Educa&onal
Event
Spring
2015
What Are Today’s Biggest Cyber Risks and
How Can Cyber Insurance Help
Judy Selby – BakerHostetler
Sco4 Ernst – Wells Fargo Insurance Services USA
Amie Taal – Deutsche Bank AG
Jennifer Rothstein – Kroll
I co-‐chair BakerHostetler’s InformaIon Governance Team, founded the eDiscovery & Technology Management Team and counsel clients on ways to avoid informaIon-‐related liability. I handle cuOng edge privacy, data breach, informaIon governance, cyber insurance and insurance coverage ma4ers.
I frequently speak and write about informaIon-‐related strategies and best pracIces. I have successfully completed a course on Tackling the Challenges of Big Data with MIT and co-‐chair the Claims and LiIgaIon Management Alliance (CLM) Cyber Liability Commi4ee. I am a member of the ABA Big Data Commi4ee and the Sedona Conference Data Security and Privacy Liability Working Group 11.
I also have over 20 years of experience in large scale first-‐ and third-‐party complex insurance coverage ma4ers. I am a member of the Law360 Insurance Editorial Advisory Board, the Editorial Advisory Board of Law
Technology News, the Professional Liability Underwriters AssociaIon, and the Defense Research InsItute and was selected to be a contributor to InsuranceThoughtLeadership.com.
I also was honored as LawCrossing's Law Job Star in July 2014, featured in Law Technology News as a leading woman in technology, and was recently quoted in Reuters with regard to data breach class acIons against Target.
Email: jselby@bakerlaw.com Twi4er: @judy_selby
Amie is a remarkably talented and highly driven professional offering over 30 years of experience
working with computers and over twenty-‐four years' experience as a digital forensic invesIgator
and IT Security Specialist dealing with civil and criminal ma4er within the public and private
sector including the Big 4 and other accounIng firms.
Ms. Taal has an excellent track record in building and growing digital forensic, IT Security and
eDiscovery pracIces. Amie has been a key invesIgator on high profile cases involving the
Metropolitan Police, City of London Police and the Serious Fraud Office, with the value of the
alleged frauds exceeding £2 million. She has led number of high profile cases and spent several
years working in and with various government prosecuIng authoriIes in the UK and overseas.
Ms. Taal’s responsibiliIes have included providing internal and external training on legal pracIce
and procedures, data protect rules and regulaIons and evidence handling. Amie has several
professional and academic qualificaIon in the field of Digital Forensic, InformaIon Security,
Forensic Science and Data AnalyIcs.
Email: amie33_uk@yahoo.co.uk
Sco6 Ernst
Sco4 Ernst is a Vice President with Wells Fargo Insurance Services. With 127 offices in 36
states it serves a wide range of consumers, high-‐net-‐worth individuals, small businesses,
middle-‐market, and large-‐corporate customers. Wells Fargo Insurance writes or places $15
billion of risk premiums annually in property, casualty, benefits, internaIonal, personal lines,
crop, and life products.
Sco4’s specializaIon includes technology errors & omissions liability, technology products
liability, new media liability, data and systems failure, technology-‐related business
interrupIon risks, intellectual property exposures, and the escalaIng liability and exposures
related to data security and privacy.
Sco4 is a frequent speaker on tech and professional liability insurance topics at seminars
sponsored by the Professional Liability UnderwriIng Society (PLUS), the New York State Bar
AssociaIon, the New Jersey State Bar AssociaIon, and the New Jersey Insurance Coverage
InsItute. Mr. Ernst is a past Chairman of Professional Liability UnderwriIng Society’ Eastern
Region Chapter.
Jennifer Rothstein is a director with Kroll’s Cyber Security pracIce. She joins Kroll aoer a disInguished career in professional liability program management, e-‐discovery product development and intellectual property
ownership rights management. At Kroll, Jennifer will maintain and broaden the strategic partnerships
established with insurance companies, brokers and insureds. She will lead cross-‐funcIonal acIvity to facilitate new business opportuniIes and targeted product development as it relates to cyber liability.
Previously, Jennifer directed the development and growth of professional lines programs for business
segments including lawyers, broker dealers, accountants, real estate agents and architects & engineers. She also was co-‐creator of the insurance market’s first e-‐Discovery services endorsement for over 10 lines of
business for a major internaIonal carrier. She co-‐developed an exclusive patent liability defense program with a naIonal broker for the tech sector’s top industry leaders. Jennifer began her career in the insurance industry at AIG. In that role, she facilitated the underwriIng of electronic and intangible risks into corporate insurance policies. Her role also included the enforcement of the LiIgaIon Management Guidelines and the review and approval of panel counsel invoices.
Phone: (212) 833-‐3456 Email: jrothstein@kroll.com
•
Data Explosion
•
90% of data created within last 2 years
•
50X growth by 2020
•
Rise of Mobility
•
6 Billion mobile subscribers
•
Social is Business
•
Consumers driving experience
•
SophisIcated Consumers
•
DifferenIated Experiences
•
Internet of Things
•
9 Billion Internet Devices in 2012
•
50 Billion by 2020
•
How important is Data ProtecIon/
Privacy to a Company?
•
How important is it for RM officers to
have business knowledge?
Evolving Role of Records Management
(RM) Personnel in the Age of ESI
Causes of Security Incidents
Source: Ponemon Institute
2013 Cost of Data Breach
Study – United States
•
Disclosure
– Hacking
– Malware
– Phishing
•
Negligence
– Lost laptops
– Disposal of IT assets
– Paper
– Snooping
– Disgruntled
/Malicious
employees
– Social Engineering
How Do Security Incidents Arise?
•
Misuse
– Violations of law or
regulations
– Violation of privacy policy
or disclosure
– Violation of consent
– Improper collection of
Privacy Rights Clearinghouse:
www.privacyrights.org
•
Since 2005
–
1,012,730,026 records breached (as of 2/7/15)
–
4,487 data breaches made public
•
Tracks the following reported incidents:
–
Unintended disclosure
–
Hacking or malware
–
Payment card fraud
–
Insider
–
Physical loss
–
Portable device
–
StaIonary device
–
Unknown
Security Incidents
Consumer Cybercrime Across the
Globe
(2013 Norton Cybercrime Report)