|
Market Update
|
Cyber Risks - International
Printable Version
|
We continue to see new and expanded coverages for technology errors and
omissions, media liability, data protection (security and privacy), and intellectual
property. There are a number of risks associated with technology, outsourcing,
and data protection. These include:
Data Breach Reputation Harm
There is a potential large direct loss caused by adverse publicity after an
announcement of a major data breach. On August 5, there was the worldwide
major announcement regarding arrests of a criminal ring allegedly responsible
for a massive credit card fraud case involving U.K. and U.S. retailers.
Numerous surveys and actual breaches show that companies that face adverse
publicity from major data breaches often face a loss of revenue and profits and
an increase in expenses because consumers become fearful about the security of
their credit card information.
Identity theft has been the fastest growing crime in the U.S. for the past
three years, according to the Federal Trade Commission (www.ftc.gov). In
2007, identity theft was once again the number one consumer complaint in
America. At least 8.3 million personal and financial records of consumers were
potentially compromised by data spills or breaches at businesses, universities, and
government agencies in the first quarter of 2008 alone, according to statistics
from the Identity Theft Resource Center.
A Gartner study in February 2008 revealed that nearly half of adults said their concerns about identity theft and data breaches
affected their Online behavior.
When a data breach is followed by adverse media attention, the Data Breach Reputation Harm coverage will reimburse the
named insured for reputation harm, specifically the loss of net profit and additional expenditures incurred during the defined
period of indemnity.
Offshoring Protection
The second major new coverage element addresses nonperformance risks associated with outsourcing and off-shoring.
Critical business functions, such as call centres and financial processing, and information technology functions, such as
network management and programming, are increasingly performed by independent contractors, typically to reduce expenses
and improve efficiency. India is by far the favorite domicile of business process outsourcing work.
Business Process Outsourcing represents a $140 billion market, expected to grow 7 to 10 percent annually during the next
five years. Under outsourcing contracts, the vendor seeks to limit its exposure to liquidated damages, service penalties, and
termination costs through a force majeure clause.
In effect, causes of nonperformance beyond the control of the vendor, such as political or credit risk, are excluded from
financial penalties. What if the vendor is unable to fulfil the contract due to political violence, forced divestiture, licence
cancellation, terrorism, and other causes? In that event, the client would be forced to abandon the contract and seek to
resource that service with another vendor or perhaps bring it back in-house.
In outsourcing, the employees and facilities may have been dispensed and there could be considerable costs in resumption
internally or in finding another appropriate vendor.
Converging Risks and IP
There are expanded wordings available that combine professional liability (media, tech, miscellaneous services, or telecom)
with data protection (security and privacy liability), multi-media, and intellectual property infringement (excluding patent).
The data protection policies have been expanded to include much higher limits for notification costs and crisis management
expenses which are the expensive front end of security breach incidents today.
|
|
|
Please contact your Lockton Representative for further information regarding any information contained in this
market update.
|
|
|
|
|