SlideShare una empresa de Scribd logo

Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx

Descargar como PPTX, PDF
North Texas Chapter of the ISSA
North Texas Chapter of the ISSA

ntxissacsc5

Internet
1 de 20
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 The Essentials of Cyber Insurance: A Panel of Industry Experts Patrick Florer Risk Centric Security, Inc. Co-Author: NetDiligence Cyber Claims Report & Ponemon Contributor Mark Knepshield Insurance Broker, Specializing in Cyber McGriff, Seibels & Williams John Southrey Director of Prod. Development, Specializing in Cyber Tex. Med. Liab. Trust Shawn Tuma (Moderator) Cybersecurity & Data Privacy Attorney Scheef & Stone, LLP
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Speakers 2 Patrick Florer CTO and Cofounder Risk Centric Security, Inc. • Information technologist for 38 years • Database designer/statistical analysis in evidence- based medicine for 17 years in parallel • Member, RIM Council (Responsible Information Council), Ponemon Institute, since 2009 • Distinguished Fellow, Ponemon Institute, since 2009 • Co-author and co-analyst of the 2016 & 2017 NetDiligence© Cost of Cyber Claims report (along with Heather Goodnight-Hoffmann)
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Speakers 3 Mark Knepshield Senior Vice President Financial Services Division McGriff, Seibels & Williams, Inc. • Mark specializes in cyber liability insurance placement and claim handling. • Mark assists clients on implementing strategic incident response and breach preparedness plans. • Mark’s experience includes cyber insurance claim workouts on a number of high profile breaches and as well as the expected financial impact to companies. • Mark is a frequent speaker at insurance industry and financial services related events around the country. • McGriff Seibels & Williams, Inc. is a subsidiary of BB&T Insurance Services, the 5th largest insurance brokerage house in the United States.
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Speakers 4 John Southrey, CIC, CRM Director, Product Development & Consulting Services Texas Medical Liability Trust • Over 37 years in insurance industry and is a Certified Insurance Counselor and Certified Risk Manager. • John leads the development and marketing of standalone cyber liability and technology errors & omissions liability insurance for medical-related firms and law firms at TMLT. • TMLT (Texas Medical Liability Trust) (www.tmlt.org) is the largest medical professional liability insurer in Texas. • In 2004, started with TMLT and worked in the Claims dept as claims supervisor, in the Sales department as a Sales Manager. • A prolific writer with many published works.
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Overview • Frequently used insurance terminology • Who are the key players? • Role of cyber insurance in risk mgt? • Why do companies need cyber risk insurance? • What kind of cyber risk coverage is available? • What are specific issues to look for in cyber risk insurance? • What is the process for obtaining cyber risk insurance? • How much coverage do you need? • What is the process for making a claim on your policy? • What are the most common mistakes insureds make? • What are the most common claims costs for items in a breach? • What are the most common things not covered? 5
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Frequently used insurance terminology • CGL – Commercial General Liability insurance • D&O – Directors’ and Officers’ insurance • E&O (PLI/PII) – Errors and Omissions (sometimes called Professional Liability or Professional Indemnity Insurance) • K&R – Kidnap and Ransom • ISO – the Insurance Services Office • Policy • Risk / Peril • Retention • Limits / Sub-limits • Exclusions • Re-insurance 6
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Who are the key players? • The Insured • The Broker / Agent • The Underwriter • The Actuary • The Insurer / Carrier • The ISO – the Insurance Services Office 7
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Role of cyber insurance in risk mgt. In March 2016, the Cybersecurity and Infrastructure Protection Subcommittee (part of the U.S. Department of Homeland Security) at a hearing titled “The Role of Cyber Insurance in Risk Management” noted the following: “The purpose of the hearing was to examine the potential opportunities to promote the adoption of cyber best practices and more effective management of cyber risks through cyber insurance.” https://homeland.house.gov/hearing/the-role-of-cyber-insurance-in-risk-management/ In March 2015, at a U.S. Senate hearing on “Cyber Insurance” it was also noted: “Simply engaging in the process of seeking cyber insurance coverage can assist businesses to develop the correct approach to mitigate risk. Insurance can bring all relevant stakeholders in an organization together, encouraging an enterprise-wide risk management approach.” http://www.propertycasualty360.com/2015/03/20/cyber-insurance-in-the-spotlight-senate-mulling-fe 8
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Why do companies need cyber risk insurance? • Do traditional CGL or other policies usually cover cyber risk or cyber-caused losses? • Are cyber risks usually excluded from non-cyber policies? • Do only big companies, small companies, or “tech” companies need cyber risk coverage? 9
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What kind of cyber risk coverage is available? • What kind of cyber risk coverage is available? • How expensive is this coverage? 10
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What kind of cyber risk coverage is available? First-Party Coverages: • Privacy Breach Response Costs • Network Asset Protection • Cyber Extortion & Cyber Terrorism • Cyber Crime • Reputational Harm • Corrective Action Plan Costs Third-Party Coverages: • Multimedia Liability • Security and Privacy Liability • Privacy Regulatory Defense and Fines & Penalties • PCI DSS Liability 11
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are specific issues to look for in cyber risk insurance? • Social engineering? • Computer fraud / crime language? • Contractual liability, such as indemnification agreements? • Pre-existing “issues”? 12
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What is the process for obtaining cyber risk insurance? • What is the process for obtaining cyber risk insurance? • Application / underwriting process • Should IT / infosec be involved to ensure accuracy? • Risk assessments • What do they look like? • Do they impact premiums? • Prior incidents • Do they impact premiums? • Must they be disclosed? • Latest tech tools, services, gimmicks • Do they impact premiums? 13
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 How much coverage do you need? • How much coverage does your company need? • How do you calculate your company’s risk exposure? 14
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What is the process for making a claim on your policy? • What is the process for making a claim on your policy? • Is this like the first, second, or third call you need to make after discovering an incident? • List of approved panel providers • Attorneys • Forensics • Credit product / notification logistics • Public Relations • Timeliness • Notice • Carrier may not pay for services provided without prior approval • Appoint legal counsel as breach guide • Process • Any input from the insured on who represents them? • Can this be addressed when obtaining coverage, if they have counsel they trust? 15
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are the most common mistakes insureds make? • What are the most common mistakes you see insureds make that jeopardizes their coverage? 16
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are the most common claims costs for items in a breach? • In an incident, what are the most common claims costs for things such as: • Forensics • Remediation • Public Relations • Notifications / Credit Product / Logistics • Legal 17
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are the most common things not covered? • What the most common things that insureds seem to expect would be covered but, in reality, are not covered? • Warranties or exclusions in relating to the Insured’s failure to maintain the security of its computer network in accordance with industry standards or “best practices,” internal policies, and/or regulations. (These exclusions can defeat the purpose of the cyber insurance.) • No coverage for unencrypted mobile devices. • What lessons should this teach them? 18
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Questions? Patrick Florer CTO and Cofounder Risk Centric Security, Inc. 214.828.1172 (office) 214.850.8539 (cell) www.riskcentricsecurity.com Mark Knepshield Senior Vice President Financial Services Division McGriff Seibels & Williams Direct: 469-232-2126 Mobile: 303-885-5843 John Southrey Director, Product Development & Consulting Texas Medical Liability Trust P.O. Box 160140, Austin, TX 78716-0140 direct: 512-425-5976 | cell: 512-589-4543 www.tmlt.org Shawn Tuma Scheef & Stone, L.L.P. Cybersecurity & Data Privacy Attorney 2600 Network Blvd., #400, Frisco, TX 75034 Direct: 214.472.2135 | Mobile: 214.726.2808 Email: shawn.tuma@solidcounsel.com Blog: www.BusinessCyberRisk.com 19
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 20 Thank you

Recomendados

Pdf lachow anu
Pdf lachow anuPdf lachow anu
Pdf lachow anutheresa may
 
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?North Texas Chapter of the ISSA
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
Cas cyber prez
Cas cyber prezCas cyber prez
Cas cyber prezDan Michaluk
 
Infographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityInfographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityIntronis MSP Solutions by Barracuda
 
How Not to Lose Your Bitcoin in 2017
How Not to Lose Your Bitcoin in 2017How Not to Lose Your Bitcoin in 2017
How Not to Lose Your Bitcoin in 2017Anil X
 
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNorth Texas Chapter of the ISSA
 

Recomendados

Pdf lachow anu
Pdf lachow anuPdf lachow anu
Pdf lachow anutheresa may
 
NTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNTXISSACSC4 - Mitigating Security Risks in Vendor Agreements
NTXISSACSC4 - Mitigating Security Risks in Vendor AgreementsNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?NTXISSACSC4 - Cyber Insurance – Did You Know?
NTXISSACSC4 - Cyber Insurance – Did You Know?North Texas Chapter of the ISSA
 
Netwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetwatcher Credit Union Tech Talk
Netwatcher Credit Union Tech TalkNetWatcher
 
Cas cyber prez
Cas cyber prezCas cyber prez
Cas cyber prezDan Michaluk
 
Infographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityInfographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityIntronis MSP Solutions by Barracuda
 
How Not to Lose Your Bitcoin in 2017
How Not to Lose Your Bitcoin in 2017How Not to Lose Your Bitcoin in 2017
How Not to Lose Your Bitcoin in 2017Anil X
 
NTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNTXISSACSC4 - Red, Amber, Green Status: The Human Dashboard
NTXISSACSC4 - Red, Amber, Green Status: The Human DashboardNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNorth Texas Chapter of the ISSA
 
DDoS mitigation at Jisc
DDoS mitigation at JiscDDoS mitigation at Jisc
DDoS mitigation at JiscJisc
 
Infosec Europe 2017 Highlights | Lastline, Inc.
Infosec Europe 2017 Highlights | Lastline, Inc.Infosec Europe 2017 Highlights | Lastline, Inc.
Infosec Europe 2017 Highlights | Lastline, Inc.Lastline, Inc.
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE - ATT&CKcon
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...North Texas Chapter of the ISSA
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security InfographicIdeba
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsRick van der Kleij
 
Information lifecycles: a tool for GDPR
Information lifecycles: a tool for GDPRInformation lifecycles: a tool for GDPR
Information lifecycles: a tool for GDPRJisc
 
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovCyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovEric Vanderburg
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security EbookIdeba
 
Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Valdes Nzalli
 
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...Aggregage
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security PresentationIdeba
 
Worry free security breach - Gemalto
Worry free security breach - GemaltoWorry free security breach - Gemalto
Worry free security breach - GemaltoHarry Gunns
 
2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the YearTripwire
 
The Privacy Illusion
The Privacy IllusionThe Privacy Illusion
The Privacy IllusionMary Aviles
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
When a Data Breach Happens, What's Your Plan?
When a Data Breach Happens, What's Your Plan?When a Data Breach Happens, What's Your Plan?
When a Data Breach Happens, What's Your Plan?Edge Pereira
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1North Texas Chapter of the ISSA
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNorth Texas Chapter of the ISSA
 

Más contenido relacionado

La actualidad más candente

DDoS mitigation at Jisc
DDoS mitigation at JiscDDoS mitigation at Jisc
DDoS mitigation at JiscJisc
 
Infosec Europe 2017 Highlights | Lastline, Inc.
Infosec Europe 2017 Highlights | Lastline, Inc.Infosec Europe 2017 Highlights | Lastline, Inc.
Infosec Europe 2017 Highlights | Lastline, Inc.Lastline, Inc.
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE - ATT&CKcon
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...North Texas Chapter of the ISSA
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security InfographicIdeba
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsRick van der Kleij
 
Information lifecycles: a tool for GDPR
Information lifecycles: a tool for GDPRInformation lifecycles: a tool for GDPR
Information lifecycles: a tool for GDPRJisc
 
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovCyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovEric Vanderburg
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security EbookIdeba
 
Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Valdes Nzalli
 
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...Aggregage
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security PresentationIdeba
 
Worry free security breach - Gemalto
Worry free security breach - GemaltoWorry free security breach - Gemalto
Worry free security breach - GemaltoHarry Gunns
 
2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the YearTripwire
 
The Privacy Illusion
The Privacy IllusionThe Privacy Illusion
The Privacy IllusionMary Aviles
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam ComplianceDan Michaluk
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in MindGosia Fraser
 
When a Data Breach Happens, What's Your Plan?
When a Data Breach Happens, What's Your Plan?When a Data Breach Happens, What's Your Plan?
When a Data Breach Happens, What's Your Plan?Edge Pereira
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityKevin Duffey
 

La actualidad más candente (20)

NTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-VirusNTXISSACSC4 - The Art of Evading Anti-Virus
NTXISSACSC4 - The Art of Evading Anti-Virus
 
DDoS mitigation at Jisc
DDoS mitigation at JiscDDoS mitigation at Jisc
DDoS mitigation at Jisc
 
Infosec Europe 2017 Highlights | Lastline, Inc.
Infosec Europe 2017 Highlights | Lastline, Inc.Infosec Europe 2017 Highlights | Lastline, Inc.
Infosec Europe 2017 Highlights | Lastline, Inc.
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
 
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
NTXISSACSC3 - Fundamentals Matter - A Brief Introduction to Risk Analysis for...
 
Windstream Managed Network Security Infographic
Windstream Managed Network Security InfographicWindstream Managed Network Security Infographic
Windstream Managed Network Security Infographic
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teams
 
Information lifecycles: a tool for GDPR
Information lifecycles: a tool for GDPRInformation lifecycles: a tool for GDPR
Information lifecycles: a tool for GDPR
 
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnovCyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
CyberSecurity: Protecting Law Firms - Vanderburg - JurInnov
 
Windstream Managed Network Security Ebook
Windstream Managed Network Security EbookWindstream Managed Network Security Ebook
Windstream Managed Network Security Ebook
 
Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy Government can save millions by reforming Security Policy
Government can save millions by reforming Security Policy
 
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
How to Effectively Equip Your IG Program for the Perilous Journey Into the Fu...
 
Windstream Managed Network Security Presentation
Windstream Managed Network Security PresentationWindstream Managed Network Security Presentation
Windstream Managed Network Security Presentation
 
Worry free security breach - Gemalto
Worry free security breach - GemaltoWorry free security breach - Gemalto
Worry free security breach - Gemalto
 
2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year2017 in Review: Infosec Pros Look Back on the Year
2017 in Review: Infosec Pros Look Back on the Year
 
The Privacy Illusion
The Privacy IllusionThe Privacy Illusion
The Privacy Illusion
 
Privacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam CompliancePrivacy, Data Security and Anti-Spam Compliance
Privacy, Data Security and Anti-Spam Compliance
 
Internet of Things With Privacy in Mind
Internet of Things With Privacy in MindInternet of Things With Privacy in Mind
Internet of Things With Privacy in Mind
 
When a Data Breach Happens, What's Your Plan?
When a Data Breach Happens, What's Your Plan?When a Data Breach Happens, What's Your Plan?
When a Data Breach Happens, What's Your Plan?
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber Security
 

Destacado

Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNorth Texas Chapter of the ISSA
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...North Texas Chapter of the ISSA
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNorth Texas Chapter of the ISSA
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNorth Texas Chapter of the ISSA
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNorth Texas Chapter of the ISSA
 

Destacado (16)

Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
Ntxissacsc5 yellow 2-evidence driven infosec compliance strategy-garrettp1
 
Ntxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompsonNtxissacsc5 purple 5-insider threat-_andy_thompson
Ntxissacsc5 purple 5-insider threat-_andy_thompson
 
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higginsNtxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
Ntxissacsc5 blue 7-zerotrust more effective approach to security-ed higgins
 
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghanNtxissacsc5 blue 6-securityawareness-laurianna_callaghan
Ntxissacsc5 blue 6-securityawareness-laurianna_callaghan
 
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
Ntxissacsc5 yellow 6-abusing protocols for dynamic addressing in space-jacenr...
 
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_muellerNtxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
Ntxissacsc5 blue 4-the-attack_life_cycle_erich_mueller
 
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeqNtxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
Ntxissacsc5 blue 5-holistic approach to cybersecurity-abu_sadeq
 
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using DeceptionNTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
NTXISSACSC4 - Detecting and Catching the Bad Guys Using Deception
 
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill whiteNtxissacsc5 blue 3-shifting from incident to continuous response bill white
Ntxissacsc5 blue 3-shifting from incident to continuous response bill white
 
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczulNtxissacsc5 purple 4-threat detection using machine learning-markszewczul
Ntxissacsc5 purple 4-threat detection using machine learning-markszewczul
 
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc groupNtxissacsc5 red 1 & 2 basic hacking tools ncc group
Ntxissacsc5 red 1 & 2 basic hacking tools ncc group
 
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykesNtxissacsc5 red 6-diy-pentest-lab dustin-dykes
Ntxissacsc5 red 6-diy-pentest-lab dustin-dykes
 
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florerNtxissacsc5 purple 1-eu-gdpr_patrick_florer
Ntxissacsc5 purple 1-eu-gdpr_patrick_florer
 
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowiczNtxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz
 
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersenNtxissacsc5 yellow 1-beginnerslinux bill-petersen
Ntxissacsc5 yellow 1-beginnerslinux bill-petersen
 
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomeyNtxissacsc5 blue 2-herding cats and security tools-harold_toomey
Ntxissacsc5 blue 2-herding cats and security tools-harold_toomey
 

Similar a Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx

2017 FS-ISAC Security Conference
2017 FS-ISAC Security Conference2017 FS-ISAC Security Conference
2017 FS-ISAC Security ConferenceDavid Sweigert
 
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...Shawn Tuma
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsShawn Tuma
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsShawn Tuma
 
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...Splunk
 
ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]TrustArc
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Joe Bartolo
 
"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the OpportunityDean Iacovelli
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsUlf Mattsson
 
Working Together to Build a Cyber Security Program
Working Together to Build a Cyber Security ProgramWorking Together to Build a Cyber Security Program
Working Together to Build a Cyber Security ProgramNational Retail Federation
 
Cyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpCyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpChinatu Uzuegbu
 
8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP)
8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP) 8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP)
8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP) Evolver Inc.
 
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsLearning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsUlf Mattsson
 
National Association for Trusted Identities in Cyberspace - Establishing Trus...
National Association for Trusted Identities in Cyberspace - Establishing Trus...National Association for Trusted Identities in Cyberspace - Establishing Trus...
National Association for Trusted Identities in Cyberspace - Establishing Trus...M2SYS Technology
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSRandall Chase
 
Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016Kayisa Herman Dube
 
MFX Cybersecurity Services flyer
MFX Cybersecurity Services flyerMFX Cybersecurity Services flyer
MFX Cybersecurity Services flyerMFX Fairfax
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
Insecure magazine - 51
Insecure magazine - 51Insecure magazine - 51
Insecure magazine - 51Felipe Prado
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 

Similar a Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx (20)

2017 FS-ISAC Security Conference
2017 FS-ISAC Security Conference2017 FS-ISAC Security Conference
2017 FS-ISAC Security Conference
 
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
ISSA North Texas - SecureWorld Expo Dallas - Cybersecurity Legal Issues: What...
 
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial InstitutionsCybersecurity: Cyber Risk Management for Banks & Financial Institutions
Cybersecurity: Cyber Risk Management for Banks & Financial Institutions
 
Cybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and ClientsCybersecurity: Cyber Risk Management for Lawyers and Clients
Cybersecurity: Cyber Risk Management for Lawyers and Clients
 
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
SplunkLive! Zurich 2017 - Build a Security Portfolio That Strengthens Your Se...
 
ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]ROI of Privacy: Building a Case for Investment [Webinar Slides]
ROI of Privacy: Building a Case for Investment [Webinar Slides]
 
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
Aceds 2015 Cyberseucity and the Legal Profession - NYC - April 7, 2015
 
"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity"Evolving cybersecurity strategies" - Seizing the Opportunity
"Evolving cybersecurity strategies" - Seizing the Opportunity
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
Working Together to Build a Cyber Security Program
Working Together to Build a Cyber Security ProgramWorking Together to Build a Cyber Security Program
Working Together to Build a Cyber Security Program
 
Cyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-UpCyber Security Awareness Month 2017-Wrap-Up
Cyber Security Awareness Month 2017-Wrap-Up
 
8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP)
8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP) 8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP)
8 Questions for 2016 Federal Cybersecurity National Action Plan (CNAP)
 
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsLearning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
 
National Association for Trusted Identities in Cyberspace - Establishing Trus...
National Association for Trusted Identities in Cyberspace - Establishing Trus...National Association for Trusted Identities in Cyberspace - Establishing Trus...
National Association for Trusted Identities in Cyberspace - Establishing Trus...
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
 
Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016Conference on Digital Forensics & Cyber Security 2016
Conference on Digital Forensics & Cyber Security 2016
 
MFX Cybersecurity Services flyer
MFX Cybersecurity Services flyerMFX Cybersecurity Services flyer
MFX Cybersecurity Services flyer
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
 
Insecure magazine - 51
Insecure magazine - 51Insecure magazine - 51
Insecure magazine - 51
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 

Más de North Texas Chapter of the ISSA

Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNorth Texas Chapter of the ISSA
 
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNtxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...
NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...
NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...North Texas Chapter of the ISSA
 
NTXISSACSC4 - Day in the Life of a Security Solutions Architect
NTXISSACSC4 - Day in the Life of a Security Solutions ArchitectNTXISSACSC4 - Day in the Life of a Security Solutions Architect
NTXISSACSC4 - Day in the Life of a Security Solutions ArchitectNorth Texas Chapter of the ISSA
 
NTXISSACSC4 - Hacking Performance Management, the Blue Green Game
NTXISSACSC4 - Hacking Performance Management, the Blue Green GameNTXISSACSC4 - Hacking Performance Management, the Blue Green Game
NTXISSACSC4 - Hacking Performance Management, the Blue Green GameNorth Texas Chapter of the ISSA
 

Más de North Texas Chapter of the ISSA (13)

Purple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcuttPurple seven-ntxissacsc5 walcutt
Purple seven-ntxissacsc5 walcutt
 
Ntxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cepNtxissacsc5 yellow 7 protecting the cloud with cep
Ntxissacsc5 yellow 7 protecting the cloud with cep
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediation
 
Ntxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliencyNtxissacsc5 gold 1 mimecast e mail resiliency
Ntxissacsc5 gold 1 mimecast e mail resiliency
 
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finneyNtxissacsc5 blue 1-nine cybersecurity habits-george_finney
Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney
 
NTXISSACSC4 - Security for a New World
NTXISSACSC4 - Security for a New WorldNTXISSACSC4 - Security for a New World
NTXISSACSC4 - Security for a New World
 
NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...
NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...
NTXISSACSC4 - Intellectual Property Protection― Cross Roads between Ethics, I...
 
NTXISSACSC4 - How Not to Build a Trojan Horse
NTXISSACSC4 - How Not to Build a Trojan HorseNTXISSACSC4 - How Not to Build a Trojan Horse
NTXISSACSC4 - How Not to Build a Trojan Horse
 
NTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in DepthNTXISSACSC4 - Layered Security / Defense in Depth
NTXISSACSC4 - Layered Security / Defense in Depth
 
NTXISSACSC4 - World of Discovery
NTXISSACSC4 - World of DiscoveryNTXISSACSC4 - World of Discovery
NTXISSACSC4 - World of Discovery
 
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5NTXISSACSC4 - Business Geekdom: 1 = 3 = 5
NTXISSACSC4 - Business Geekdom: 1 = 3 = 5
 
NTXISSACSC4 - Day in the Life of a Security Solutions Architect
NTXISSACSC4 - Day in the Life of a Security Solutions ArchitectNTXISSACSC4 - Day in the Life of a Security Solutions Architect
NTXISSACSC4 - Day in the Life of a Security Solutions Architect
 
NTXISSACSC4 - Hacking Performance Management, the Blue Green Game
NTXISSACSC4 - Hacking Performance Management, the Blue Green GameNTXISSACSC4 - Hacking Performance Management, the Blue Green Game
NTXISSACSC4 - Hacking Performance Management, the Blue Green Game
 

Último

定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhimiss dipika
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Lucknow
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一Fs
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作ys8omjxb
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)Christopher H Felton
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Sonam Pathan
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 

Último (20)

定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Contact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New DelhiContact Rya Baby for Call Girls New Delhi
Contact Rya Baby for Call Girls New Delhi
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Uttam Nagar Delhi 💯Call Us 🔝8264348440🔝
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja VipCall Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
Call Girls Service Adil Nagar 7001305949 Need escorts Service Pooja Vip
 
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
定制(Management毕业证书)新加坡管理大学毕业证成绩单原版一比一
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
Potsdam FH学位证,波茨坦应用技术大学毕业证书1:1制作
 
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
A Good Girl's Guide to Murder (A Good Girl's Guide to Murder, #1)
 
Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170Call Girls Near The Suryaa Hotel New Delhi 9873777170
Call Girls Near The Suryaa Hotel New Delhi 9873777170
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Rk Puram 🔝 9953056974 🔝 Delhi escort Service
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 

Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx

  • 1. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 The Essentials of Cyber Insurance: A Panel of Industry Experts Patrick Florer Risk Centric Security, Inc. Co-Author: NetDiligence Cyber Claims Report & Ponemon Contributor Mark Knepshield Insurance Broker, Specializing in Cyber McGriff, Seibels & Williams John Southrey Director of Prod. Development, Specializing in Cyber Tex. Med. Liab. Trust Shawn Tuma (Moderator) Cybersecurity & Data Privacy Attorney Scheef & Stone, LLP
  • 2. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Speakers 2 Patrick Florer CTO and Cofounder Risk Centric Security, Inc. • Information technologist for 38 years • Database designer/statistical analysis in evidence- based medicine for 17 years in parallel • Member, RIM Council (Responsible Information Council), Ponemon Institute, since 2009 • Distinguished Fellow, Ponemon Institute, since 2009 • Co-author and co-analyst of the 2016 & 2017 NetDiligence© Cost of Cyber Claims report (along with Heather Goodnight-Hoffmann)
  • 3. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Speakers 3 Mark Knepshield Senior Vice President Financial Services Division McGriff, Seibels & Williams, Inc. • Mark specializes in cyber liability insurance placement and claim handling. • Mark assists clients on implementing strategic incident response and breach preparedness plans. • Mark’s experience includes cyber insurance claim workouts on a number of high profile breaches and as well as the expected financial impact to companies. • Mark is a frequent speaker at insurance industry and financial services related events around the country. • McGriff Seibels & Williams, Inc. is a subsidiary of BB&T Insurance Services, the 5th largest insurance brokerage house in the United States.
  • 4. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Speakers 4 John Southrey, CIC, CRM Director, Product Development & Consulting Services Texas Medical Liability Trust • Over 37 years in insurance industry and is a Certified Insurance Counselor and Certified Risk Manager. • John leads the development and marketing of standalone cyber liability and technology errors & omissions liability insurance for medical-related firms and law firms at TMLT. • TMLT (Texas Medical Liability Trust) (www.tmlt.org) is the largest medical professional liability insurer in Texas. • In 2004, started with TMLT and worked in the Claims dept as claims supervisor, in the Sales department as a Sales Manager. • A prolific writer with many published works.
  • 5. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Overview • Frequently used insurance terminology • Who are the key players? • Role of cyber insurance in risk mgt? • Why do companies need cyber risk insurance? • What kind of cyber risk coverage is available? • What are specific issues to look for in cyber risk insurance? • What is the process for obtaining cyber risk insurance? • How much coverage do you need? • What is the process for making a claim on your policy? • What are the most common mistakes insureds make? • What are the most common claims costs for items in a breach? • What are the most common things not covered? 5
  • 6. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Frequently used insurance terminology • CGL – Commercial General Liability insurance • D&O – Directors’ and Officers’ insurance • E&O (PLI/PII) – Errors and Omissions (sometimes called Professional Liability or Professional Indemnity Insurance) • K&R – Kidnap and Ransom • ISO – the Insurance Services Office • Policy • Risk / Peril • Retention • Limits / Sub-limits • Exclusions • Re-insurance 6
  • 7. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Who are the key players? • The Insured • The Broker / Agent • The Underwriter • The Actuary • The Insurer / Carrier • The ISO – the Insurance Services Office 7
  • 8. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Role of cyber insurance in risk mgt. In March 2016, the Cybersecurity and Infrastructure Protection Subcommittee (part of the U.S. Department of Homeland Security) at a hearing titled “The Role of Cyber Insurance in Risk Management” noted the following: “The purpose of the hearing was to examine the potential opportunities to promote the adoption of cyber best practices and more effective management of cyber risks through cyber insurance.” https://homeland.house.gov/hearing/the-role-of-cyber-insurance-in-risk-management/ In March 2015, at a U.S. Senate hearing on “Cyber Insurance” it was also noted: “Simply engaging in the process of seeking cyber insurance coverage can assist businesses to develop the correct approach to mitigate risk. Insurance can bring all relevant stakeholders in an organization together, encouraging an enterprise-wide risk management approach.” http://www.propertycasualty360.com/2015/03/20/cyber-insurance-in-the-spotlight-senate-mulling-fe 8
  • 9. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Why do companies need cyber risk insurance? • Do traditional CGL or other policies usually cover cyber risk or cyber-caused losses? • Are cyber risks usually excluded from non-cyber policies? • Do only big companies, small companies, or “tech” companies need cyber risk coverage? 9
  • 10. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What kind of cyber risk coverage is available? • What kind of cyber risk coverage is available? • How expensive is this coverage? 10
  • 11. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What kind of cyber risk coverage is available? First-Party Coverages: • Privacy Breach Response Costs • Network Asset Protection • Cyber Extortion & Cyber Terrorism • Cyber Crime • Reputational Harm • Corrective Action Plan Costs Third-Party Coverages: • Multimedia Liability • Security and Privacy Liability • Privacy Regulatory Defense and Fines & Penalties • PCI DSS Liability 11
  • 12. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are specific issues to look for in cyber risk insurance? • Social engineering? • Computer fraud / crime language? • Contractual liability, such as indemnification agreements? • Pre-existing “issues”? 12
  • 13. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What is the process for obtaining cyber risk insurance? • What is the process for obtaining cyber risk insurance? • Application / underwriting process • Should IT / infosec be involved to ensure accuracy? • Risk assessments • What do they look like? • Do they impact premiums? • Prior incidents • Do they impact premiums? • Must they be disclosed? • Latest tech tools, services, gimmicks • Do they impact premiums? 13
  • 14. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 How much coverage do you need? • How much coverage does your company need? • How do you calculate your company’s risk exposure? 14
  • 15. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What is the process for making a claim on your policy? • What is the process for making a claim on your policy? • Is this like the first, second, or third call you need to make after discovering an incident? • List of approved panel providers • Attorneys • Forensics • Credit product / notification logistics • Public Relations • Timeliness • Notice • Carrier may not pay for services provided without prior approval • Appoint legal counsel as breach guide • Process • Any input from the insured on who represents them? • Can this be addressed when obtaining coverage, if they have counsel they trust? 15
  • 16. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are the most common mistakes insureds make? • What are the most common mistakes you see insureds make that jeopardizes their coverage? 16
  • 17. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are the most common claims costs for items in a breach? • In an incident, what are the most common claims costs for things such as: • Forensics • Remediation • Public Relations • Notifications / Credit Product / Logistics • Legal 17
  • 18. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 What are the most common things not covered? • What the most common things that insureds seem to expect would be covered but, in reality, are not covered? • Warranties or exclusions in relating to the Insured’s failure to maintain the security of its computer network in accordance with industry standards or “best practices,” internal policies, and/or regulations. (These exclusions can defeat the purpose of the cyber insurance.) • No coverage for unencrypted mobile devices. • What lessons should this teach them? 18
  • 19. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Questions? Patrick Florer CTO and Cofounder Risk Centric Security, Inc. 214.828.1172 (office) 214.850.8539 (cell) www.riskcentricsecurity.com Mark Knepshield Senior Vice President Financial Services Division McGriff Seibels & Williams Direct: 469-232-2126 Mobile: 303-885-5843 John Southrey Director, Product Development & Consulting Texas Medical Liability Trust P.O. Box 160140, Austin, TX 78716-0140 direct: 512-425-5976 | cell: 512-589-4543 www.tmlt.org Shawn Tuma Scheef & Stone, L.L.P. Cybersecurity & Data Privacy Attorney 2600 Network Blvd., #400, Frisco, TX 75034 Direct: 214.472.2135 | Mobile: 214.726.2808 Email: shawn.tuma@solidcounsel.com Blog: www.BusinessCyberRisk.com 19
  • 20. NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 20 Thank you