1. Home
  2. Industries
  3. Technology
  4. Cybersecurity and privacy

Cybersecurity and privacy

Cybersecurity is on the mind of every business executive, whether the company is large, mid-sized or small. Data and intellectual property, as well as business processes supported by IT, may be your business’s most valuable assets. Protecting those assets from a cyberthreat requires a seamless integration of cybersecurity strategy and risk transfer. Zurich’s cyber specialists are ready to deliver industry-leading solutions that help address your cyber risk management needs. We are committed to helping you safeguard your company’s information assets.

Why Zurich?

Zurich has been providing comprehensive insurance solutions around the globe for more than 140 years. Zurich insures more than 90% of Fortune 500 companies and provides comprehensive solutions and insights for 25 industries. We also continue to maintain strong financial ratings.

In addition to knowledgeable cybersecurity and privacy professionals, Zurich’s Risk Engineering team is dedicated to cyber-related issues and produces predictive analytics in collaboration with our Claims team and underwriters. When Zurich professionals apply these insights to your company, the wide range of cyber risk and privacy issues can be implemented.

Through our strategic relationships, qualified Zurich customers have access to breach coaching and employee training programs. These services can help build awareness to ensure compliance with local regulations.

cyber security

Cybersecurity and privacy solutions

Zurich Cyber Insurance Policy

Zurich’s Cyber Insurance Policy offers a convenient, unified solution with coverages and features that can be customized to meet the specialized needs of mid-sized and large corporate customers. The program brings together features often attached to other commercial policies as individual endorsements with coverage limits up to $25 million.

Key coverages

Liability coverages include:

  • Security and Privacy Liability
  • Regulatory proceedings defense costs
  • Civil fines and penalties associated with Payment Card Industry (PCI) and General Data Protection Regulation (GDPR)
  • Media liability coverage

Non-liability coverages include:

  • Privacy breach costs, including:
    • Forensic investigation expenses
    • Legal and public relations expenses
    • Credit and identity monitoring costs
    • Identity restoration and identity theft insurance costs
    • Call center costs
  • Business income loss, dependent business income loss (i.e., loss insured incurs due to a vendor’s network security event) and extra expense
  • Digital asset replacement expenses
  • Cyber extortion threats and reward payments
  • System failures and dependent system failures
  • Reputational damages
  • Social Engineering Funds Transfer Fraud
  • Claims Avoidance coverage

Cyber Risk Engineering services

Zurich’s team of skilled Cyber Risk Engineers offers insights and guidance for customers seeking to better understand, manage and mitigate their cyber risk. Our team has a wide range of security experience as both practitioners and consultants in such industries as retail/wholesale, banking, insurance, professional services and the military. Our recommendations can be used by your information security team to help make your company’s computing environment and business more secure and resilient against cyberattacks.

Effective and robust cybersecurity requires an information security management system (ISMS) built on three pillars: people, process and technology.

People
A sampling of our people services includes:

  • Board of directors and C-suite education
  • User awareness training addressing the following:
    • Phishing
    • Social engineering
    • Password standards and management
    • Business email compromise
  • Security team training
  • Hiring practice security guidelines
  • Access management
    • Users
    • Vendors
    • Privileged users
    • Remote users

Process
We can assist in the development of processes, including:

  • Cybersecurity strategy
  • Capability roadmap
  • Policies and procedures
    • Acceptable use
    • Asset management
      • Vulnerability management
      • Patch management
    •  Risk assessment
    • Vendor management
    •  Incident response
    • Disaster recovery
  • Management metrics for cybersecurity

Technology
Some of our recommendations may involve specialized technology solutions available through established referral arrangements with leading security vendors and consultants. These firms can provide products and services to Zurich customers at a reduced cost.

Cyber Risk Engineering team

Gerry Kane
Vice President, Cyber Risk Engineering
The Zurich Services Corporation
Mobile: 224-412-2626
Email: gerry.kane@zurichna.com

Nikki Ingram, CISSP
Cyber Risk Engineering Consultant
The Zurich Services Corporation
Mobile: 214-725-1755
Email: nikki.ingram@zurichna.com

Kevin T. Shin, CISSP, PMP
Cyber Risk Engineering Consultant
The Zurich Services Corporation
Mobile: 847-257-2182
Email: kevin.shin@zurichna.com

Cyber vendor resources

Cyber vendor resources

Following a breach, obtaining a technical and legal provider with the appropriate experience is important. Zurich offers its qualified customers a complimentary half-hour consultation with an experienced cyber-breach coach.

Zurich can help Zurich-qualified customers access privacy attorneys,* who can help them assess whether a computer forensics investigation is needed, or whether breach notifications are required. In addition, here is a list of preferred third-party providers* that can provide a variety of data security and privacy services:

Data Breach Coaches:

Mullen Coughlin (U.S.)

Clark Hill (U.S.)

Traub Lieberman (U.S.)

Goldberg Segalla (U.S.)

Norton Rose (U.S.)

Baker & Hostetler (U.S.)

Locke Lord (U.S.)

David Wright Tremaine (U.S.)

Dolden Wallace Folick (Canada)

Data Breach Response Services:

Fidelis Cybersecurity (U.S.) Available services include forensic investigation

ID Experts (U.S. and Canada) Available services include forensic Investigation, notification and call center, credit/identity monitoring/fraud remediation and public relations

CyberScout(Formerly Identity Theft 911) (U.S.) Available services include notification and call center, and credit/identity monitoring/fraud remediation

NPC- Immersion Data Breach Response (U.S. and Canada) Available services include notification and call center

Intelligent Business Concepts (IBC), Inc. (U.S.) Available services include notification and call center, and credit/identity monitoring/fraud remediation

Kroll, Inc. (U.S. and Canada) Available services include forensic investigation, notification and call center, and credit/identity monitoring/fraud remediation

Experian Data Breach Resolution (U.S. and Canada) Available services include breach notification, incident hot line for victims, and identity protection, including credit monitoring

FleishmanHillard (U.S.) Available services include public relations/communications and crisis management

Hill + Knowlton Strategies (U.S.) Available services include public relations/communications and crisis management

Padilla CRT (U.S.) Available services include public relations/communications and crisis management

Marsh Risk Consulting’s FACS (U.S.) Available services include forensic accounting

MDD (U.S.) Available services include forensic accounting

Meaden & Moore (U.S.) Available services include forensic accounting

 

Additional resources:

eRisk Hub®

eRisk Hub can be a valuable resource in preparing for a data breach. From prevention tips to response recommendations, eRisk Hub® can assist with a wide variety of cyber situations. Zurich's eRisk Hub® is available to all Zurich North America Security and Privacy customers.


*The privacy attorneys and other third party service providers are not subsidiaries or affiliates of Zurich and use of their products and services are independent of, and not included within, any Zurich products or services. Zurich expressly disclaims any and all damages and other costs that may arise related to the use of or reliance upon the products, services, representations or warranties made by or on behalf of the third party service providers.


Knowledge Hub resource


Questions? We have answers.

Read our Risk Insights newsletter