period 2013 to 2018, the affirmative cyber insurance direct loss ratio across the industry has averaged around 50% – i.e. half of the prem

Clarification would be good. In the short term, do Google have cover for their fine from the French?...: [...] GDPR is the EU's main data protection law, which came into force on 25 May 2018. Businesses can be fined up to €20 million or 4% of their global annual turnover, whichever is higher, for the most serious breaches of the new regime – significantly higher than the maximum penalties which were previously applicable, e.g. £500,000 in the UK. Whether or not businesses

Are you protected by insurance from bad business decisions over cyber risk? ...: [...] But it’s the details of the S.E.C. settlement that most likely proved the most troubling for the insurers. According to the S.E.C., “In late 2014, Yahoo had learned of a massive breach of its user database that resulted in the theft, unauthorized access or acquisition of hundreds of millions of its user’s personal data.” The agency further alleged that “Yahoo senior management and releva...

Most firms have cover in place for General Liability and Directors & Officers (D&O) but that probably isn't enough...: [...] High profile data breaches have spawned multiple lawsuits and have begun to impact boards, panelists said. In January, Yahoo settled a securities lawsuit stemming from two 2016 data breaches for $80 million. “Today, cyber risk is D&O risk,” said Padalino. “It’s not just an issue of…breaches against the organization and the IT department.