Loading...
The URL can be used to link to this page
Your browser does not support the video tag.
Home
My WebLink
About
Resolution - 2022-R0401 - Network Security, Privacy and Media Insurance
Resolution No. 2022-RO401 Item No. 5.6 September 27, 2022 RESOLUTION BE IT RESOLVED BY THE CITY COUNCIL OF THE CITY OF LUBBOCK: THAT the City Manager of the City of Lubbock is hereby authorized and directed to purchase for and on behalf of the City of Lubbock, Network Security Privacy Insurance coverage from Obsidian Specialty Ins. Company, who is yet to be determined, for which the premium amount shall not exceed $235,128.53; and THAT the City Manager may execute any routine documents and forms associated with said insurance coverage. Passed by the City Council this ATTEST: -V, au, Reb ca Garza, City Secr APPROVED AS TO CONTENT: D. Blu Kostelich, Chie inancial Officer APPROVED AS TO FORM: —dvj ��� Jeff sell, Deputy City Attorney September 27, 2022 RES.Risk Mgmt-Obsidian Specialty Ins [Network Security] September 13, 2022 Resolution No. 2022-RO401 Cyber Liability Insurance Company: Obsidian Specialty Insurance Co. (Cowbell) Policy Term: 10/01/2022 to 04/01/2024 Coverage: Cyber Liability insurance protects the organization from losses due to Notification expenses, Business Interruption expenses, Cyber extortion or ransom and regulatory fines and penalties to name a few coverage clauses that address first and third party losses from a cyber attack. Privacy Liability insurance coverage protects businesses against the liabilities and expenses arising from a theft, loss of unauthorized use of personal information (PI), personal health information (PHI) or corporate confidential (CC) information. Annual Premium: Option 1: $120,536.79 — Including all Taxes & Fees $1M Limit/$1M Business Interruption Limit Option 2: $108,003.50 — Including all Taxes & Fees $1M Limit/$250K Business Interruption Limit Option 3: $157,387.50 — Including all Taxes & Fees $2M Limit/$2M Business Interruption Limit Option 4: $139,550.25 — Including all Taxes & Fees $2M Limit/$250K Business Interruption Limit Options to get to 4/1: Option 1: $180,549.70 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $1M Limit/$1M Business Interruption Limit Option 2: $161,732.45 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $1M Limit/$250K Business Interruption Limit Option 3: $235,128.53 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $2M Limit/$2M Business Interruption Limit Option 4: $208,043.19 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $2M Limit/$250K Business Interruption Limit (Expiring) CowbellCowbell Option Policy Period September 30, 2021- October 1, 2022 October 1, 2022 - April 1, 2024 Limits of Liability Aggregate Limit of Liability $1,000,000 $1,000,000 Claims Made Dates Retroactive Date Full Prior Acts ( 9/30/21 for Reputational Full Prior Acts ( 9/30/21 for Reputational AmendatoryGeneral . Harm Expense Only) Harm Expense Only) Acquisition Threshold 20% of Named Insured Revenues 20% of Named Insured Revenues Hammer (Settlement) Clause 50/50 70/30 Additional Insured - Blanket N/A Included Language pursuant to a contract Period of Restoration for Business 180 days 180 days Interruption This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. p 2021 USI Insurance Services. All rights reserved. W.120 Third Party Liability Coverages Network and Information Security $1,000,000 $1,000,000 Liability Regulatory Fines and Penalties $1,000,000 $1,000,000 Media Liability $1,000,000 $1,000,000 PCI Fines and Penalties $1,000,000 $1,000,000 First Party Liability Coverages Cyber Incident Response Fund $1,000,000 $1,000,000 Breach Response Separate Limit (In N/A N/A addition to aggregate) Business Interruption Loss resulting $250,000 $1,000,000 from a Security Breach Business Interruption Loss resulting $250,000 $1,000,000 from a System Failure Dependent Business Loss resulting $250,000 $1,000,000 from a Security Breach Dependent Business Loss resulting N/A N/A from a System Failure Voluntary Shutdown $250,000 $1,000,000 Digital Asset Destruction Data $1,000,000 $1,000,000 Retrieval & System Restoration Reputational Harm $500,000 $500,000 Cyber Extortion Loss $1,000,000 $1,000,000 • • Waiting Period: 24 hours 10 Hours / 12 hours for Rep Harm Retention: $100,000 $100,000 COVERAGE• Criminal Reward $100,000 $100,000 Invoice Manipulation $250,000 $250,000 Social Engineering $250,000 $250,000 Utility Fraud $100,000 $100,000 Bodily Injury Liability Coverage N/A N/A Computer Hardware Replacement $250,000 $1,000,000 Costs ("Bricking")NOTABLE EXCLUSIONS: The following Exclusions apply to your policy coverage unless otherwise indicated. Refer to your policy for. p - BIPA Exclusion Endorsement Any actual or alleged violation of the Illinois Biometric Information Protection N/A Act, or any amendments to the foregoing, or related federal, state or international law related to the collection of biometric information. Extortion Event Exclusion N/A N/A This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. © 2021 USI Insurance Services. All rights reserved. �.I 21 Cowbell •. Option Policy Period October 1, 2022 - April 1, 2024 October 1, 2022 - April 1, 2024 Limits of Liability Aggregate Limit of Liability $1,000,000 $1,000,000 Claims Made Dates Retroactive Date Full Prior Acts ( 9/30/21 for Reputational Full Prior Acts ( 9/30/21 for Reputational AmendatoryGeneral . Harm Expense Only) Harm Expense Only) Acquisition Threshold 20% of Named Insured Revenues 20% of Named Insured Revenues Hammer (Settlement) Clause 70/30 70/30 Additional Insured - Blanket Included Language Included Language pursuant to a contract Period of Restoration for Business 180 days 180 days Interruption Third Party Liability Coverages Network and Information Security $1,000,000 $2,000,000 Liability Regulatory Fines and Penalties $1,000,000 $2,000,000 Media Liability $1,000,000 $2,000,000 PCI Fines and Penalties $1,000,000 $2,000,000 First Party Liability Coverages Cyber Incident Response Fund $1,000,000 $2,000,000 Breach Response Separate Limit (In N/A N/A addition to aggregate) Business Interruption Loss resulting $250,000 $2,000,000 from a Security Breach Business Interruption Loss resulting $250,000 $2,000,000 from a System Failure Dependent Business Loss resulting $250,000 $2,000,000 from a Security Breach Dependent Business Loss resulting N/A N/A from a System Failure Voluntary Shutdown $250,000 $2,000,000 Digital Asset Destruction Data $1,000,000 $2,000,000 Retrieval & System Restoration Reputational Harm $500,000 $1,000,000 Cyber Extortion Loss $1,000,000 $1,000,000 Waiting Period: 10 Hours / 12 hours for Rep Harm 10 Hours / 12 hours for Rep Harm Retention: $100,000 $100,000 COVERAGE•include, Criminal Reward $100,000 $100,000 Invoice Manipulation $250,000 $250,000 Social Engineering $250,000 $250,000 This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. © 2021 USI Insurance Services. All rights reserved. M1.122 Utility Fraud $100,000 $100,000 Bodily Injury Liability Coverage N/A N/A Computer Hardware Replacement $250,000 $1,000,000 Costs ('Bricking")NOTABLE EXCLUSIONS: The following Exclusions apply to your policy coverage unless otherwise indicated. Refer to your policy.r a comple BIPA Exclusion Endorsement Any actual or alleged violation of the Illinois Biometric Information Protection N/A Act, or any amendments to the foregoing, or related federal, state or international law related to the collection of biometric information. Extortion Event Exclusion N/A N/A This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. © 2021 USI Insurance Services. All rights reserved. W.123 Policy Period Limits of Liability Aggregate Limit of Liability Claims Made Dates October 1, 2022 - April 1, 2024 $1,000,000 Full Prior Acts ( 9/30/21 for Reputational Retroactive Date Harm Expense Only) Acquisition Threshold Hammer (Settlement) Clause Additional Insured - Blanket pursuant to a contract Period of Restoration for Business Interruption Network and Information Security Liability Regulatory Fines and Penalties Media Liability PCI Fines and Penalties Cyber Incident Response Fund Breach Response Separate Limit (In addition to aggregate) Business Interruption Loss resulting from a Security Breach Business Interruption Loss resulting from a System Failure Dependent Business Loss resulting from a Security Breach Dependent Business Loss resulting from a System Failure Voluntary Shutdown Digital Asset Destruction Data Retrieval & System Restoration Reputational Harm Cyber Extortion Loss Waiting Period: Retention: Criminal Reward Invoice Manipulation Social Engineering Utility Fraud Bodily Injury Liability Coverage 20% of Named Insured Revenues 70/30 Included Language 180 days $2,000,000 $2,000,000 $2,000,000 $2,000,000 $2,000,000 N/A $250,000 $250,000 $250,000 N/A $2,000,000 $2,000,000 $1,000,000 $1,000,000 10 Hours / 12 hours for Rep Harm $100,000 $100,000 $250,000 $250,000 $100,000 N/A This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. © 2021 USI Insurance Services. All rights reserved. 24 Computer Hardware Replacement Costs ("Bricking") $1,000,000 BIPA Exclusion Endorsement Any actual or alleged violation of the Illinois Biometric Information Protection Act, or any amendments to the foregoing, or related federal, state or international law related to the collection of biometric information. Extortion Event Exclusion I N/A Subiectivities: • An incident response plan required to be put in place within 60 days post policy effective date. Cowbell Cyber can help with this: https:Hcowbell.insure/incident-response-plan/ . NFP also can provide client with templates upon request. • Completed Surplus Lines Tax Documentation (to be completed with assistance of Broker) NOTE. This summary is not intended to be a complete overview of your insurance program, other exclusions and conditions may exist. Please consult actual polity for additional terms, conditions and exclusions. Excluded coverage or other coverages sought may be available: please discuss with USI Other exclusions and policy limitations may apply. Please refer to the actual policies for specific terms, conditions, limitations, exclusions and sublimits that will govern in the event of a loss. This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. © 2021 USI Insurance Services. All rights reserved. W.125 Cyber Liability Marketing Summary Cowbell (Incumbent) 1 AmTrust AXIS Tokio Marine HCC At -Bay Quoted Declined Declined Declined Declined Option 1: $120,536.79 — Including all Taxes & Fees $1M Limit/ $1M Business Interruption Limit Option 2: $108,003.50 — Including all Taxes & Fees $1M Limit/ $250K Business Interruption Limit Option 3: $157,387.50 — Including all Taxes & Fees $2M Limit/ $2M Business Interruption Limit Option 4: $139,550.25 — Including all Taxes & Fees $2M Limit/ $250K Business Interruption Limit Option 1: $180,549.70 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $1M Limit / $1M Business Interruption Limit Option 2: $161,732.45 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $1M Limit / $250K Business Interruption Limit Option 3: $235,128.53 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $2M Limit/ $2M Business Interruption Limit Option 4: $208,043.19 — Including all Taxes & Fees 18mo policy term to 4/1/2024 $2M Limit/ $250K Business Interruption Limit $78,693.75 — Including Taxes & Fees Quote does not include ransomware related coverage. Coverage could be added once particular controls are implemented as noted below: • EDR on 100% of endpoints • DKIM and DMARC Furthermore, they did have some additional questions that I have included below. • Can critical patches be deployed in less than 7 days. How do they prioritize their criticality • Do they do vulnerability scanning of their network? • Does End of Life software have any critical information? and are there plans to decommission? • Which cloud backup vendor do they use? • Is phishing training required for all employees? 18Mo Policy Term Option Not Available Unable to Compete Unable to Compete Due to Population over 150,000 Due to Nature of Operations AXA XL DeclinedIDue to Nature of Operations This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. © 2021 USI Insurance Services. All rights reserved. . 26 Corvus Declined Due to Size of Citv Coalition AIG _ _ Declined Due to Nature of Operations Declined Due to Concerns with Current Controls in place Ambridge Declined Due to Size of City Ascot Declined Due to Nature of Operations CNA Declined Due to Nature of Operations AWAC Declined Due to Nature of Operations Arch Declined Due to Nature of Operations Crum & Forster Declined Due to Revenue of Municipality CFC Declined Due to Nature of Operations Beazley Declined Due to Nature of Operations Sompo I Declined Due to Nature of Operations This proposal is merely a descriptive summary of coverage provided by the insurance companies being proposed and should be used for reference purposes only; it is not a binder and does not amend or alter the insurance contract. Please refer to the policy contract for specific terms, conditions, limitations, and exclusions. Proposal date: 09/06/2022 Prepared for City of Lubbock Confidential. (D 2021 USI Insurance Services. All rights reserved. W.127