Cyber Crime
What are two examples of coverages commonly included under Cyber Crime?
Computer Fraud
Funds Transfer Fraud
Social Engineering Fraud
Telecom Fraud
What exposure category typically includes extortion payments?
Direct / First Party coverage
This security practice requires users to provide two or more verification factors to gain access to a system.
What is Multi-Factor Authentication (MFA)?
What does business interruption coverage pay for?
Lost income and extra expenses during downtime
What coverage section handles initial response to a data breach?
Breach / Loss Mitigation
What key difference do you almost always see with social engineering fraud compared to breach response or ransomware?
SEF is going to have a sublimit of 100K or 250K most of the time because it is the most frequent portion of coverage triggered and the easiest for an insured to be subject to.
What type of funds are included when responding to ransomware events?
Data / extortion funds
Doing this regularly to your files and storing them offline or in a secure cloud environment is the best defense against permanent data loss.
What is backing up data?
What type of additional coverage may apply when a third party impacts operations?
Contingent
Name one type of cost included in breach response.
Public relations or notification costs
What is social engineering fraud?
Trickery or deception used to manipulate someone into transferring funds or sensitive information.
Unlike traditional theft or computer hacking where a criminal forces entry into a system, social engineering relies on human error and the exploitation of trust.
Who does the carrier pay in a ransomware claim?
Carrier pays on behalf of the insured
This process involves applying software updates to fix security vulnerabilities before hackers can exploit them.
What is patching / patch management?
Does CBI require a cyberattack at the vendor?
No, it can also be triggered by system failure
What professionals are often involved in breach response?
Legal and technical experts
What does SEF cover the loss of? What have the insured physically/digitally lost? There are 2 items specifically named in the policy.
Daily Double - what is the 3 thing you can endorse on some policies to get covered?
Money and securities.
You can get an enhanced endorsement to extend coverage to property as well.
Besides paying ransom, what other types of expert costs might be covered?
Legal and IT/forensic experts
This method converts readable data into scrambled code that can only be read with a specific decryption key.
What is encryption?
What does contingent business interruption (CBI) coverage apply to?
Loss caused by a third-party/vendor outage
What is the purpose of breach response coverage?
To manage and contain the incident and reduce damage
Social engineering is often sublimited. How can an insured increase the available limit?
Travelers will let you stack limits on SEF if you also purchase a Crime policy with them.
Endorsement or purchasing higher sublimits from the carrier
What broader coverage section does ransomware fall under when grouped with breach-related expenses?
Direct / First Party or Breach / Loss Mitigation
cybersecurity technology designed to continuously monitor and respond to threats
EDR - Endpoint Detection
What other policy component often impacts business loss claims besides limits?
Waiting periods and deductibles
If confidential information is leaked, what is the insured responsible for?
1. Notice of breach
2. Credit/Identity monitoring