Cyber: Network Security & Privacy Liability

Network and Privacy Exposure

All companies, regardless of industry, face ever-increasing risks associated with the use of electronic systems to operate, process and support their businesses. This includes conducting and recording transactions as well as the collection and use of digital information.  Manufacturers, utilities and energy producers confront complex challenges in protecting their plant control systems from hackers and terrorists bent on disrupting critical infrastructure and/or power generation. State and federal laws hold companies to new and changing standards regarding the use and protection of customer, patient, and employee data. Utilities and other critical service providers must also achieve and maintain compliance with new reliability and service standards. The risk of systems and data breaches requires that organizations thoughtfully and strategically prepare and prevent against newly developing exploits and to be vigilant in managing breach events when they occur. A skillful approach is required since brand and reputation damage often lead to customer churn and lost business in addition to the significant financial impact necessitated after a breach is discovered. 

McGriff Experience

Once these risks have been identified and quantified and the current countermeasures have been vetted, they can be treated with a customized insurance solution. 

McGriff has developed proprietary policy language that provides the breadth of coverage that most companies seek in order to address various first and third party costs. This includes breach response costs, business income loss, digital asset recovery, regulatory investigations, and various legal liabilities including those for content and media offenses.

McGriff Proprietary Cyber Solutions Include:

·  Xcalibur

·  CyberSuite

·  Critical Asset Protection (CAP)

McGriff has entered into an arrangement with NetDiligence and its state of the art "e-risk hub“ to offer pre and post loss service solutions, education, and pre-qualified resources available in the event of a network breach.


McGriff’s cyber resource team will collaborate in the collection, review and analysis of your various operational exposures and/or business interruption risk which may result from an operational, technology, or information security breach. To thoroughly understand and evaluate the impact of all exposures, we employ the following processes:

1. Operations Review – Risk mapping workshop

2. Website Review – this is a summation of media and data exposures as a result of web site content, functionality, data collection, online bill presentment and payment, links and other online uses/features.

3. Contract and Service Agreement Reviews – Assessment of information security risks presented in contracts with both service providers and customers. Guidelines are then prepared for your field operations to effectively define duties to prevent and respond to breaches and systems interruptions and to secure conformance with required coverage/limits.

4. High-level Review of Regulatory Requirements – We can help identify some of the regulatory concerns which may arise from compromised data and systems, but encourage your in-house and outside legal counsel involvement as we do not act as legal advisors.

5. Exposure Analysis Report/Detailed Summary of Exposure – May include a written assessment and summary of some or all of the following: professional services/third parties, information security risks, first party exposures, intellectual property risks.

6. Insurance Program Gap Analysis – Review of all current insurance programs to identify gaps in coverage

7. Solution Building and Program Recommendations – Creating and delivering a bespoke solution to respond to your business’s specific needs and demands