This highly interactive session is designed to provide participants with knowledge and understanding of the Data Protection Act and the importance of data protection for insurers and insurance professionals.
This workshop covers cybersecurity that can used by a company and introduces the two basic types of insurance cover that can be used by insurance professionals for the implementation of a more general risk management plan in their sphere of operation.
At the end of the session, participants will be able to:
• Understand key requirements of the Data Protection Act of T&T;
• Understand the importance of data protection for Insurers and others working in the insurance industry
• Understand implications for data breaches
• Understand risk mitigants to deal with data breaches
At the end of this workshop participants understand:
At the end of this workshop participants understand:
Why Cybersecurity Risk Management is important?
The need for a Company/business to create a cybersecurity strategy to protect itself because of increased cyber-attacks.
The motivation for the same. Financial extortion; the thrill of the challenge by hackers
To prevent litigation or minimize the effects of the same
How to Build the right Management Culture.
Investing in awareness training – Training Staff etc.
Stressing the importance of “Cyber Hygiene”- Daily routines and behaviours of security teams or personnel.
Inviting different Perspectives – Collaborating with third party experts
How to assess Cybersecurity Risks.
Performing a Data audit
Vulnerability and Penetration Tests
Guarding against phishing, ransomware and online scams
How to implement a Response Plan.
First Responders: Having a blue team or someone responsible for engaging with the system upon notification or awareness of a Cybersecurity incident. Containment and isolation of threats on systems or networks. Eradication of infected files, folders etc.
Forensics (second responders): Threat hunting for attack vectors etc., checking on your system’s integrity, security and level of data loss. Confirming that your system is ready for your operations to return to normal.
Recovery: Restore your system and network to its state pre-incident operation; informing the police and clients.
Monitoring: Continue to monitor the results of your response plan (this could include the use of specific applications); keeping logs, keeping all stakeholders informed regarding the state of your cybersecurity.
How Business Insurance (Cyber Security Insurance) can help.
Cyber liability insurance policy
The Cost of notifying customers of a data breach
Credit monitoring services
Computer forensic services needed to investigate the attack
Business interruption costs
Ransome in the situations of cyberextortion
Défense costs in civil claims filed against you by affect parties
Tech errors and omissions insurance policy
Covers lawsuits related to professional mistakes
Missed deadlines- not complying to a standard in a timely manner
Data breaches resulting from human errors
The Data Protection Act and You
Sarita Parsad is an Attorney who has been working in the insurance industry for the past fourteen years. She possesses experience handling insurance regulatory matters and all issues pertaining to insurance property and casualty claims. She currently holds the position of Head, Legal & Compliance at Trinidad & Tobago Insurance Limited (TATIL), where she is responsible for all compliance related issues across T&T and Barbados.
Ms. Parsad possesses a Bachelor of Laws Degree (LLB) with honours and a Masters in Law Degree (LLM, Corporate and Commercial Law) from the University of the West Indies, a Master’s Degree in Business Administration (MBA) from Henley School of Business, UK, and an Advanced Diploma (ACII) from the Chartered Insurance Institute in the UK where she is a Member of the Society of Claims Professionals. She is currently enrolled in the Fellowship Program at the Chartered Insurance Institute and actively pursuing an MSc in Insurance and Sustainable Risk Management at Glasgow Caledonian University, UK.
Cyber Security Risk Management for Insurance Professionals
Shiva V. N Parasram is the Executive Director, CISO and Chief Infosec Awareness Officer and Trainer at the Computer Forensics and Security Institute (CFSI) where he spearheads the Purple Team in Vulnerability Assessments, Penetration Testing, Digital Forensics, Threat Intelligence and Advanced Cybersecurity Training. He has been in the Cybersecurity field for over 18 years and holds an MSc. In Network Security (Distinction) from Anglia Ruskin University (UK) along with over 15 other industry relevant certifications and is the only Certified EC-Council Instructor (CEI) in the Caribbean.
He has trained hundreds of persons in various technical certifications including CCNA, CND, CEH, CHFI, ECSA, CTIA, CCISO and other international cybersecurity certification programmes. He is currently partnered with international companies including PTRMS (Canada), Fujitsu (Caribbean) and Pure-ICT Academy (Curacao) and has also authored three books for international publishers, Packt Publishing on Penetration Testing and Digital Forensics. Over the past 5 years, he has also delivered workshops, lectures and keynote speeches regionally and internationally for many large companies, security bodies, universities, law associations and others.