Marsh’s Cyber/Privacy Practice is focused on keeping abreast of the evolving landscape of network security and privacy risk, and advises clients on a variety of risk management and insurance solutions.
While the benefits of utilizing e-business strategies and Internet-based technologies are numerous, so are the risks. The internet and other networked operations have created exposures that were unheard of a decade ago. In addition, the wave of privacy related regulation has created an entirely new area of risk, untethered from technology; risk based solely upon the potential mishandling of confidential information.
Traditional insurance policies do not typically address cyber risks in an effective way and, in fact, internet and network exposures are increasingly subject to exclusion from these policies. Marsh’s Cyber Practice offers risk management and insurance solutions to address the complex and evolving risks that companies across all industries face in protecting information and network security. The practice developed a four step process that is designed to help a client gain a better understanding of the specific risks associated with utilizing technology and information, which includes the following components:
- Qualitative self-assessment
- Dynamic risk mapping
- Traditional benchmarking and privacy event modeling
- Coverage gap analysis
This process provides a more comprehensive appreciation of various cyber risks so that organizations can make an informed decision in determining a solution. The process also creates a virtual yardstick against which an organization can measure the efficacy of cyber insurance proposals relative to the frequency and financial severity of the risks.
Cyber and privacy risk insurance provides financial protections for information and technology related risks. “Information risks” extend beyond the risks associated with internet communications or e-commerce transactions. Losses, often arising from lost client data or unauthorized access or use of computer systems, cross every industry and every business that uses computers to communicate/ transact business.
Coverages are available for direct loss, including: loss of electronic data, business interruption and extra expenses from technology failure/system outage, liability coverage for defense expenses and damages stemming from claims. Coverage also responds to out of pocket expenses incurred by an insured to comply with privacy regulations, as well as defending the insured in a regulatory action involving a violation of a privacy regulation.