CyberEdge® Risk Appetite Guide
Risk Consulting Services
- Employee eLearning
- Blacklist IP Blocking
- Domain Protection
- Infrastructure Vulnerability Scan
- Legal, Forensic, and Public Relations Risk Consultations
- 24/7/365 CyberEdge Hotline
- Insurance Portfolio Diagnostic
- Cybersecurity Information Portal
- Cyber Defence Review
- Internet Facing System Examination
- Incident Simulation Workshop
- Executive Threat Brief
- Cyber Engineering Study
Preferred Vendor Services
- Dark Net Intelligence
- Cybersecurity Maturity Assessment
- Security Ratings
- Security Awareness Training
- Quantification Workshop and Insurance Portfolio Stress Test
An insured’s computer server was maliciously attacked by a virus that encrypted their data and demanded a $5,000 ransom to un-encrypt.
- The insured reported the matter to the FBI and local authorities.
- The insured did not pay the ransom on the advice of the FBI.
- AIG worked with the insured to engage an expert to perform a forensic analysis of their system.
- The forensic expert was able to determine that the impacted server did not contain any confidential information but rather the company’s warehouse inventory information.
- The forensic expert was able to remove the virus and strengthen the insured’s data security protections.
- AIG reimbursed the insured more than $45,000 for forensic costs incurred.
Hackers accessed the insured’s system through a targeted spear-phishing attack. The hackers placed ransomware on the system that encrypted all the data on the insured’s system. Seven servers and hundreds of PCs were affected. The hackers demanded 12 Bitcoin for the encryption keys.
- The insured engaged with AIG’s cyber claims specialists to coordinate the retention of breach privacy counsel and a forensics firm to respond.
- AIG and breach counsel coordinated efforts with law enforcement.
- The insured and forensics firm were unable to unencrypt the data.
- After consulting with AIG and law enforcement, the insured decided to pay the ransom.
- AIG facilitated the retention of vendors to procure the Bitcoin for payment of the ransom.
- Once paid, the insured received the necessary encryption keys.
- The system was brought back online over the course of several days.
- The insured’s business system was offline for 2.5 business days.
- AIG reimbursed the insured $4,500 for the ransom, $2,500 in Bitcoin procurement, $950,000 in forensic investigation/remediation, $65,000 in legal costs, and $32,000 in public relations costs.
- In addition, AIG reimbursed the insured $1.1 million for its lost income and $850,000 for additional expenses associated with the outage.
An insured hospital was notified of a potential breach involving protected health information (PHI) of over 40,000 patients.
- AIG quickly engaged with the insured to retain breach counsel and a forensic investigator.
- Based on the ensuing investigation, AIG coordinated with the insured and breach counsel on the selection and retention of vendors to handle the required notification to regulators and patients.
- Offered patients access to identify monitoring protection, and established a call centre to handle inquiries and registration for the identity monitoring protection.
- AIG reimbursed the insured $450,000 for Credit Monitoring and ID Theft Insurance, $175,000 in notification and call centre costs, $25,000 in forensic costs, and $90,000 in legal costs.
- The policy also covered $500,000 in regulatory fines assessed on the insured.
- More than 20 million people and 22,000 companies have trusted us to respond to some of the world’s biggest data breaches
- Eligible insureds* receive complimentary risk consulting services to proactively help understand their specific areas of vulnerability and what actions should be taken to help prevent a cyber attack from taking place
- Additional risk consulting tools and services are also available on a paid basis from AIG’s cyber risk consultants, with 20+ years of experience, and our panel of expert preferred vendors
- Clients benefit from 24/7/365 access to the CyberEdge Claims Hotline at 1-800-CYBR-345 (1-800-292-7345). Our experienced claims team across the globe can help clients notify and support the recovery of affected customers, handle crisis communications, and determine exactly what happened
- Clients can stay up to speed on the latest cyber risks and how to help mitigate and respond to them with the CyberEdge mobile app for iPhone, iPad, and Android
- CyberEdge is backed by AIG’s multinational expertise. Confronted with expanding regulatory regimes and increasingly interconnected economies, global businesses consistently turn to our renowned product range and geographical reach to meet their insurance needs. We have local market expertise and on-the-ground resources that span an expansive network of over 200 countries and jurisdictions.