Cyber Decoder - Issue 48

15 July 2019

Cyber Decoder Issue 48 Welcome to the next edition of our cyber newsletter in which we keep you posted on recent cyber developments in news and review the latest trends, high profile attacks and lessons learnt from this evolving threat landscape.


Canada joins global trend for tougher privacy rulesCanada Joins Global Trend for Tougher Privacy Rules
Canada is set to introduce tougher data privacy rules, joining a growing list of countries giving new rights to consumers and holding companies to account. n May, Canada’s federal government launched its Digital Charter; 10 broad principles intended to guide future legislative changes, including plans to modernise the country’s Personal Information Protection and Electronic Documents Act (PIPEDA) and the Privacy Act.

Model Cyber Exclusions Provide Basis for Industry Specific CoveragesModel Cyber Exclusions Provide Basis for Industry-Specific Coverages
London's company market trade body, the International Underwriting Association (IUA), has published model cyber exclusions to be applied to traditional property and casualty policies. Such moves should provide the foundations for more industry-specific affirmative cyber cover.

Multinational Cyber Risk and Solutions Are EvolvingMultinational Cyber Risk and Solutions Are Evolving
Cyber risks are evolving fast, and the situation is especially acute for multinational businesses. Multinational companies are increasingly exposed to large, complex cross-border cyber risks through their supply chains, third-party vendors, and increasing levels of regulation, as highlighted in Chubb's recent report, Managing Tomorrow's Cyber Risks and Multinational Insurance.

Ransomware and Social Engineering Attacks GrowRansomware and Social Engineering Attacks Grow
Ransomware and social engineering attacks against C-level executives have increased in numbers and sophistication. Ransomware attacks doubled in the first quarter of 2019, according to Lloyd’s of London insurer Beazley, which experienced a 105% increase in the number of ransomware attack notifications by its clients in the quarter compared with the same period a year ago.

The Legality of RansomwareLegal Implications Regarding Ransomware
Jurriaan Jansen, privacy and cyber of Counsel at Norton Rose Fulbright LLP, talked us through the myriad of potential legal implications a ransomware attack could trigger. In this article, we summarise the five key takeaways from our discussion.

Can Cyber Be Covered In Traditional Forms of InsuranceCan Cyber Be Covered In Traditional Forms of Insurance?
In short, the answer is yes, but insurers are increasingly encouraged by regulators and rating agencies to remove “non-affirmative” coverage, so that they have a clear picture of their aggregate cyber risk and aren’t surprised by major losses in the market.

Setting the record straight on cyber insuranceSetting the Record Straight on Cyber Insurance
For almost 30 years, cyber insurance has covered the losses and expenses associated with a growing range of cyber perils. Despite, some uncertainty about its responsiveness, cyber insurance is an essential component of a comprehensive cyber risk management programme.

What Does Wi Fi Pineapple Device MeanCyber Buzzword of the Month – Pineapple Device
The affordable ‘Wi-Fi Pineapple’ was first released in 2008 by Hak5, a company that develops tools for penetration testers (ethical hackers). Its initial purpose was to help penetration testers educate users on how to protect themselves from public Wi-Fi attacks; while concurrently raising awareness about the spoofing and man-in-the-middle (MITM) vulnerabilities inherent in Wi-Fi technology. Unfortunately, criminals found a way to repurpose the device to facilitate the very attacks it was built to prevent.



  • Sarah StephensSarah Stephens

    As part of Marsh JLT Specialty's London-based Financial Lines Group, Sarah and her team work both directly with our clients and with network colleagues and independent partners to make sense of cyber, technology, and media E&O (PI) risks and create leading edge bespoke insurance solutions in the London market.

    Prior, Sarah spent 12 years with Aon in a variety of roles. Her last role at Aon was Head of Cyber & Commercial E&O for the Europe, Middle East, and Africa (EMEA) Region, working with colleagues across business groups and clients in the region to identify, analyse, and drive awareness of cyber risks, exposures, and both insurance and non-insurance solutions.

    Previously, Sarah spent seven years with Aon’s US Cyber and Errors & Omissions practice group thinking nonstop about cyber insurance way before it was cool. Her first four years at Aon were spent in the Account Management group working with large clients and developing a keen eye for excellent client service.

    For further information or to learn more about cyber insurance, contact Sarah Stephens, Head of Cyber, on +44 (0)20 3394 0486.

  • For more articles like this, download our Cyber Decoder

    Share this article