cyber insurance: what is your - main page - abais · 2018-10-31 · cyber insurance: what is your...
TRANSCRIPT
aba.com 1-800-BANKERS
Cyber Insurance: What is your
bank doing to manage risk?presented by
David Kitchen Lisa Micciche
aba.com 1-800-BANKERS
Today’s Agenda
• Claims Statistics
• Common Types of Cyber Attacks
• Typical Costs Incurred to Respond to an Incident
• Prevention and Remediation Tips
• We will not cover:
– Overview of notification laws (US State, HIPAA, GDPR, etc.)
– Communication strategies
– Regulatory notifications and investigations
aba.com 1-800-BANKERS
2017 Cyber Claims
5%
5%
8%
8%
8%
10%
10%
12%
18%
18%
Hospitality
Public Entity & Non-Profit
Media & Technology
Energy & Transportation
Other
Business Services
Manufacturing
Retail/Wholesale
Professional Sector
Financial Sector
Reported Claims by Industry
Source: AIG Cyber Claims Study 2018
aba.com 1-800-BANKERS
2017 Cyber Claims
2%
4%
6%
8%
8%
9%
15%
19%
29%
Denial of Service Attack
Regulatory Issues
Physical Loss of Assets
Virus Infection (Non-Ransomware)
Other
Impersonation Fraud
Security Failures
Data Breach
Extortion
Reported Claims by Type, Across Industries
Source: AIG Cyber Claims Study 2018
aba.com 1-800-BANKERS
2017 Cyber Claims
Ransomware2%
Phishing3%
Physical Data Loss8%
Data / System Breach
13%
Impersonation Fraud
14%Intellectual
Property23%
ADA37%
Ransomware7%
Data / System Breach
35%Impersonation Fraud51%
Intellectual Property
1%ADA6%
Reported Claims by TypeCommunity Banks
Claims Losses by TypeCommunity Banks
aba.com 1-800-BANKERS
Top 3 Security Risks
• Remote access ability
• Weak password requirements
• Lack of education (phishing)
aba.com 1-800-BANKERS
What happened?
aba.com 1-800-BANKERS
Industries Affected
Source: BakerHostetler Data Security Incident Response Report 2018
aba.com 1-800-BANKERS
Data at Risk
Source: BakerHostetler Data Security Incident Response Report 2018
aba.com 1-800-BANKERS
Timeline: Incident Response Trends
Source: BakerHostetler Data Security Incident Response Report 2018
aba.com 1-800-BANKERS
Overall
Source: BakerHostetler Data Security Incident Response Report 2018
aba.com 1-800-BANKERS
W-2 and Business Email Compromise
• Scammers use emails from a target organization’s CEO, asking HR
and accounting personnel for employee W-2 information.
• Scammers last year also phished online payroll management
account credentials used by corporate HR professionals.
aba.com 1-800-BANKERS
Business Email Compromise Examples
Version 1: “Bogus Invoice,” “Supplier Swindle,” and “Invoice Modification”
A business, with a long standing relationship with a supplier, is asked to wire funds for invoice payment
to an alternate, fraudulent account. If an e-mail is received, the subject will spoof the e-mail request so it
appears similar to a legitimate account that takes close scrutiny to determine it was fraudulent. If a fax or
call is received, it will mimic a legitimate request.
Version 2: “CEO Fraud,” “Business Executive Scam,” “Masquerading,” and
“Financial Industry Wire Frauds”
Email accounts of business executives (CFO, CTO, etc.) are compromised. The account may be
spoofed or hacked. "A request for a wire transfer from the compromised account is made to a second
employee who is normally responsible for processing these requests. In some instances, a request for a
wire transfer from the compromised account is sent directly to the financial institution with instructions to
urgently send funds to bank “X” for reason “Y.”
Version 3
An employee has his/her personal e-mail hacked. Requests for invoice payments to fraudster-controlled
bank accounts are sent from the employee’s personal e-mail to vendors identified from the contact list.
The business may not become aware of the fraudulent requests until they are contacted by the vendors
to follow up on the status of their invoice payment.
aba.com 1-800-BANKERS
Account Takeovers
aba.com 1-800-BANKERS
Phishing Statistics
aba.com 1-800-BANKERS
Threat Vector Tactics:
The Most Used Email Lures
2016 Proofpoint “The Human Factor”
aba.com 1-800-BANKERS
Ransomware on the Rise
• On April 29, 2016, the FBI issued a warning that
ransomware attacks are on the rise.
• Cyber-criminals collected $209 million in the first three
months of 2016 by extorting businesses and institutions
to unlock computer servers.
• Hollywood Presbyterian Medical Center paid 40 bitcoins
–about $17,000 – to hackers who were holding its
computer network hostage.
aba.com 1-800-BANKERS
Ransomware is here to stay
• Critical reliance on technology
• New iterations affect mobile and IoT devices
• Low entry cost for cybercriminals
• Business oriented ransomware models are:– Developing new strains
– Engaging in customer service
– Data mining
aba.com 1-800-BANKERS
A Simplified View of a Data Breach
Handling the Long-Term
Consequences
Managing the Short-Term
Crisis
Evaluation of the Data Breach
Discovery of a Data Breach
Theft, loss, or Unauthorized
Disclosure of PHI, PII, PCI
Forensic Investigation and
Legal Review
Notification and Credit Monitoring
Class-Action Lawsuits
Regulatory Fines, Penalties, and
Consumer Redress
Public Relations
Reputational Damage
Income Loss
aba.com 1-800-BANKERS
Responding to Security Incidents is Costly
Source: BakerHostetler Data Security Incident Response Report 2018
aba.com 1-800-BANKERS
Be “Compromise Ready”
• Threat information gathering
• Technology – preventative & detective
• Personnel – awareness & training
• Security assessments– Understand where assets and sensitive data are located
– Implement reasonable safeguards
– Increase detection capabilities
• Vendor management
• Incident response plan and tabletop exercises
• Insurance
• Ongoing diligence and oversight
aba.com 1-800-BANKERS
Incident Response Trends
1. Increase awareness of cybersecurity issues
2. Identify and implement basic security measures
3. Create a forensics plan
4. Build business continuity into your incident response plan
5. Manage your vendors
6. Combat ransomware
7. Purchase the right cyber insurance policy
8. Implement a strong, top-down risk management program
9. Adopt updated password guidance, and implement MFA or other risk-based authentication controls
10. Keep data secure in the cloud
11. Prepare for more regulatory inquiries
aba.com 1-800-BANKERS
We welcome your questions at this time.
aba.com 1-800-BANKERS
Thanks for your participation
Contact informationDavid Kitchen, BakerHostetler
216-861-7060
Lisa Micciche, ABA Insurance Services
216-220-1297