Despite a company's best efforts to protect its employees’ and customers’ personally identifiable information, this data can be compromised, leaving the company potentially liable for failure to protect that private data.

Even if a data breach is not confirmed but only suspected, the company could be subject to federal and state privacy and notification laws. In response, we offer tools and services to help mitigate this risk and loss on a pre- and post-breach basis; support that could be invaluable at the time of loss.

  • Information risk liability – includes coverage for corporate and personal confidential and proprietary information of others in your care, custody and control, and coverage for acts of a rogue employee without corporate officer knowledge.
  • Privacy administrative proceeding – includes defense expenses and privacy administrative or regulatory fines and consumer redress liability.
First-party coverages for cyber-related events:
  • Breach consultation services – pre-breach response consultation services. In the event of a data breach, these consultative services will be provided by our designated vendor, tailored to your specific circumstances.
  • Incident management services – Specialized response services that can include:
    • Data breach expense – helps you manage a breach with expense such as attorney fees for notification compliance and the costs of a public relations firm that may assist you in mitigating any material damage to your reputation.
    • Information risk expense – our designated service provider will assist with credit monitoring and call-center services, when recommended, in the event of a data breach.
    • Notification expense – costs for printing and mailing notifications to those affected by a data breach. Our designated vendor will work with you directly to help craft notification letters and to manage the overall process.
  • Information restoration expense – reasonable expenses to replace or recreate data.
  • Hardware replacement expense – reasonable costs for replacement of computer hardware due to seizure or destruction by civil authority after an information risk incident.
  • Extortion payments and rewards – provides payment for a ransom demand for the taking of money or other property information risk incident.
  • Forensic expense – reasonable expenses for forensic analysis of an information risk incident.
Appetite

Current OneBeacon policyholders or prospects may be eligible and should consult with their independent agent or broker for details.

Whitepaper

Information Risks & Risk Management

Check out this whitepaper written by John Wurzler and published on the SANS Institute InfoSec Reading Room! The paper covers the various exposures that companies now face as they increasingly rely on twenty-first century technology.

Whitepaper

Encryption/Cryptography

The need for secrets and privacy is ever-present in today’s digital environment. To facilitate these protections, a wide variety of encryption and cryptographic systems are in use.

Whitepaper

Data Privacy

Personally Identifiable Information (PII) is so prevalent in our everyday lives that it is difficult not to somehow expose this information to the scrutiny of companies, organizations, or other individuals. Whether it’s making a cell phone call, logging on to the internet, using an ATM or even throwing an old credit card bill into the garbage, there are a myriad of ways in which data can be exposed.