NetDiligence Cyber Risk & Privacy Liability Forum HB Litigation Conferences presents
HB Litigation Conferences presents ® NetDiligence Cyber Risk & Privacy Liability Forum October 8-9, 2014, Le Meridien Delfina, Santa Monica Conference Chairs Anne DeVries, Safehold Special Risk Brad Gow, Endurance Bo Holland, AllClearID Josh Ladeau, Allied World Assurance John Mullen, Lewis Brisbois Bisgaard & Smith Earn CLE or CE Credits* Come early! Tuesday, Oct. 7 @ 5PM Welcome Reception!! * May not apply in all states. Check with HB CLE/CE department and your local bar rules. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 October 7, 2014 * Pre-Conference Reception * 5:00 PM October 8, 2014 * Morning Time Topic 8:30 Welcome and Opening Remarks 8:45 Claims, Claims, Claims: Claims & Loss Updates John Mullen, Lewis Brisbois • • • • Jeremy Gittler, XL Types of claims being covered Examination of costs Claims notice and claims handling NetDiligence Cyber Claims Industry Study Faculty Mark Greisiger, NetDiligence Tom Kang, ACE Jim McQuaid, AIG Kimberly Horn, Beazley 9:45 Break Out Sessions A, B A Cyber Basics • • • • • Overview of network security Basics of privacy liability Terminology e.g. PCI, DSS HITECH, DLP Basic coverage under network security and privacy policies What NOT to do when breached Rob Hammersfahr, HWR Consulting John Wurzler, OneBeacon Kevin Baughn, Safehold Mike Handler, Cozen O’Connor Robert Parisi, Marsh B Advanced Cyber Coverage Joshua Ladeau, AWAC • • • • • • • Florence Levy, JLT Specialty Critical infrastructure, cyber war and terrorism Property damage, bodily injury, network interruption Business interruption Loss ratios What if insurers pull out of market Reputational risk valuation and coverage Impact of any regulation requiring data breach coverage Matt Prevost, ACE USA Susan Shay, Swiss Re Ziad Kubursi, Philadelphia Insurance Laurie Kamaiko, Edwards Wildman 11:15 12:15 State of Litigation: Data Breach & Coverage Litigation Update Timothy Francis, Travelers • • • • • • • • Chandler Givens, Edelson LLC Review & impact of recent court decisions Reducing risk of litigation Finding settlement opportunities Class actions & zip code litigation Proving damages Identifying responsible parties Sophisticated defense strategies Court rulings on the ID Theft Restoration Act Lunch Ronald Raether, Faruki Ireland & Cox Timothy Blood, Blood Hurst & O’Reardon Tanya Forsheit, BakerHostetler Cyber Risk & Privacy Liability Forum * October 8-9, 2014 October 8, 2014 * Afternoon Time Topic Faculty 1:45 The Cloud: Insurance Aggregation, Cloud Contracts & Technology Oli Brew, Liberty International Underwriters • Vinny Sakore, ICSA Labs • • • • Loss aggregation concerns for insurers, e.g. 1 Loss, 1,000 claims Does your contract address data ownership? When cloud providers outsource to third parties Social media risks Vendor risk management Tom Turner, Bitsight Kurt Hagerman, FireHost Winston Krone, Kivu Dawn Simmons, Crum & Foster 2:45 Break Out Sessions A, B A Vendor Contracts Nick Economidis, Beazley Becky Pearson, Wells Fargo David Lewison, AmWins Jim Giszczak, McDonald Hopkins B Small Entity Cyber Liability Brian Thornton, ProWriters • • • • • • Jonathan Fairtlough, Kroll Unique vulnerabilities facing small business Coverage available to this sector Data and system recovery Business income Defense costs Third-party liability Becky Swanson, Markel Jeromy Shrum, AXIS Steven Caponi, Blank Rome LLP Zachary Scheublein, Privacy Professionals 4:15 The Breach Combat Manual – Preparation, Response, Recovery • • • • • • What to expect after a claim is noticed The challenge of no two claims being alike The role of the human element & corporate culture The players – forensics, legal, crisis management & more When you will know the extent of the damage When a breach really ends Bo Holland, AllClear ID Ozzie Fonseca, Experian Bill Hardin, Navigant Larissa Crum, Immersion Jon Neiditz, Kilpatrick Townsend Melanie Dougherty, Inform LLC 5:15 Cocktail Reception Cyber Risk & Privacy Liability Forum * October 8-9, 2014 October 9, 2014 * Morning Time Topic Faculty 8:00 Technology to Mitigate Risk: The Latest From Security Experts Brad Gow, Endurance • • • • Joseph Loomis, CyberSponse Security metrics, requirements and standards Cloud risks and best practices Mobile app risks and best practices BYOD risks and best practices Jag Baines, DOSArrest Liz Townsend, Townsend Security Summer Fowler, Carnegie Mellon University Taiye Lambo, CloudeAssurance, An eFortresses Company 9:00 A Break Out Sessions A, B Cyber Risk: The Canadian Perspective • • • Privacy and network security issues Recent legislative changes and case law Cloud computing in Canada Bobbie Goldie, ACE Professional Risk Patrick Bourk, Integro Alex Cameron, Fasken Martineau DuMoulin Adam Kardash, Osler, Hoskin & Harcourt Adam Briklyn, Professional Risk Underwriters Inc. B 9:45 A Cyber Risk: The London Perspective Sarah Stephens, Aon • • • • Graeme Newman, CFC Chris Cotterell, Safeonline Break Out Sessions A, B HealthCare • • • • • • B Today’s landscape EU Data Protection Regulation Insurability of fines by country The Snowden Effect and Safe Harbour anxiety HIPAA changes Enforcement of HITECH actions HHS Office of Civil Rights enforcement priorities Coverage healthcare entities need and cannot get Contracts – knowing who is responsible and who is passing the buck Unique aspects of underwriting healthcare risks Examining the Payment Card Industry (PCI) Adjudication Process • • • • The merchant’s responsibilities when they are at fault How fines and penalties are determined The risk of liability even for compliant merchants Limitations on a merchant’s financial responsibility Lynn Sessions, Baker Hostetler Michael Ebert, KPMG Amy Stanphill, Eisenhower Medical Center Jeremy Barnett, NAS Insurance Dave Navetta, InfoLaw Group Grayson Lenik, Nuix Marshall Heilman, Mandiant Neeraj Sahni, Willis Mark Schreiber, Edwards Wildman Cyber Risk & Privacy Liability Forum * October 8-9, 2014 October 9, 2014 * Morning Time Topic 10:30 Break 10:45 Big Data & Wrongful Collection • • • • • • • 11:30 Behavioral advertising risks and practices Specific privacy liability risks Data quality risks Regulations that increase exposure Industries most affected International information sharing risks Using Big Data to mitigate cyber risk Anatomy of a Data Breach from the Attorney General Perspective • • • • Notice requirements: Are regulators and companies on the same page? Whether and how regulators assist companies with breach response What do regulators want from companies during investigations? What can investigated companies expect? Faculty Lincoln Bandlow, Lathrop and Gage Dominque Shelton, Alston & Bird Christina Tusan, FTC Emily Tabatabai, Orrick, Herrington & Sutcliffe Alfred Saikali, Shook, Hardy & Bacon Moderator Patrice Malloy, Office of the Attorney General, Florida Ryan Kriger, Office of the Attorney General, Vermont TiTi Nyguen, Office of the Attorney General, California Lyman “Chuck” Taylor III, Office of the Attorney General, Indiana Kim D’Arruda, Office of the Attorney General, North Carolina 12:30 Adjourn REGISTER TODAY! CALL 484.324.2755 x212 or visit http://litigationconferences.com/netdiligence-cyberprivacy-forum-west/ Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors Specialization is at the core of our strategy, culture, values. Each of our specialty teams is led and staffed by experienced professionals with significant expertise in the class or line of business they service. By thoroughly understanding our clients’ business needs, we provide them with insights and targeted, sustainable solutions. We build loyalty through responsive and consistently highquality underwriting, actuarial, legal and claims services, and work with clients to manage their exposures. Our prudent capital and financial management approach provides greater stability over the long term and ample liquidity to satisfy our obligations to our clients, ratings agencies, investors and other stakeholders. With leading-edge capabilities in modeling and analytics and an industry-recognized risk management approach, Endurance’s focus on specialization enables us to more accurately evaluate and price complex risks – delivering better insight and value to our clients. Is it possible to weather the storm of a data breach while maintaining brand integrity and customer loyalty? It is. You just need an experienced data breach resolution provider to help. Experian Data Breach Resolution has managed thousands of data breaches. We’ve handled highprofile incidents for many Fortune 500 companies, government agencies, mid-size businesses, healthcare firms, universities and other organizations. Immersion is rapidly becoming a recognized leader in the cyber insurance and privacy communities for providing high-quality and cost-effective data breach response services – printing, mailing and call center. Our team includes credentialed privacy professionals who understand the legal ramifications and intricacies surrounding a data breach. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors XL Group provides cyber insurance to protect businesses from computer network and data risks. With a highly skilled underwriting team, XL customizes both first and third party coverage, including business interruption, privacy notification, credit monitoring and crisis management expenses, and offers breach response and pre breach solutions to companies across all industries. XL Group plc’s insurance companies offer property, casualty, professional and specialty insurance products globally Whether it is a dependence on mobile devices or sophisticated networks that connect corporations around the world, technology is a significant part of everyone’s life. This makes protecting sensitive information an issue for every organization. ACE recognizes that a compromise of data can bring irreparable damage to any organization’s reputation, business and balance sheet. We understand these risks and have developed a comprehensive risk management insurance program for privacy and network security risks. A breach of confidential employee data, medical data, customer information (such as credit card data) or confidential client information can be catastrophic. AXIS PRO® PrivaSure™ is specifically designed to protect businesses from the cost of claims and other loss resulting from a breach in data security. AXIS PRO® PrivaSure™ Breach Response is designed to protect an enterprise from the costs of lawsuits and other expenses resulting from a breach of data security. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors AllClear ID is the price, service, and product leader in the data breach response industry. We partner with cyber insurers and attorneys to provide unique solutions that save money and effectively cover data breach events. Our innovative, proactive approach to breach response offers significant cost savings compared to a standard response, while providing better protection to victims. AllClear ID is known for our excellent customer service, patented technology, and innovative identity protection services. Corona Underwriters’ various office locations and individual brokers are available to provide the expertise you need when looking for a particular solution to a client’s risk. Whether you need information on environmental coverages, healthcare needs, property risks, professional liability solutions, transportation risks or any other type of coverage, our experts can help. Not sure where to start? You can peruse the products listed below, or find an office near you. Know a broker you would like to work with? Select our Brokers tab, add the last name to the search engine and we’ll tell you how to contact that broker. Beazley’s Information Security and Privacy Insurance provides a variety of industry-leading coverages for emerging data security and privacy exposures facing companies today. Privacy Liability: Coverage for theft of personally identifiable non-public information in computer data and hard copy form and liability arising from failure to comply with state breach-notice laws; and Coverage for failure to comply with the insured’s privacy policies. Computer Information Security: Third party coverage in response to unauthorized access, theft of or destruction of data, denial of service attacks and virus transmission involving the insured’s computer systems resulting from computer security breaches. Plus: Electronic Media Liability coverage and first-party coverage for losses from network security breaches. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors Our team includes ACFE, CISSP, CIPP, and CHPC-certified subject matter experts who are passionate about and experienced in creating positive outcomes for our clients. We study HIPAA/HITECH compliance and security; we know data forensics and work with cyber insurance policies. ID Experts was born out of a passion for privacy, and a desire to create a better experience for data breach victims. We’re proud of our 100% success rate in restoring the identities of victims to pre-theft status. As active advocates for and contributors to legislation that improves the privacy of Americans, we have participated in the Health Information Technology for Economic and Clinical Health (HITECH) Act, helped develop the ID Theft Victims’ Bill of Rights, and served as a founding board member of the Patient Privacy Network (PPN) and the Medical Identity Fraud Alliance (MIFA). In today’s environment, a data breach is the perfect storm. It destroys customer loyalty, ruins corporate reputations, absorbs employee time and scarce resources, and opens the door to regulatory actions and law suits. In the face of constant external and internal threats, only careful planning and an aggressive response can prevent an incident from turning into a corporate disaster. Kivu Consulting’s professionals work with organizations to effectively prevent or mitigate data breaches. Our teams combine expertise in incident response, unparalleled organizational skills, and legal knowledge of the compliance issues. As an investigative firm, our experts evaluate the human behavior that lead to a breach, and use traditional investigative methods including witness interviews, research, and liaising with law enforcement. We have investigated and acted upon data breaches in hospitals, universities, financial institutions, and publicly traded companies throughout the United States. Our team members are certified experts in incident response and computer forensics including GIAC GCIH, CISA, CISSP, and EnCE. We are experienced in all current and legacy server operating systems including Windows NT/ 2000/ 2003/ 2008, Solaris, Red Hat/ Debian/ SUSE Linux, Novell Netware, Cisco IOS, and Mac OS Server. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors Faruki Ireland & Cox P.L.L. is an experienced, national complex business litigation trial practice. The pace of business and personal interactions in the 21st Century is extraordinary. Technology and information combine to create, expand and enhance opportunities and relationships for our current and future clients every moment. In this complicated business environment, FI&C provides clients with innovative thinking, good judgment and hard work, to assist in resolving disputes large and small, near and far. Attention to detail and understanding that clients demand responsiveness, reliability, candor and cost effectiveness are leading contributors to the successful results we achieve for clients. Now a Verisk Analytics Company, ISO has been a leading source of information about property/casualty insurance risk since 1971. For a broad spectrum of commercial and personal lines of insurance, we provide: statistical, actuarial, underwriting, and claims information, policy language, information about specific locations, fraud-identification tools and technical services. To serve our clients, we draw upon our vast experience in data management and our expertise in predictive modeling. We analyze data and present information in formats our customers can use. And we develop practical tools that integrate into our customers’ workflow.In the United States and around the world, our products help customers protect people, property, and financial assets. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors Lewis Brisbois’ Privacy & Data Breach Practice exists to help clients answer the question, what do we do when a privacy or data breach is suspected or known to have occurred? We provide legal services designed to assist clients navigate the complex patchwork of federal, state and foreign law, including disclosure and notification requirements, while working closely with a client’s management team, the client’s in-house and outside cyber-security experts, law enforcement and government regulators. When necessary, we are well equipped to defend litigation, including multi-district national consumer class action litigation. Where appropriate we also appreciate the need to work with crisis management consultants to accomplish accurate and timely public reporting to assure customers and investors Hiscox is a leading specialist insurer with roots dating back to 1901. For more than 40 years, Hiscox has provided insurance to US businesses through Lloyd’s of London, and since 2006, we have expanded our local presence in the US and have staff in five regional offices. Our diverse portfolio includes executive risk, professional liability, property and specialty insurance products, like Terrorism and Kidnap & Ransom. We are not hampered by convention. Our underwriting and claims teams provide flexible solutions designed to meet the needs of our insureds. At Hiscox we seek to provide the best protection and peace of mind for our insureds. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors American International Group, Inc. (AIG) is a leading international insurance organization serving customers in more than 130 countries. AIG companies serve commercial, institutional, and individual customers through one of the most extensive worldwide property-casualty networks of any insurer. In addition, AIG companies are leading providers of life insurance and retirement services in the United States. AIG common stock is listed on the New York Stock Exchange and the Tokyo Stock Exchange. Additional information about AIG can be found at www.aig.com | YouTube: www.youtube.com/aig | Twitter: @AIG_LatestNews | LinkedIn: http://www.linkedin.com/company/aig Travelers CyberRisk Coverage is available for organizations of all sizes, from small businesses to Fortune 500 companies, including nonprofit organizations. Offered as a standalone policy or as part of a comprehensive suite of other management liability coverages, CyberRisk provides a combination of coverage options to help protect your business. Including access to the Travelers eRisk Hub® powered by NetDiligence® - an information portal which includes reference material, news updates and other tools that may be helpful in avoiding a breach. Data breaches pose a serious risk for identity theft, corporate reputation and monetary damage. Epiq Systems provides unmatched expertise in responding to data breach settlements. Solutions include precision mailing, dedicated contact centers, and identity and credit monitoring with the ultimate goal of identity theft victim restoration resulting in no individual damages. Where a data breach results in a negotiated settlement, we work with clients to develop legal notice plans, facilitate claims review and processing, and ensure class members receive appropriate remedies. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors Edwards Wildman is an AmLaw 100 firm with 16 offices in the U.S., Europe and Asia. Our Privacy & Data Protection Group is an inter-disciplinary team of lawyers assembled to address, on a practical basis, local, national and multi-national matters related to data breaches, and privacy and data protection obligations. Our practice — and several members of our group individually — were recognized in the 2013 U.S. Legal 500 under the Media, Technology and Telecom: Data Protection and Privacy category. Our combined experience allows us to provide advice that takes into account the standards and practices of the industries in which our clients operate, as well as laws and regulations of countries on a world-wide basis. Additionally, we advise clients on the implications of cyber-attacks resulting in denial of service and breaches of confidential information other than personal information. BakerHostetler, one of the nation’s largest law firms with 14 offices coast to coast and nearly 900 lawyers, represents clients around the globe. The firm features one of the nation's largest practices in the area of data privacy and information security and is ranked with "considerable praise" in the 2013 edition of Chambers USA: America's Leading Lawyers in Business. The BakerHostetler team was identified by Chambers as being “Recommended for Client Service” and “Recommended for Commercial Awareness.” Our Team has helped clients recover from and minimize the impact of more than 600 data security incidents, including over 175 responses in the past year alone. BitSight is transforming the way organizations manage cyber risk. By following the outside-in model employed by consumer credit rating agencies, BitSight provides empirical, data-driven ratings that help insurers better understand cyber risks. BitSight Security Ratings for Cyber Insurance enables carriers, brokers and risk managers to seamlessly identify and measure the risk associated with underwriting cyber liability and monitoring the security posture of insureds. This automated service analyzes, rates, and monitors security performance, all from outside the company. With BitSight Security Ratings, insurers, brokers and risk managers can make better, faster risk decisions. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors Safehold Special Risk, Inc. is a program administrator that specializes in providing customized coverage for a wide range of businesses. We have experienced professionals in a multitude of niche markets offering a diverse set of products. Through our specialty groups and divisions, Safehold offers customized insurance programs, underwriting, systems and service from professionals with experience in each unique area. Our Digital Risk division and program team specializes in providing comprehensive coverage and risk management solutions designed to mitigate risk and minimize financial loss caused by a network security or data breach event. Through our flagship products, the WebNet Protection® and WebNet SB® policies, we offer broad, modular first and third party coverage to address these evolving risks. We also partner with firms from around the country to bring first class pre- breach risk management and post-breach response services to our insureds. At Safehold Special Risk, we pride ourselves on best-in-class coverage and exceptional service. Kroll has been specializing in investigative and security services and risk mitigation counseling since 1972. Today Kroll is a global cyber first responder, having provided data breach response services to over 100 million impacted individuals, with over 30 million members enrolled in our restoration programs. McGladrey LLP is the leading U.S. provider of assurance, tax and consulting services focused on the middle market, with more than 6,700 people in 75 cities nationwide. McGladrey’s experienced Security and Privacy consulting team specializes in a number of areas including IT security testing, incident response, data breach/privacy incidents, risk assessments, and digital forensic investigations. McGladrey uses its deep understanding of the needs and aspirations of clients to help them succeed. For more information visit us at www.mcgladrey.com, like us on Facebook at McGladrey News, follow us on Twitter @McGladreyRisk and/or connect with us on LinkedIn. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors Safehold Special Risk, Inc. is a program administrator that specializes in providing customized coverage for a wide range of businesses. We have experienced professionals in a multitude of niche markets offering a diverse set of products. Through our specialty groups and divisions, Safehold offers customized insurance programs, underwriting, systems and service from professionals with experience in each unique area. Our Digital Risk division and program team specializes in providing comprehensive coverage and risk management solutions designed to mitigate risk and minimize financial loss caused by a network security or data breach event. Through our flagship products, the WebNet Protection® and WebNet SB® policies, we offer broad, modular first and third party coverage to address these evolving risks. We also partner with firms from around the country to bring first class pre- breach risk management and post-breach response services to our insureds. At Safehold Special Risk, we pride ourselves on best-in-class coverage and exceptional service. Even with the best of controls, you can’t always prevent a breach from occurring, but you can be prepared with Allied World’s Privacy//403 SRVSSM. This comprehensive product offers coverage for liability and expenses associated with the compromise of sensitive information and information systems, in the event of a data breach. Our Specified Response Vendor Solution policy form provides clients with flexible coverage options and turnkey data breach response services from top industry vendors. Learn more at http://www.alliedworldinsurance.com/privacy403/. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors CloudeAssurance SaaS platform is the industry’s first truly risk- intelligent rating, continuous education and continuous monitoring system assuring cloud service provider’s cloud security and governance, risk and compliance. CloudeAssurance is the sponsor of the quarterly independent study titled “Cloud Security Benchmark: Top 10 Cloud Service Providers”. This research data is leveraged by NetDiligence in their Cyber Risk Assessment reports delivered to Insurance underwriters and companies that are seeking Cyber Risk & Privacy Liability Insurance coverage. CloudeAssurance protects customers by measuring and assuring cloud service providers’ ability to securely deliver cloud services in accordance with industry cloud best practices, standards and regulatory compliance. Customers can know which cloud providers have the best cloud assurance score and history, a measure of cloud trust they can depend on. This platform enables safe and secure adoption of Cloud Computing! Sign up today for our 30-day free trial and download our quarterly independent study at www.CloudeAssurance.com. Navigant is a specialized global expert services firm that helps impact their clients’ ability create and protect value in the face of critical business risks and opportunities. Navigant’s Global Data Privacy & Incident Response Practice brings decades of experience in data management, data analysis and data mining in a wide variety of investigations, industries, and litigation matters. Their expert extends to data incident response, privacy regulations enterprise risk management, data needs assessments, systems functionality analysis. Our attorneys recognize that a comprehensive approach to data privacy and cybersecurity is the most effective means to avoid data breach and is the best way to be prepared to respond to a breach if necessary. From data security planning and knowledge of regulations, to appropriate response to data security breaches, we provide effective and cost-efficient legal solutions. Cyber Risk & Privacy Liability Forum * October 8-9, 2014 Sponsors InfoLawGroup concentrates on legal issues concerning privacy, data security, traditional and emerging media, consumer protection matters, information technology, e-commerce and intellectual property. InfoLawGroup attorneys are seasoned practitioners with experience as “BigLaw” lawyers, smaller practitioners with clearly defined expertise and reputation in the field, and former in-house lawyers. These experienced lawyers enable the firm to offer clients greatly increased efficiency in providing legal services. The firm addresses a broad spectrum of legal matters, including transactions and e-commerce, compliance, enforcement, breach notice and incident response and litigation.
© Copyright 2024