Form All

CYBER (AND OPTIONAL TECHNOLOGY ERRORS & OMISSIONS) POLICY APPLICATION (1)

General Information

Please list all website addresses including web and email domains

TURNOVER SPLIT BY STATE / TERRITORY

GST REGISTERED?

Loss History

During the past three years, did the Named Insured experience a cyber incident, claim or loss, whether insured or not, which could have been covered under a policy similar to the proposed insurance, this includes but is not limited to any:
  • i. actual or reasonably suspected data breach or security failure, including notifying consumers or third parties of a data breach or security failure;

  • ii. claims or complaints with respect to privacy injury, breach of information or network security, unauthorised disclosure of information, defamation, or content infringement;

  • iii. government action, investigation, or subpoena regarding any alleged violation of a privacy law or regulation; or

  • iv. actual or attempted extortion demand with respect to (insured’s) data or computer systems. If yes, please explain the cyber incidents and/or claims.
Does the Named Insured have knowledge or information regarding any fact, circumstance, situation, or event that could reasonably give rise to a claim or loss under the proposed insurance?
If the Named Insured has knowledge or information regarding any fact, circumstance, situation, or event that may give rise to a claim or loss under the proposed insurance policy, any claim or loss arising therefrom is excluded from the coverage.

Security Controls

Does the Named Insured implement encryption on laptop computers, desktop computers, and other portable media devices?
Does the Named Insured collect, process, store, transmit, or have access to any Payment Card Information (PCI) or Personally Identifiable Information (PII), other than employees of the Named Insured?
If yes, what is the estimated annual volume of payment card transactions (credit cards, debit cards, etc.)?
If yes, how many PII records does the Named Insured collect, process, store, transmit, or have access to?
Does the Named Insured maintain at least weekly backups of all sensitive or otherwise critical data and all critical business systems offline or on a separate network?

For which of the following services does the Named Insured enforce Multi-Factor Authentication (MFA)?

Email
Virtual Private Network (VPN
Remote Desktop Protocol (RDP), RDWeb, RD Gateway, or other remote access
Network / cloud administration or other privileged user accounts

Does the Named Insured require a secondary means of communication to validate the authenticity of:

Funds transfer requests before processing a request in excess of $5,000?
Any request to change banking details?
Within the last 3 years has the Named Insured been subject to any complaints concerning the content of its website, advertising materials, social media, or other publications?
Does the Named Insured enforce procedures to remove content (including third party content) that may infringe or violate any intellectual property or privacy right?

Useful Links

Products

Offering a wide range of General Insurance products and Risk Management solutions to clients.
REQUEST A QUOTE