Beazley Documents

Beazley Cyber
Cyber Resilience

Beazley Cyber: Improving Cyber Resilience

Beazley Cyber Insurance
Improving Cyber Resilience

Beazley outlines their comprehensive cyber resilience offerings for their US clients with Beazley Breach Response (BBR), InfoSec, and MediaTech policies. The program aims to help businesses improve their cyber defenses against the increasing threat of cyberattacks, addressing the growing complexity and high costs associated with cyber claims.

Beazley highlights that the average cost of a data breach caused by phishing is $4.9 million, and 82% of cyber incidents are caused by human error. Beazley has expanded its risk management services to cater to clients at various stages of their cybersecurity journey to combat these issues.

Key Features of Beazley’s Cyber Resilience Offerings:

1. Free Offerings: All eligible clients receive access to:

Risk management portal
Employee training
Vendor discounts
Risk management webinars
Onboarding video
Secure incident response preparation room

2. Tiered Services: Based on premium levels (30K+, 50K+, and 100K+), clients can access additional services:

Onboarding call with Cyber Services (for clients with $35M+ annual revenue)
Incident Response Plan (IRP) review
One risk management offering per policy year

3. Risk Management Options: Clients can choose from various offerings based on their premium level, including:

Microsoft 365 cybersecurity assessment
Ransomware and BEC best practices workshop
IT rationalization assessment
Crisis communications workshop
Phishing-resistant MFA keys
Simulated phishing campaigns
Board of Directors presentation on data security
Incident response workshop with tabletop exercise
Business continuity planning workshop
Ransomware readiness assessment
C-suite/Board training on cyber resiliency

Beazley provides a detailed breakdown of these offerings, including typical costs and the number of users or duration of services included. It emphasizes that these benefits are available at no additional cost to eligible clients.

Beazley’s cyber resilience program offers a comprehensive suite of services designed to help businesses of various sizes improve their cybersecurity posture, reduce risks, and better prepare for potential cyber incidents. The tiered approach allows clients to access increasingly sophisticated tools and training as their premium levels increase, providing a scalable solution for evolving cybersecurity needs.

Close

View Document

Beazley Cyber
Coverage for Risks <$35M

Beazley Cyber: Coverage for Less then $35 Million

View Summary

Beazley Cyber
Cyber Coverage for Risks Under $35 Million

Beazley outlines its cyber coverage offering for risks under $35 million in revenue. The company’s flagship product, Beazley Breach Response (BBR), provides comprehensive cyber insurance coverage with several key features:

Coverage Highlights

Multiple towers of coverage ensure breach response costs don’t erode third-party limits
Comprehensive breach response, first party, liability, and eCrime coverage
Lower breach response retentions than the policy retention
Dependent business interruption coverage is not limited to IT vendors

Innovative Quoting Process

Beazley has partnered with Cytora to digitize their email submission channel, automating the underwriting process for quicker response times.

Claims Expertise and Services

In-house Cyber Services team with IT and legal professionals
Access to a panel of incident response experts
Pre-agreed rates with vendors to save on response costs
Dedicated claims manager as a single point of contact
Interim claims payments when possible

Risk Management and Pre/Post-Breach Services

Access to risk management tools and resources
Pre-breach and post-breach services available through Lodestone Security
Discounts on security vendor services for policyholders

Underwriting Appetite

Beazley focuses on risks under $35 million in revenue, with preferred classes including auto dealers, educational organizations, banking services, and various other sectors. They do not have an appetite for data aggregators, MSSPs, and MSPs.

Underwriting Requirements

For faster service, submissions should include:

Completed Beazley applications
NAICS Code/Industry sector
Currently valued loss runs
Confirmation of key security measures (e.g., MFA, anti-virus software, regular backups)

Path to Insurability

Beazley outlines minimum, additional, and optimal security controls that clients should implement to improve their chances of obtaining cyber coverage. These include endpoint protection, MFA for remote access, security awareness programs, and various network security measures.

Accessibility

Beazley’s cyber coverage is accessible through myBeazley, mShift, and email submissions.

This comprehensive cyber insurance offering combines market-leading coverage with risk management services, claims expertise, and a focus on helping clients improve their cybersecurity posture.

Close

View Document

Beazley Cyber
Catastrophic Cyber Risk

View Summary

Beazley Cyber
Addressing Catastrophic Cyber Risk

Beazley outlines its approach to addressing catastrophic cyber risks in their insurance policies. The company has introduced three new endorsements to manage exposure while maintaining coverage for systemic events:

1. War and Cyber War Exclusion: This replaces the previous war and civil war exclusion, providing clearer definitions of war and cyber war. It excludes threats from computer systems used in modern state conflicts but includes a carve-back for insureds who are victims of cyber-attacks but not physically located in the impacted state.

2. First Party Loss Amendatory Exclusion (Infrastructure): This updates the infrastructure exclusion to address utilities and infrastructure outside the scope of coverage. It defines digital and internet infrastructure and financial market infrastructure that are excluded from coverage.

3. Catastrophic Cyber Event Endorsement: This addresses two high-threshold scenarios: extended outages of major cloud service providers exceeding 72 hours and contagion malware in computer operating systems causing major detrimental impacts to a state’s essential services. For covered first-party losses, a 50% sub-limit of liability applies to stand-alone cyber insureds with revenues under 100M (USD/EUR/GBP).

Beazley specifies which policies are affected by these changes, including primary cyber and MediaTech (E&O) policies. The catastrophic event sublimit endorsement only applies to primary cyber policies for accounts below 100M in revenues.

Key points Beazley addresses:

Compliance with Lloyd’s requirements
Attribution to state actors in the war exclusion
Scope of coverage for Internet service providers (ISPs) and cloud service providers
Definitions of “major detrimental impact” and “essential services”
Distinction between operating systems and applications for the contagion malware event sublimit
Application of the 50% sublimit for cloud service provider outages

Beazley emphasizes that these changes are designed to provide clarity for clients and brokers while managing catastrophic cyber risks. It also notes that “major detrimental impact” thresholds are higher than those seen in significant past cyber incidents like WannaCry or SolarWinds.

This document is a comprehensive guide for understanding Beazley’s updated approach to catastrophic cyber risks in their insurance policies, providing detailed explanations of new exclusions, endorsements, and applications.

Close

View Document

Beazley Cyber
Cyber & Technology Risk 2024

View Summary

Beazley Cyber Insurance
Cyber & Technology Risk 2024

Beazley discusses findings from Beazley’s 2024 Risk & Resilience research on the evolving landscape of global cyber and technology risks organizations face.

Key points include:

1. Generative AI is seen as both an opportunity and a threat, with 27% of businesses concerned about tech obsolescence risk and 25% viewing disruptive technologies as their top risk in 2024.

2. There’s a concerning decline in executives ranking cyber risk as their top concern, dropping from 34% in 2021 to 26% in 2024, despite the increasing sophistication and cost of cyber attacks.

3. Cybercrime is projected to cost companies worldwide $10.5 trillion annually by 2025, up from $3 trillion in 2015.

4. The healthcare sector is particularly vulnerable to cyber attacks due to valuable patient data, outdated technology, and limited cybersecurity budgets.

5. The cyber “kill chain” has become more sophisticated, with hackers specializing in different stages of attacks and using legitimate programs to avoid detection.

6. Cyber criminals are weaponizing AI for deepfake attacks and enhanced phishing schemes, making it harder for employees to verify authenticity.

7. To counter evolving threats, Businesses need to adopt “always-on” security strategies, including managed detection and response (MDR) techniques.

8. The document emphasizes the importance of thorough due diligence on third-party vendors, as supply chains have become a focus for cybercriminals.

9. 24% of surveyed business leaders plan to invest in cybersecurity measures in the coming year.

10. The insurance industry plays a crucial role in helping firms navigate the evolving cyber and tech risk landscape by providing actionable guidance and enhanced resilience strategies.

Beazley underscores the need for businesses to remain vigilant, adapt quickly to new threats, and implement comprehensive cyber defense strategies to protect against increasingly sophisticated cyber attacks in a rapidly changing technological environment.

Close

View Document

Beazley Cyber
Breach Response

View Summary

Beazley Cyber
Breach Response

Beazley Breach Response (BBR) is a comprehensive cyber protection insurance solution designed for businesses operating in an increasingly dangerous digital world. The document highlights the growing risks of cyber breaches, emphasizing that it’s not a matter of “if” but “when” a breach will occur.

Key statistics presented underscore the severity of cyber threats:

917 million personal records breached in the US since 2005
75% of breaches attributable to malware or hacking
50 billion devices expected to be connected to the internet by 2020
66% of malware attacks are installed via malicious email attachments
200,000 computer systems impacted by the WannaCry malware
IoT devices can be compromised in just 2 minutes

BBR offers a 360° approach to cyber risk management, providing insurance coverage and breach response services. The policy includes:

Breach Response

Legal and computer forensic services
Notification services for up to 5 million affected individuals
Call center services
Credit monitoring and identity protection
Public relations and crisis management

First-Party Coverage

Business interruption from security breaches and system failures
Cyber extortion loss
Data recovery costs

Third-Party Coverage

Information security and privacy coverage up to $15 million
Media liability
Regulatory defense and penalties
Payment card liability and costs

eCrime Coverage

Fraudulent instruction
Funds transfer
Telephone fraud

A unique feature of BBR is the dedicated in-house team, BBR Services, which assists policyholders throughout the incident investigation and breach response process. This team coordinates with forensics experts and specialized lawyers to manage the breach effectively and minimize potential damage.

The policy also emphasizes pre-breach and risk management services. Through the beazleybreachsolutions.com portal, policyholders can access resources for incident response planning, employee training, compliance, and security best practices. Additionally, Beazley has established Lodestone, a subsidiary offering cybersecurity services to enhance clients’ cyber defenses.

BBR’s comprehensive approach sets it apart from other cyber insurance solutions. It provides multiple coverage limits, ensuring that breach response costs do not erode third-party limits. The policy is designed to be streamlined and comprehensive, covering organizations seamlessly in the event of a cyber breach.

Beazley Breach Response offers a holistic solution to cyber risks, combining insurance coverage, expert breach response services, and proactive risk management tools to help businesses navigate cyber threats’ complex and evolving landscape.

Close

View Document

Beazley Cyber
InfoSec

View Summary

Beazley Cyber
InfoSec

Beazley InfoSec is a comprehensive cyber protection policy designed to address the evolving landscape of cyber threats businesses face today. The policy recognizes that cyber breaches are inevitable for companies handling customer data, shifting the focus from “if” to “when” a breach will occur.

Key Features

Coverage

Beazley InfoSec offers a wide range of coverage, including:

Breach response costs (legal services, forensics, notification, call center, credit monitoring, and crisis management)
First-party coverage (business interruption, cyber extortion, data recovery)
Third-party coverage (information security and privacy, media liability, regulatory defense)
eCrime coverage (fraudulent instruction, funds transfer, telephone fraud)
Criminal reward

Pre-breach and Risk Management

The policy provides access to:

Beazley Breach Response (BBR) Services: Offers resources for incident response planning, employee training, and security best practices
Lodestone Security LLC: Provides strategic and tactical cybersecurity services at negotiated rates

Comprehensive Protection

Beazley InfoSec is designed to protect businesses against a broad range of cyber threats, including:

Zero-day malware
Ransomware
Spyware
Scareware
Unintended disclosure
Human error risks

The policy addresses cyber risks such as business interruption, cyber extortion, loss of critical operational data, and electronic crime.

Claims Expertise

Beazley’s claims team has extensive experience defending clients against privacy class actions and regulatory investigations arising from cyber breaches.

Availability

Beazley InfoSec is available on an admitted basis in some US jurisdictions through Beazley Insurance Company, Inc., and on a surplus lines basis through licensed surplus lines brokers underwritten by Beazley syndicates at Lloyd’s.

Beazley InfoSec offers a holistic approach to cyber protection, combining comprehensive coverage with pre-breach services and risk management tools. This policy is designed to help businesses navigate the complex and dangerous world of cyber risks, providing support before, during, and after a cyber incident.

Close

View Document

Beazley Cyber
Cyber & Tech Risk

Beazley Cyber: Spotlight on Cyber and Tech 2023

View Summary

Beazley Cyber
Cyber Technology Risk 2024

Beazley discusses findings from Beazley’s 2024 Risk & Resilience research on the evolving landscape of global cyber and technology risks organizations face.

Key points include: