What to Do in the Event of a Breach
Immediately report breaches, suspected breaches, or claim notices directly to the carrier:
ACE Professional Risk
P. O. Box 5105
Scranton, PA 18505-0518
Call the Cyber Incident Response Coach Hotline: 1 (800) 817-2665
Timely reporting plays a critical role in any claim. Furthermore, late-reported claims may be excluded from coverage. It is critical that you report the claim as soon as you believe a breach event has occurred, or even if you have suspicion of a breach event. Do not wait for confirmation of a breach before reporting a claim.
In the event of a loss or breach, provide the claims department with the following:
- Description of the breach or suspicion of the breach (including a description of how, when, and where the breach occurred)
- Notify the adjuster if a law may have been broken
- Cooperate with the carrier in the investigation
All supplemental claim information and general claim correspondence must be sent to:
AJGRMS Claims Department
Phone: (415) 546-9300
Fax: (415) 536-4036
Cyber Liability Insurance provides coverage for financial loss related to:
- Network intrusions/hacks/malware viruses
- Lost/missing/stolen electronic assets
- Phishing/spear phishing attacks
- Mishaps due to broken business practices
- Rogue employees
- Unauthorized access through improper disposal of data
ICRMA’s Cyber Liability program offers $3,000,000 limits per member and includes:
- ACE Privacy and Network Liability Coverage Grants, including Privacy Liability, Network Security Liability, Internet Media Liability, Network Extortion, Digital Asset Coverage, Business Interruption, and Data Breach Fund.
- ACE Data Breach Coach, an independent law firm specializing in data breach events, to assist the city in determining if it has had a network security breach incident, and/or if Personal Identifiable Information (PII) has been lost or stolen. The ACE Data Coach will then work with the city to determine the appropriate response to the event, drawing from the resources provided by the ACE Data Breach Team. Expenditure of the deductible is not required to obtain advice free of charge.
- ACE Data Breach Team, a panel of 17 industry-leading third party vendors specializing in digital forensics, medical ID fraud monitoring, customer notification, public relations, fraud consultation, credit monitoring and payment card industry investigations.
Cyber Liability Resources
ICRMA’s Cyber Liability carrier, ACE, has a host of services and resources available on its website, including sample policies (Risk Manager Tools), articles on various Cyber risks (Learning Center) portion, and News & Blogs. You can also connect with various 3rd party resources at discounted rates already negotiated by Chubb. We encourage members to explore the tools and resources, including the following:
- Antivirus and Malware Policy
- Computer Network Security Policy Template
- Incident Response Plan Policy
- Information Security Policy
- Mobile Computing Policy
- Personal Device Use (BYOD) Policy
- Physical Security Policy
- Posting and Removal of Online Content
- Sample Information Security Policy Template
- Security Awareness Training and Education Policy
- Security Policy 101 – Essential Policies for Business
- Sensitive Information Handling
- Social Networking Acceptable Use
While most items do not require a password, some may require confirmation of ICRMA membership. To register please go to www.acecyberrisk.com and click the green “register” button to the right of the page.
Fill out the registration form using Access Code 08002.
Once you submit your credentials will enable you to login.
Chubb additionally provides two FREE services:
- Password Defense
- Available to Chubb’s cyber policyholders
- Helps improve cyber security by making it easier for employees to create stronger passwords
- Generates strong passwords for websites, stores them in a secure vault, and synchronizes them across multiple devices
- Includes auto login to websites, password benchmarking, and notifications
- To sign up, visit https://go.dashlane.com/chubboffer
- Online Cyber Security Education
- Available to Chubb’s cyber policyholders’ employees
- Online training can be quickly and easily deployed to educate employees
- Includes two courses: Security Awareness Basics and Security Awareness for Information Technology
- Enables managers to view employee results and course completion statistics
- To access, visit http://www.learncyber.com/chubboffer/
The above sites will ask for members to provide their contact information and the Policy Number.
RSM (rsmus.com) is the preferred vendor for Chubb, ICRMA’s Cyber carrier, for various compliance assessments. RSM offers discounted rates for Chubb clients. Pricing for RSM’s suite of Security and Privacy Due Diligence Services can be viewed here.