Zurich Insurance Academy: Cyber programs

What you will learn
This course dissects the cyber security insurance policy, providing an in-depth analysis of both first- and third-party coverages, exclusions and conditions that can impact coverage.

Outcome
As a result of this training, you will:

• Understand and analyze first- and third-party cyber exposures and how they are covered in a cyber security insurance policy.
• Identify exclusions and conditions that can impact how a cyber insurance policy may respond under different scenarios.
• Understand why cyber policies from different carriers are difficult to compare.

Course duration
2 hours

Continuing education credit
2 credits

Relevant industries
All: Any company that collects and processes customer data, maintains databases that contain sensitive information critical to competitive survival, and/or conducts internet and/or cloud-based operations needs cyber security insurance. This means nearly every organization is a candidate for this coverage, yet most organizations do not have cyber security insurance or a robust cyber security risk-management plan.

Skill development
Industry knowledge
Selling

Overview
In the midst of the growing frequency and severity of data and privacy breaches around the world, legislators and regulators are stepping up the implementation and enforcement of data security and privacy laws. The approaches can be different based on geography. The European Union has implemented data breach and privacy laws and regulations that cover the entire European Union, while the United States has a wide variety of federal and state cyber security laws and regulations that are not necessarily consistent, and often conflict. Regardless, businesses must comply with data breach and privacy laws and regulations in all of the jurisdictions in which they operate, and this may require different approaches for each region.

Outcomes
As a result of this training you will:

• Learn major cyber security rules and regulations in effect in the U.S. and throughout the world.
• Understand why cyber security legislation impacts business risk management and insurance decision-making.
• Analyze strategies that can help organizations develop a unified, cross-national strategy to cope with multiple privacy laws.

Course duration
2 hours

Continuing education credit
2 credits

Relevant industries
All

Skill development
Industry knowledge
Selling

Overview
The California Consumer Privacy Act (CCPA) of 2018 provides significant and expanded privacy protections to consumers and imposes new requirements on businesses to ensure those protections are properly implemented.

This course reviews the California statute in depth, analyzing the consumer protections incorporated into the law, who must comply, penalties and remedies for non-compliance. The program compares the CCPA with the General Data Protection Regulation (GDPR) implemented by the European Union and explains why compliance with the GDPR will not necessarily be adequate to comply with the CCPA.

Finally, the program explains the linkage between privacy and ethical behavior and why insurance practitioners have an added duty of responsibility to maintain and protect consumer information.

Outcomes
As a result of this training you will:

• Understand the purpose and objectives of the California Consumer Privacy Act (CCPA) of 2018.
• Learn why the CCPA has global implications, given the size and importance of California’s economy and consumer population, and the implications for business.
• Learn how the law broadens privacy protections beyond other privacy laws in the U.S. and around the world.
• Recognize the connection between privacy and ethics and the additional demands and responsibilities imposed on the insurance industry and its practitioners to protect consumer privacy.

Course duration
3 hours

Continuing education credit
3 credits (Note: this course is eligible for California ethics credit)

Relevant industries
All

Skill development
Industry knowledge
Selling

Overview

Privacy is an ethical matter: We as a society are required to make judgments as to what degree of privacy people are entitled without compromising the collective needs of society at large. A stark example of this involves the pandemic. Some countries, like South Korea, have extensive contact tracing programs that track the health status of individuals and then broadcast that information broadly in order to more effectively identify and isolate individuals who may be infected. Such a program may be acceptable in other countries. It would be difficult to accomplish acceptance and buy-in in the United States, where privacy protections are more fiercely guarded.

The insurance industry collects more confidential personal and business data than any other industry, so industry practitioners need to be more sensitive to and protective of reasonable privacy concerns. At the same time, we must be able to effectively communicate the importance of, validity of, and justification for the information we collect.

Outcomes
As a result of this training you will:

• Learn the definition of privacy and the differences between privacy and confidentiality.
• Analyze and reconcile the differences between individual privacy needs and the need for societies at large to access information needed for the good of the group.
• Develop strategies for explaining how information shared by insureds can be used to improve insurance coverages and how such information is protected.

Course duration
2 hours

Continuing education credit
2 credits

Relevant industries
All

Skill development
Industry knowledge
Selling

Overview

This course reviews the scope and extent of the cyber security threat, and the types of exposures an organization can face. Businesses that sell products or services online, process transactions, advertise through digital media, ship/distribute their goods using a tracking system are all susceptible to cyber threats. In addition to identifying typical cyber threats faced by most companies using an online platform, the course also explains how cyber insurance addresses most of these cyber loss exposures. The course also emphasizes the importance of a company using a broad range of non-insurance risk management strategies to also address these exposures. 

Outcomes
As a result of this training you will:

• Recognize and understand how cyber security threats have evolved and become more sophisticated over time.
• Analyze the major coverage provisions in cyber security insurance, including coverage for first- and third-party risks.
• Understand the importance of a comprehensive, coordinated cyber security risk management program, and the capabilities and limitations of cyber insurance in such a program.

Course duration
1 hour

Continuing education credit
1 credit

Relevant industries
All

Skill development
Industry knowledge
Sales skills

Overview
Many industries are subject to cyclical conditions, which can favor the industry in “up” markets and penalize it in “down” markets.

The property-casualty industry is similar, and its ups and downs are referred to as soft and hard market conditions, respectively. This course explains how insurance market cycles work, and the characteristics of each. We explain how distributors can help businesses best manage the hard market and employ tools that may enable the insured to secure coverage on more favorable terms and conditions.

Outcomes
As a result of this training you will:

• Understand the impact and influence of general economic trends and developments on conditions in the insurance market.
• Identify characteristics of, and factors that cause, a soft or hard market.
• Learn strategies distributors can use to help their customers and their own agencies survive and prosper even in the most difficult hard market conditions.

Course duration
2 hours

Continuing education credit
2 credits

Relevant industries
All

Skill development
Industry knowledge
Selling

Overview
In this program, we review and analyze trends and developments that are increasing and/or changing the nature of cyber security threats, as well as the importance of developing and updating a comprehensive cyber security risk management program.

Outcomes
As a result of this training you will:

• Understand and be able to explain recent trends in cyber security threats and data breaches.
• Identify meaningful criteria for comparing cyber security coverages across carriers.
• Learn why effective cyber security requires a coordinated, integrated risk management program, combining both insurance and non-insurance strategies.
• Realize why stand-alone cyber insurance coverage may be the most effective insurance solution for this loss exposure, minimizing the potential for gaps and/or deficiencies in coverage.

Course duration
2 hours

Continuing education credit
2 credits

Relevant industries
All

Skill development
Industry knowledge
Selling

Overview
Cyber security continues to be considered a Top 10 risk to organizations of all sizes, according to a recent World Economic Forum survey of North American business leaders. Preventing such threats from doing catastrophic harm to a business requires a comprehensive risk management program, which includes cyber insurance.

The cyber insurance underwriting process is often challenging for distributor and customer alike, as most property and casualty coverages address tangible loss exposures. Cyber security involves protection of intangible assets, like customer data and other confidential personal and corporate information. In addition, cyber underwriters closely analyze an applicant’s existing cyber security management and infrastructure. This training helps demystify the cyber insurance underwriting process and can help the distributor provide supporting information and documentation that can favorably impact the quality and cost of coverage.

Outcome
As a result of this training, you will:

• Understand the cyber insurance underwriting process, including information about the applicant’s cyber security policies and protocols.
• Manage the underwriting process to help secure the most favorable coverage at the best possible rate.
• Recognize impediments to effective cyber insurance underwriting that a business may deliberately or inadvertently engage in.
• Learn how to use the National Institute of Standards and Technology (NIST) Framework to facilitate the cyber security underwriting process and achieve optimal outcomes for clients: maximum policy limits and broadest possible coverage terms for the lowest possible price.

Course duration
2 hours

Continuing education credit
2 credits

Relevant industries
All

Skill development
Industry knowledge
Selling