Cyber & Privacy Coverage: Where losses may arise

Below are examples of where potential losses may arise:

Malicious insider

  • Growing incentive for insiders to abuse access to sensitive data for financial gain
  • Disgruntled current and former employees exploit back doors
  • Access controls and behavior monitoring are insufficient to detect insider threats

Negligent insider

  • Unwary insiders susceptible to attacks that exploit traditional security controls (e.g. spear phishing)
  • Users who fail to embrace "culture of security" will find ways to circumvent "inconvenient" security controls

Criminal hackers

  • Patience is a virtue. Tactics have evolved from "hit and run" to "infiltrate and stay." 
  • Black markets exist for all types of personal information
  • Proliferation of mobile platforms and BYOD policies creates new vectors

Hacktivists

  • Intent is to disrupt and/or embarrass a target
  • Motivations are fickle and unpredictable
  • Massive DDos attack

Cloud or third-party compromise

  • Theft of intellectual property
  • Security compromise -- loss of sensitive client data
  • Infrastructure downtime may lead to Dependent Business Interruption claim

Back to Cyber & Privacy Coverage page.