Travelers Video Library
![Travelers Cyber: Video - Uncover Cyber Risks](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-uncover-cyber-risks-play-button-1.png)
Travelers Cyber Insurance
Travelers Cyber Insurance, also known as CyberRisk Insurance, is a comprehensive solution designed to protect businesses of all sizes from the growing threat of cyber-attacks and data breaches. This insurance coverage offers protection before, during, and after a cyber event, addressing a wide range of potential risks, including forensic investigations, litigation expenses, regulatory defense expenses and fines, crisis management expenses, business interruption, cyber extortion, and betterment. Travelers CyberRisk policies can be customized to fit the specific needs of various industries, from small local businesses to Fortune 500 companies, including financial institutions, nonprofits, and public entities.
In addition to financial protection, Travelers provides CyberRisk policyholders access to valuable pre-breach and post-breach risk management services at no additional cost. These services include access to cyber security experts through the HCL Technologies Cybersecurity Coach helpline, pre-breach services to help organizations achieve a higher level of cybersecurity, and access to the Travelers eRiskHub® powered by NetDiligence®. Policyholders also benefit from worldwide coverage, distinct insuring agreements with flexible limits and retentions, and extended reporting periods. With cyber threats constantly evolving, Travelers Cyber Insurance aims to provide comprehensive protection and support to help businesses prevent, respond to, and recover from cyber incidents.
![Travelers Cyber: Video - Five Cyber Readiness Practices](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-five-cyber-readiness-practices-play-button.png)
Cyber Readiness Practices
Travelers cyber experts have identified five key practices for enhancing cyber readiness in organizations. These practices include implementing Multifactor Authentication to prevent unauthorized access, regularly updating systems to address vulnerabilities, deploying Endpoint Detection and Response (EDR) technology to identify suspicious activity early, developing an Incident Response (IR) plan for coordinated action during attacks, and consistently backing up data in secure, diverse locations.
![Travelers Cyber: Video - Multi-Factor Authentication](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-multi-factor-authentication-play-button.png)
Multi-Factor Authentication
Multi-Factor Authentication (MFA) is a crucial security measure for organizations, employing two or more authentication factors to verify user identity before granting access. These factors can include something you know (like a password), something you have (such as a smart card or authenticator app), or something you are (like a biometric marker). MFA significantly enhances security by adding an extra layer of protection, making it much more difficult for cyber criminals to access business systems.
![Travelers Cyber: Video - Uncover Cyber Risks](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-uncover-cyber-risks-play-button-1.png)
Cyber Risk Coverage
Cyber threats pose significant risks to businesses of all sizes in today’s digital landscape. As cyber criminals become more sophisticated, the frequency and cost of data breaches continue to rise, with average costs reaching millions of dollars. Even simple actions like a stolen laptop or an unwary employee opening a malicious email attachment can lead to devastating consequences, including ransomware attacks, data encryption, and financial losses. Travelers emphasizes the importance of having proper CyberRisk Coverage and working with an insurance company that understands and can help mitigate these evolving threats.
![Travelers Cyber: Video - Inside a Business Email Hack](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-inside-a-business-email-hack-play-button.png)
Business Email Hack
Business email compromise is a significant cybersecurity threat that can cost companies billions of dollars. This social engineering fraud involves hackers gaining access to business email accounts and posing as legitimate employees to trick colleagues into transferring money to fraudulent accounts. Businesses should implement comprehensive security measures, including employee training programs recognizing social engineering tactics like phishing. Additional safeguards such as MFA for email and remote access, dual authorization for financial transactions, and up-to-date social media policies are also crucial.
![Travelers Cyber: Video - What is Cyber Extortion](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-cyber-extortion-play-button.png)
Cyber Extortion
Travelers discusses the emergence of ransomware as a significant cybersecurity threat for small and medium-sized businesses. It explains that ransomware, which was not a major concern just a few years ago, has become one of the most prominent cyber exposures today. The software encrypts data, making it inaccessible to users until they obtain an encryption key. Travelers also mentions that ransomware attackers typically demand payment in Bitcoin, a cryptocurrency that is difficult to trace.
![Travelers Cyber: Video - Cyber Readiness; Prevention Response](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-cyber-readiness-prevention-response-play-button.png)
Cyber Prevention & Response
Travelers emphasizes the distinction between cyber prevention and recovery strategies. For prevention, it stresses the importance of fostering a corporate culture that understands potential threats and promotes good cyber habits throughout the organization. The key is for each individual to comprehend their role in preventing cyber incidents. On the other hand, recovery is presented as a separate challenge that requires thorough preparation. Travelers suggests rehearsing recovery plans by simulating cyberattack scenarios, allowing teams to think through consequences and develop appropriate responses.
![Travelers Cyber: Video - Cybersecurity Response Plan](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-cybersecurity-response-plan-play-button.png)
Cyber Response Plan
Travelers emphasizes the importance of having a cybersecurity response plan in place before a breach occurs. This proactive approach allows organizations to predetermine their response team, including breach coaches and forensics vendors, and establish how they will coordinate their efforts. By doing so, companies can significantly reduce the critical response time within the first 48 hours after discovering an incident.
![Coalition Cyber Insurance: Are Small IT Teams Under Too Much Pressure?](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-cybersecurity-risk-play-button.png)
Cyber Risk
Travelers discusses the nature of cyberattacks and how they target businesses. Rather than focusing on company size, the speaker emphasizes that cyberattacks are more industry-specific and are based on the type of information a company possesses, whether it’s their own data or customer-related information. The vulnerability of a company, as perceived by cybercriminals, also plays a crucial role in determining potential targets.
![Travelers Cyber: Video - Cybersecurity Risks for Business](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-cybersecurity-risks-for-business-play-button.png)
Cybersecurity & IoT
Travelers discusses the growing concern of cybersecurity risks associated with the Internet of Things (IoT). It highlights that many people are just beginning to consider or are not yet aware of the security vulnerabilities of numerous connected devices. These devices, ranging from smart home appliances to wearables and televisions, are all connected to the internet in some way. Travelers emphasizes that these IoT devices can serve as potential entry points into a network and may be used to extract data from executives, employees, customers, and clients.
![Travelers Cyber: Video - How to Insure Cyber Threats](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-how-to-insure-cyber-threats-play-button.png)
How to Insure Cyber Threats
Travelers discusses the importance of cyber coverage for technology companies of all sizes. They emphasize that every tech company handles third-party data, which can lead to significant liability if compromised. The implications of a cyber event are far-reaching, including the need for investigation, data retrieval, customer notifications, potential lawsuits, and reputational damage. The experts stress that small companies are equally vulnerable to cyber threats as larger ones and that protection needs to be tailored to each company’s specific requirements.
![Travelers Cyber: Video - Insurance Carriers and Cybersecurity Education](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-insurance-carriers-and-cybersecurity-education-play-button.png)
Carriers & Cyber Education
Travelers highlights insurance companies’ crucial role in addressing business cybersecurity risks. Insurance providers help organizations of all sizes understand and assess the nature of cyber threats, assist in preparing and valuing the associated risks, and work alongside independent agents and brokers to develop mitigation strategies. Travelers emphasizes that businesses often overestimate their insurance coverage for cyber attacks while underestimating their actual exposure to these risks.
![Travelers Cyber: Video - Misperceptions About Cyber Risk](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-misperceptions-about-cyber-risk-play-button.png)
Small Business Cyber Risk
Travelers highlights two common misconceptions about cyber risk among small businesses. Firstly, many small business owners believe that cyber threats primarily affect large corporations, not realizing they are also vulnerable. Secondly, these businesses often assume they are adequately prepared to handle a cyber breach if one were to occur. However, both of these perceptions are incorrect. Statistics reveal that over 50% of cyber breaches target small businesses, and many are ill-equipped to deal with a significant cyber attack.
![Travelers Cyber: Video - How Organizations Respond to a Cyber Incident](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-responding-to-a-cyber-incident-play-button.png)
Cyber Incident Response
Travelers describes the critical importance of having a well-prepared plan for responding to cyber incidents. It emphasizes that the first 72 hours after a breach is discovered can be extremely disorienting for companies, likening it to a “fog of war” situation. Organizations are advised to develop a comprehensive plan in advance to navigate this challenging period effectively, involving key internal stakeholders from various departments such as Human Resources, Legal, IT, and Communications. The plan should be tested to ensure the organization is comfortable with its implementation.
![Travelers Cyber: Video - Role of a Cyber Security Breach Coach](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-role-of-a-cyber-breach-coach-play-button.png)
Role of a Breach Coach
A cyber breach coach is crucial to an organization’s cybersecurity preparedness and response strategy. Organizations should engage a cyber breach coach before experiencing a cyber event. The coach’s responsibilities include helping the organization identify potential risks to its information systems and data. They also assist in mapping out where data is stored and collected, determining who has access to it, and developing a plan of action in case of a cyber event.
![Travelers Cyber: Video - Steps for Businesses Post Cyber Attack](https://aragonway.com/wp-content/uploads/2024/10/travelers-cyber-video-steps-for-businesses-post-cyber-attack-play-button.png)
Post Cyber Attack
Travelers describes the importance of internal communication and swift action in the event of a cyber attack on a business. It emphasizes that companies should have a system in place to ensure that when an incident occurs, even at lower levels of the organization, the information quickly reaches those responsible for managing such situations. Travelers stresses the critical nature of timely reporting, pointing out that a delay of even a week can be detrimental.
Cyber Insurance: Because Prevention Doesn’t Always Work
Learn More about Travelers Coverage & Pricing
No Spam. Promise!
Travelers
Cybersecurity Factsheet
Travelers Cyber
Prepare, Prevent, Mitigate, Restore
Travelers Institute presents the “Cyber: Prepare, Prevent, Mitigate, Restore” initiative, which aims to educate organizations about cybersecurity threats and best practices. This educational program is designed to empower businesses of all sizes to tackle evolving cyber threats through a series of free cybersecurity symposia.
Threat Landscape: The initiative addresses common cyber threats and vulnerabilities, including:
- Ransomware
- Social engineering
- Hacktivists
- Denial of service attacks
- Threats from employees and vendors
National Symposium Series: The Travelers Institute hosts free cybersecurity symposia for leaders of small and mid-sized businesses and organizations through public-private partnerships.
Expert Insights
The document features quotes from industry experts highlighting various aspects of cybersecurity:
1. Threat Landscape: Tim Francis from Travelers notes increased sophisticated social engineering fraud.
2. Preparation: Bill Detwiler of TechRepublic emphasizes the importance of securing all devices connected to a network, particularly with the rise of the Internet of Things.
3. Prevention: Jason Ritchie from the Federal Reserve Bank of Dallas recommends implementing multifactor authentication for online banking security.
4. Mitigation: Sian Schafle of Lewis Brisbois Bisgaard & Smith LLP stresses the importance of having a breach coach to navigate complex breach situations.
5. Restoration: Brett Leatherman from the FBI highlights the value of early engagement with law enforcement during cybersecurity incidents.
About the Travelers Institute
Travelers established the Travelers Institute to participate in public policy dialogue on matters relevant to the property and casualty insurance sector and the broader financial industry. The institute leverages industry expertise from Travelers’ senior management and risk professionals to provide information and recommendations to policymakers and regulators.
The initiative underscores the critical role of education in cybersecurity mitigation, as emphasized by Alan Schnitzer, Chairman and CEO of Travelers. It aims to raise awareness about evolving cybersecurity risks and provide businesses with the knowledge to protect themselves in an increasingly connected digital landscape.
Travelers
Cybersecurity Guide
Travelers Cyber
Cybersecurity Guide
Travelers Cybersecurity Guide is a comprehensive cybersecurity guide produced by the Travelers Institute, aimed at empowering organizations to tackle evolving cyber threats. The guide is structured around four key phases: Prepare, Prevent, Mitigate, and Restore.
In the Prepare phase, the guide emphasizes the importance of knowing your data, systems, and network. It recommends focusing cybersecurity efforts on critical assets, validating backup strategies, and planning for incident response. The guide stresses the need for organizations to maintain inventories of their systems, software, and network infrastructure.
The Prevent phase focuses on strengthening access controls, promptly patching known vulnerabilities, educating employees about cyber risks, and adopting security-conscious policies and procedures. The guide highlights the least privilege principle and vendor management’s importance in cybersecurity.
For the Mitigate phase, the guide emphasizes early detection of incidents, executing the response plan, getting help when needed, and documenting the response effort. It stresses the importance of having a well-designed incident response plan and the potential need for external resources such as breach coaches or forensics experts.
The Restore phase covers remediating vulnerabilities, restoring lost or damaged systems and data, replacing compromised controls, continuing monitoring, communicating effectively about the incident, and implementing lessons learned. The guide emphasizes the importance of post-incident review to improve future cybersecurity efforts.
Travelers Institute provides practical advice and best practices for organizations of all sizes. It emphasizes that cyber incidents are inevitable but need not be catastrophic if properly managed. The guide discusses legal and regulatory considerations, such as data breach notification requirements.
Travelers encourage continuous improvement in cybersecurity practices and offer additional resources for organizations seeking to enhance their cyber defenses. Overall, this guide serves as a comprehensive roadmap for organizations looking to improve their cybersecurity posture in an increasingly complex threat landscape.
Travelers
Manage Cyber Threats
Travelers Cyber
Cybersecurity for Small & Midsize Businesses
The Travelers Institute launched a national cybersecurity education initiative called “Cyber: Prepare, Prevent, Mitigate, Restore” in Los Angeles on April 27, 2016. This symposium series aims to educate small and midsized organizations on protecting their systems and sensitive data from cyber threats.
Cyber Threats to Small and Midsized Businesses
- Over 60% of cyber attacks in 2015 targeted small and midsized businesses
- Data breaches increased by 23% in 2015
- Smaller companies, often suppliers to critical infrastructures, are more vulnerable to hackers due to limited resources and cybersecurity practices
Current Threat Landscape
- Employees remain a significant weak link in cybersecurity
- Vendors and business partners can be conduits for breaches, especially if they are small or midsized businesses
- Many business owners underestimate their risk of cyber attacks
Recommendations for Businesses
1. Develop and test a cyber response plan
2. Adopt a cyber-safe culture with ongoing employee education
3. Consider cyber insurance coverage
4. Hire breach coaches familiar with cyber trends and state-specific laws
Event Details
The symposium featured experts from various sectors:
- Joan Woodward, President of the Travelers Institute
- Michael Echols, U.S. Department of Homeland Security
- Bill Detwiler, TechRepublic
- Tim Francis, Travelers
- Dianne Ewing, Hoffman Brown Company
- Sian Schafle, Mullen Coughlin LLC
Hoffman Brown Company, the U.S. Small Business Administration Los Angeles District Office, and CNET co-hosted the event.
Resources for Businesses
The document provides several resources for businesses to learn more about cyber risks and develop response plans:
- Travelers website: travelers.com/cyber
- U.S. Department of Homeland Security: us-cert.gov
- NIST Cybersecurity Framework: nist.gov/cyberframework
This initiative by the Travelers Institute highlights the growing importance of cybersecurity education for small and midsized businesses, emphasizing the need for preparation, prevention, mitigation, and restoration strategies in the face of increasing cyber threats.
What is Cyber Insurance
Cyber insurance is a specialized insurance product designed to protect businesses against the financial losses and disruptions that can arise from cyber-related incidents, such as data breaches, ransomware attacks, and other cyber threats. This type of insurance typically covers costs related to data recovery, legal fees, notification of affected parties, regulatory fines, and business interruption losses. Businesses need cyber insurance to mitigate the financial impact of cyber-attacks, ensuring they can quickly recover and continue operations while minimizing the potential damage to their reputation and customer trust.
What does cyber insurance cover?
Cyber insurance typically covers costs related to data breaches, including data recovery, legal fees, notification of affected parties, and regulatory fines. It may also cover business interruption losses and expenses related to restoring business operations.
Why is cyber insurance important for SMBs?
Small businesses, often with potentially weaker security measures, are prime targets for cyber attacks. Cyber insurance is a crucial tool in managing the financial burden of such attacks, ensuring they can recover quickly and sustain minimal operational disruption.
How is the cost of cyber insurance determined?
Factors such as the size of the business, the industry, the amount and type of data handled, and the company’s existing cybersecurity measures influence the cost of cyber insurance. Higher-risk businesses or those with poor security practices may face higher premiums.
What are the exclusions in a cyber insurance policy?
Standard exclusions in cyber insurance policies include claims related to pre-existing breaches, acts of war or terrorism, and the failure to maintain minimum security standards. It’s essential for businesses to review policy details to understand specific exclusions and limitations.