Someone who acts for another person (the principal) usually for reward. There are four main classes of agent that may be involved in the underwriting of insurance and reinsurance risks by Lloyd’s underwriters: members’ agents, managing agents, brokers and coverholders.
Total (limit of indemnity, premium, retention etc).
Extremely large data sets that can be analysed computationally to reveal patterns, trends, and associations, especially relating to human behaviour and interactions.
A type of digital currency in which encryption techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank.
A blockchain is a public ledger of all Bitcoin transactions that have ever been executed. It is constantly growing as ‘completed’ blocks are added to it with a new set of recordings. The blocks are added to the blockchain in a linear, chronological order.
From the term web log, a type of website, usually in reverse chronological order, maintained by an individual with regular entries.
The services provided by a chosen specialist to assist an insured during a data breach or cyber related crisis and can provide services such as expert forensic, legal, notification and credit monitoring services.
At Lloyd’s, brokers act as the agent of the insured or reinsured to arrange insurance or reinsurance with Lloyd’s syndicates.
Any income realised as a result of business activity.
Type of insurance that covers the loss of income that a business suffers after a disaster. The income loss covered may be due to disaster-related closing of the business facility or due to the rebuilding process after a disaster.
A claim is payable under an insurance or reinsurance contract if it is caused by an insured peril and it is not excluded under the terms of that contract.
Where shared resources are stored and accessed, usually online instead of locally.
Can be defined as the set of resource circulation systems, which enable consumers to both “obtain” and “provide”, temporarily or permanently, valuable resources or services through direct interaction with other consumers or through a mediator.
An act using computers and the Internet to defraud people, companies, or government agencies of money, revenue or internet access
A class of malware designed specifically to automate cybercrime. It is distinguished from adware, spyware and malware because it is designed to perpetuate identity theft in order to illegally access and use another’s online accounts
The communications and decision-making component of an overall Business Continuity Plan (BCP). A thorough Crisis Management Plan facilitates rapid communication to ensure overall safety to both internal and external stakeholders
Crowdfunding is the use of small amounts of capital from a large number of individuals to finance a new business venture
Digital asset designed to work as a medium of exchange using cryptography to secure the transactions and to control the creation of additional units of the currency.
Cyber insurance covers the losses relating to damage to, or loss of information from, IT systems and networks. Policies generally include significant assistance with and management of the incident itself, which can be essential when faced with reputational damage or regulatory enforcement
Third-party coverage for liability arising from the failure of an insured to prevent unauthorized use or access of it its network, transmission of a computer virus to a third party, theft of confidential information, or denial-of-service. In the digital age, all businesses should consider purchasing some form of cyber insurance to protect themselves.
Damage to property caused by a security breach such causing a power station to shut down
Using the internet to commit terrorist acts that cause fear or panic
An attack on the technology used by an individual or organisation, using technical and social engineering techniques to gain unauthorised access to data and systems
Cybercrime is defined as a crime in which a computer is the object of the crime such as hacking, phishing, spamming or is used as a tool to commit an offense. Cybercriminals may use computer technology to access personal information, business trade secrets, or use the internet for exploitive or malicious purposes
Cyberextortion is a crime involving an attack or threat of attack coupled with a demand for money to avert or stop the attack. Cyberextortion can take many forms including denial of service attacks against corporate websites or demanding that money be wired to a bank account
Any incident in the form of a threat or connected series of threats to commit an intentional computer attack against an insured
Machine readable information held, stored or processed on a network
Intentional or unintentional release of confidential information to an untrusted source or environment.
Term for libel and slander and is based around statements that damage the reputation of others.
Action preventing an information system from functioning in accordance with its intended purpose such as flooding a system to prevent it from servicing normal and legitimate requests. Denial of Service attacks make computer resources unavailable to users.
A term used to describe data and programs that exist in a network and come with the right to use.
Conversion of data into a form called ciphertext that cannot be easily understood by unauthorized users. To recover the contents of an encrypted signal, the correct decryption key is required.
Liability insurance that protects professionals from claims of negligence indemnifying them for the cost of defending the claims.
The term coined to describe the intersection between finance and technology. It may refer to technical innovation being applied in a traditional financial services context or it may refer to innovative financial services offerings which disrupt the existing financial services market.
The costs involved to restore re-collect or replace the data including expenses for materials, rented or leased equipment, third party services, additional working time and overhead cost allocations at the affected location(s) associated with restoring and replacing the data.
Is a regulation by which the European Parliament, the European Council and the European Commission intend to strengthen and unify data protection for individuals within the European Union (EU). Potential fines of 4% of global annual turnover, or €20,000,000 if companies fail to comply.
Labour market characterized by the prevalence of short-term contracts or freelance work as opposed to permanent jobs.
Included within GLBA are multiple sections relating to the privacy of financial information. Companies must provide written notice to consumers of their privacy rights and explain the company’s procedures for safeguarding data.
An event, typically lasting several days, in which a large number of people meet to engage in collaborative computer programming.
Persons who use computer skills to trespass, uninvited, into another’s computer system and compromises computer security or gaining unauthorized access to a computer file or system.
The liability that results from a breach of an electronic network
Contract between two parties whereby one party agrees to indemnify the other in the event of a specified peril
An asset that is not physical in nature such as patents, trademarks, copyrights and business plans. Brand recognition and reputation could also be viewed as an intangible asset.
Covers areas such as patent infringement liability, contractual indemnities, pursuit of infringers and loss of IP rights. Businesses that rely on IP to derive value should consider this insurance to defend against or pursue a competitor.
A global computer network providing a variety of information and communication facilities, consisting of interconnected networks using standardized communication protocols.
Refers to networks of objects that communicate with one another and with computers through the Internet. ‘Things’ may include virtually any object for which remote communication, data collection, or control might be useful.
A local or restricted communications network, especially a private network created using World Wide Web software.
Any unauthorized, corrupting, or harmful virus, Trojan Horse, worm, logic bomb or other similar software program, code or script designed to insert itself onto a computer disk or into computer memory and migrate from one computer to another.
Software intended to infiltrate and damage computers (abbreviation of malicious software).
Type of liability insurance designed for a range of media related firms such as publishers and broadcasters. Policies can be written on a named perils basis and cover areas such as defamation, invasion of privacy, infringement and plagiarisim.
The science of manipulating materials on an atomic or molecular scale to build microscopic devices
The hardware and/or software making up a data communications system.
(See Privacy Notification Costs)
The practice of lending money to individuals or businesses through online services that match lenders directly with borrowers.
Merchant service provided by an e-commerce application service provider that authorizes credit card or direct payment processing.
A set of policies and standards for securing credit and debit cards information.
Denoting or relating to networks in which each computer can act as a server for the others, allowing shared access to files and peripherals without the need for a central server.
Any information that can be used to distinguish one person from another and can be used for de-anonymizing anonymous data can be considered PII.
A system mostly used in restaurants and hotels in which a computer replaces a cash register accepting credit and debit card data
The unauthorised access, acquisition or use of PII resulting from a network security breach
Incurred by a company when its computer system is breached by a third party or past, or present employee, personally identifiable information is released to unauthorized persons.
A form of malware in which an unauthorized user inserts a computer virus to encrypt data and then demands money for the decryption key to restore the data.
The data of a natural person including name, social security number, driving license number, credit card number, employment records and/or medical records.
Civil fine or civil monetary penalty imposed in a regulatory proceeding payable by the Insured to the government entity bringing such regulatory proceeding in such entity’s regulatory or official capacity
Insurance coverage for the reduction in business income from the loss of customers caused by a damaged reputation from a network security breach
Online wealth management service that provides automated, algorithm-based portfolio management advice without the use of human financial planners
Software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted
Landmark piece of Internet legislation in the United States which provides immunity from liability for providers and users of an interactive computer service who publish information provided by others
Economic system in which assets or services are shared between private individuals, either free or for a fee, typically by means of the Internet
Posting something false and damaging to someone’s reputation
Computer protocols that facilitate, verify, or enforce the performance of a contract, or that make a contractual clause unnecessary.
Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people into breaking normal security procedures
Online services that bring people together by organizing them around a common interest and providing an interactive environment of photos, user profiles and messaging
Damage to computer programs or other data caused by a network security breach.
An asset that has a physical form such as buildings or land
The failure of the insured to provide the technology services set out to a client or third party resulting in negligence.
Insurance coverage for claims made against an Insured by a party not involved in the insurance contract such as a member of the public
In an insurance policy time retention means the number of hours that must have passed before recovery of business income can be claimed
A program containing additional, hidden code that causes it to launch unauthorized functions, including possible data destruction.
Obtaining evidence of identity by two independent means, eg knowing a password and receiving a pass code via a mobile phone.