ACE Group, a multiline property and casualty insurer, last week announced the launch of ACE’s Global Cyber Facility, which goes beyond standard risk transfer by incorporating a comprehensive risk management solution into a single policy purchase.
ACE’s Global Cyber Facility provides up to $100 million of primary capacity. The solution incorporates integrated loss control services provided by cyber-security experts, a proprietary application process designed to assess an organization’s current risk profile, a specialized policy form, comprehensive claims management, and ongoing, detailed analysis to help organizations detect potential weaknesses that could give rise to future cyber attacks.
“Boards recognize that cyber insurance is a priority, but they also know that risk transfer isn’t enough," said Toby Merrill, division senior vice president, Global Cyber Risk Practice, ACE Group. "Risk managers are asking for a comprehensive strategy that helps them assess their cyber and data privacy risk, incorporates appropriate loss control services to mitigate losses before they happen, provides access to post breach services to assist them in the event of a breach, and offers higher limits to meet their coverage needs."
Features of ACE’s Global Cyber Facility include increased primary capacity to meet the needs of large insureds, with up to $100 million per insured for qualifying risks globally. Furthermore, ACE will act as the single point of contact for all Global Cyber Facility components including underwriting each risk, evidencing global coverage, managing the claims process, and coordinating loss control services both pre- and post- incident.
The integrated loss control service offering includes the following:
Core security defense, which incorporates a review of the implementation of and compliance with industry standard security controls for protecting information;
Enterprise risk management, which measures the completeness of vision and cultural awareness of information security and privacy at the board level;
Incident response capabilities, which measures the detection and response capabilities in the event of a network security or confidential data compromise;
Business interruption calculation, which calculates the financial outcome based on the organization’s ability to withstand and recover from interruptions in network operations; and
Data analytics and industry metrics, which provides an “outside looking in” perspective on cyber attacks. Provided on an ongoing basis throughout the life of the policy, this analysis combines data from multiple vendors with ACE’s own proprietary claims data, giving insureds insight into current threats that could lead to a compromise of the network or a data breach.
The loss control services offering incorporates five core strategies, with one or more services provided by BitSight, FireEye, Navigant, NetDiligence, Promontory Financial Group, and/or Verizon Enterprise Solutions. Product highlights are summaries only; see the actual policy for terms and conditions. All products and services may not be available in all instances. Product offerings may vary by ACE location.