|
|
|
|
|
BUSINESS DRIVERS
|
Protect Bottom Line
Protect Business Reputation
- Availability of services is crucial
Regulatory Requirements
- Turnbull report: places a duty on Public Company Directors to identify, manage and mitigate all business risks and take an informed opinion on risk transfer
- Data Protection Legislation places an obligation on companies to ensure that their IT systems are secure enough to protect against breaches of confidentiality and to ensure the integrity and availability of data
- The Electronic Communications Act.
- E-Commerce Directive
- Regulation of Investigating Powers Act
Due diligence for customers, suppliers and partners
|
|
|
|
|
RISK AWARENESS
|
Liability to Third Parties
Protect Business Reputation
- Liability due to email or website content:
- Breaching intellectual property rights
- Breaching privacy rights.
- Defaming
- Liability due to downtime
- Liability due to forwarding or creating a virus
- Employee claims for breach of privacy
- Employee claims for an inappropriate work place (eg emails with sexual content)
First Party losses
- Computer system damage due to a virus or hacking attack.
- Loss of revenue (business interruption) due to a virus or hacking attack
- Cyber extortion
- Cyber fraud
- Employee fraud
- Loss of reputation
- Intellectual property right enforcement costs
|
|
|
|
|
RISK MANAGEMENT
|
IT Defences
Protect Business Reputation
- Anti-virus software
- Firewalls
- Intrusion Detection Systems
- Encryption.
- Back-ups.
- Content filtering
Note: Most of these defences (eg anti-virus software) are reactive and therefore, by their very nature, cannot be 100% effective
Policies and Procedures
- IT security policy
- Employee internet and email use policy
- Back-up creation, testing and off-site storage.
- Disaster recovery plan
- BS7799 accreditation
- The application of firewall, anti-virus and other software patches.
Note: All policies and procedures rely on human beings, and therefore, by their very nature, cannot be 100% effective.
|
|
|
|
|
RISK TRANSFER
|
Traditional insurance
Protect Business Reputation
- Only protects tangible assets
- Excludes cyber risks
Note: Most of these defences (eg anti-virus software) are reactive and therefore, by their very nature, cannot be 100% effective
Esurance™
- Esurance™ is a comprehensive cyber insurance policy available in the market
- Esurance™ is also highly accessible. In the vast majority of cases, our simple, 6-page proposal form provides us with enough underwriting information, and your client will not need to undergo any IT security audit.
- Esurance™ is an award-winning product that has been approved by BIBA as the cyber insurance product of choice for their members.
CFC Underwriting Ltd is authorised and regulated by the Financial Services Authority
|
|
|
|
<< Back
|
|
|
|
|
|
