Presented by ABA Insurance Services

The PIA Partnership Presents: Cyber 101

Fraudulent Funds Transfer

Extortion/Ransomware

Social Engineering

Business Interruption

Data Breach/Privacy

Network Security

Media Liability

Essential Information You and Your Clients Need to Know About Cyber

✓

Presented by ABA Insurance Services

David Rupnow, CPCU, RPLU

Product Manager

D: 216-220-1293 | E: drupnow@abais.com

Dave has over 25 years of experience in

underwriting and managing professional liability

insurance programs to the small-medium

business niche. With a focus on improving the

efficiency and agent experience to rate/quote/bind

insurance, he was key in the development and

implementation of ProCision®, a new, next

generation, multi-product quoting platform

available through ForAgentsOnly.com.

Lisa Micciche, CPA

Product Manager

D: 216-220-1297 | E: lmicciche@abais.com

With over 15 years of underwriting, financial

and management experience, Lisa is

responsible for product development and

modifications to existing products, as well as

sales, claims, and competitive analysis for both

the Bank and Small Business Insurance

Programs of ABA Insurance Services. She was

instrumental in the development of the Bank

Program’s cyber insurance product.

2

Presented by ABA Insurance Services

ABA Insurance Services is a managing general agency, program administrator and wholesale brokerage that

offers professional and management liability lines, financial institution bonds, surety bonds, property, and general

liability insurance to banks, small businesses and nonprofit organizations.

Presented by ABA Insurance Services

What we will cover in this webinar

▪ What is Cyber Business Interruption (CBI)?

▪ CBI Statistics

▪ Coverage Highlights

▪ Case Studies

▪ Tips for Remediation and Prevention

3

© 2018 ABA Insurance Services Inc. dba Cabins Insurance Services in CA, ABA Insurance Services of Kentucky Inc. in KY, and ABA Insurance Agency Inc. in MI. Notwithstanding any

language to the contrary, nothing contained herein constitutes nor is intended to constitute an offer, inducement, promise, or contract of any kind. All coverage descriptions and claims

examples are provided for informational and educational purposes only and are not a representation as to coverage for any particular claim and are not represented to be error free.

Coverage for any claim is determined upon the specific facts of the claim, the terms and conditions of the policy and applicable law. For details on the coverage provided by your specific

contract of insurance, please refer to your policy. Coverage is subject to underwriting guidelines and may not be available in all states. Limits may be capped for underwriting reasons. Any

links to any sites which are not originated by ABA Insurance Services Inc. (ABAIS) are provided only as a courtesy and are not intended to nor do they constitute an endorsement by

ABAIS of the linked materials. All rights reserved.

Presented by ABA Insurance Services

What is Cyber Business Interruption?

Cyber Business Interruption (CBI) is an operational business failure due to a cyber attack. This

differs from traditional business interruption because it is triggered by a non-physical event.

4

Presented by ABA Insurance Services

Traditional BI Coverage

▪ BI coverage is a time-element coverage

offered under property policies.

▪ For BI coverage to be implicated, there must

be direct physical damage by a covered

cause of loss (fire, flood, wind) that causes

an interruption of the insured’s operations.

▪ Once these conditions are met, then the

actual loss sustained is measured to

determine the loss of business income from

the interruption.

5

Traditional BI Coverage is not Sufficient

Presented by ABA Insurance Services 6

Business Interruption Stats to Consider

Presented by ABA Insurance Services 7

2012 – 2017 BI Incidents: A Look by Industry

Presented by ABA Insurance Services

▪ Covers loss of income and costs in excess of normal operating expenses required to maintain the business and restore operations.

▪ May cover dependent business interruption.

▪ Lawsuits

▪ Suppliers

▪ Incident usually triggers breach response coverage (forensics expenses, data restoration).

▪ System failure due to cover employee error is probably not covered.

8

Cyber BI Coverage Highlights

Presented by ABA Insurance Services

Additional Points to Consider

Limits and Retentions

▪ Regardless of the revenue loss, the BI sublimit caps the payout under the policy.

▪ Coverage will often include a separate BI deductible or BI waiting period, either in hours or days,

before liability will arise under the policy. If a BI loss is below the deductible or does not exceed the

waiting period, then the policy will not respond. An example of the waiting period not being met

would be if a denial-of-service lasts two hours and the waiting period is four hours.

Key Exclusions

▪ System upgrades are not covered.

▪ Utility failures are not covered.

9

Presented by ABA Insurance Services

Retailer hit by a Distributed Denial of

Services (DDoS) attack

▪ The third party service provider that hosts a

retailer’s website was hit by a DDoS attack.

The provider could not quickly resolve the

attack to its systems and the retailer’s

website was taken offline for four days while

the problem was fixed.

▪ The retailer incurred financial loss due to lost

income and reputational damage.

10

Cyber BI: Case Study 1

Presented by ABA Insurance Services

Oyster card glitch costs “Transport for

London” 250,000 pounds in one morning.

▪ The glitch was caused by software errors

relating to the implementation of a fare hike.

▪ Barriers at many underground stations were

left open allowing commuters a free ride.

▪ Around 100,000 free journeys took place in

the six hours the system was down.

11

Cyber BI: Case Study 2

Presented by ABA Insurance Services

The Internet of Things

▪ Cyber criminals used malicious code to

sabotage the automated building controls of

a meat packing plant. The code turned off the

cooling systems which, in turn, spoiled

hundreds of pounds of beef.

12

Cyber BI: Case Study 3

Presented by ABA Insurance Services

7 Tips for Prevention and Remediation

1. Maintain your security environment: use antivirus software,

ensure all firewalls and routers are secure and kept up to date.

2. Backup your data and systems.

3. Maintain your software upgrades and patches.

4. Adopt a strict password policy for your business.

5. Educate employees on good cyber hygiene.

6. Create an incident response plan.

7. Check your insurance coverage.

13

Presented by ABA Insurance Services

Questions

14

Presented by ABA Insurance Services 15

The PIA Partnership Presents: Cyber 101Available now at www.pianet.com/pia-partnership/cyber101

Join us for the next Cyber 101 webinar: Data

Breach/PrivacyTuesday, May 1, 2018 at 2:00 p.m. Eastern