Privacy & Cyber Liability Coverage

Message from harry@marist.edu

On 10/26/2011 10:58 AM, Sturm, Neal wrote:

Hi all:

 

At FDU our University Risk Manager is in the process of evaluating and looking into purchasing Cyber Liability coverage. The following is the list of insurers that have submitted quotes to us for such Coverage.  Can you please tell us if you currently have or are considering Cyber liability coverage and if so,  at what limits, and with what insurance carrier; also, if you have had an occurrence, what was your claim experience with your carrier. I am copying Gail Lemaire our University Risk Manager on this email. If you have any specific questions of her, you can contact her directly. 

 

ACE

AXIS

Beazley

Chartis

C.N.A.

We purchased cyber liability insurance about a year ago through our normal insurance agent.  We had quotes from 3 of those firms, ACE, Beazley and Chartis, and at two different levels of coverage.  I don't remember which we actually bought(handled by the CFO's office as part of their normal insurance process), but we did end up with the greater coverage.  One of the benefits we ended up getting that I'm not sure we would have initially required, was access to a crisis response team to help assist in handling such an event.  We have not had a claim so I can't speak to that portion of your question.

/ahw

 

Thank you

 

Neal

 

	Neal M. Sturm
	Vice President & Chief Information Officer Office of Information Resources Technology
	285 Madison Avenue, Madison, NJ 07940 Mail Stop: M-DB2-01 : 973-443-8689 | : 973-443-8886 | : sturm@fdu.edu
"Fairleigh Dickinson University will never                                  ask for your password. Please do not share it with others!"

 

 

 

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.

Message from bauer.rick@gmail.com

some pass-along comments......

Watching these developments quite closely. We (individually as CompTIA, but also in conjunction with IEEE, ISACA, ISC/2, SANS, etc., The Cybersecurity Credentials Collaborative) are in discussions with these and several other large insurance companies, including insurance ratings company A.M.Best, to figure out a discounting regime for organizations who have properly certified IT professionals on board. Some discussion of professional license for IT professionals keeps coming up....not sure where this is headed. Preliminary discussions at this point, but the idea is to provide some discounting for "safe drivers" who have vendor-neutral, ISO-validate credentials that are legally admissible to validate skills in this area of IT practice.

I hope this does not violate the vendor-posting policy on the listserve; I think this ecosystem is still developing, and we are getting pulled into it as well.

Rick Bauer, former academic CIO
Chair, Cybersecurity Credentials Collaborative
Director, CompTIA

In following the responses to various listserv conversations related to Cyber Liability Insurance, our IT security folks have on ly one piece of information to add to the good advice already offered:

The insurance company will provide you with a questionnaire. (You also want to have several conversations with the insurer.)  Please fill out the questionnarie thoroughly and candidly, because the contents of your institution's responses will be vitally important.  You will want to clarify what you are doing to protect your cyber security, AND you will want to be sure to collect information, reports, and documentation on an ongoing basis that demonstrates and proves that you have been consistently executing the policies and procedures you clarified in the questionnaire.  How well you demonstrate your follow through on your policies and procedures will be excellent protection if you end up having some kind of incident.

Thanks,

Verna Lynch

vlynch@berrydunn.com

207-739-9540

www.berrydunn.com/consulting