• Admitted Cyber insurance product

• Structure and wording designed specifically for BCBS Plans• Cover available for Dependent BI, System Failure, Technology E&O

• Up to $125m capacity • Dedicated Primary limit up to $75m• Shared Umbrella layer of $50m (with 3 reinstatements)

• Reinsurance capacity provided by various Lloyd’s and international markets

• Claims agreement from just 2 reinsurers

What is CyberBlue?

Plan 1 Plan 2 Plan 3 Plan 4 Plan 5 Plan 6 Plan 7 Plan 8 Plan 9 Plan 10 Plan 11 Plan 12 Plan 13

$50m xs of primary layer with 3 reinstatements @ 100% of original premium

Umbrella / Excess

Primary $20m minimum

$20m $20m

$50m$50m

$40m$50m

$40m $30m$50m $50m

$20m$30m

$40m

1st Reinstatement

2nd Reinstatement

3rd Reinstatement

What is CyberBlue?

Most Important Business Risks in 2018Allianz Risk Barometer

Cyber 1st Most Concerning RisküUK – 60%üUSA – 45%üAustria – 70%üBelgium – 43%üNetherlands – 54% üBrazil – 38%üAustralia – 49%üIndia – 41%üIndonesia – 40%üSingapore – 42%üSouth Africa – 38%

Cyber 2nd Most Concerning RisküFrance – 46%üGermany – 51%üItaly – 38%üCanada – 34%üChina – 31%üHong Kong – 32%üJapan – 42%üSouth Korea – 39%üMorocco – 36%

01

02

03

04

05

Historicalü Privacy Breachü Cyber Crime & Fraudü Data and Software Lossü Extortion

Historical coverages continue to beenhanced with service panels tomitigate losses and improve cyberrisk management.

Currentü Cyber Physical Damageü Physical BI with Cyber Peril triggerü Reputational Harm

Coverage continues to expand to other lines ofbusiness with a cyber peril trigger. Increasingconcern surrounding Non-Affirmative cyberdriving growth in this area as the affirmationprocess happens. Expansion to cover otherintangible assets such as Rep Harm.

Long termü Other Intangible Assets

Intangible Assets account for morethan 85% of S&P 500 companies.As the importance of Intangibleassets continues to grow forcompanies balance sheets,insurance will need to evolve toprotect these assets.

Recentü Business Interruption/CBIü Network Failure

In recent years coverage hasexpanded to focus on BI/CBI asdemand increases, risk modellingmatures and losses materialize in thisarea.

Near termü IP Theft

Innovation by leading carriers tostay at the forefront of the marketand address gaps in coverage. IPTheft Insurance is a naturalcoverage for future Cyber policies.

Short and Long Term Horizon

Development of Cyber Insurance Coverages

Development of Industry Risk Understanding and Modelling

Maturity

6

Fines: Quantum & Coverage

Name Date Amount ($m)

Target Nov 2013 $300m Gross ExpensesHome Depot Sep 2014 $298m Gross Expenses

Anthem Feb 2015 $148m Gross Expenses$115m Security Improvements$16m HIPAA Settlement

Yahoo Sep 2016 $350m Reduced Acquisition Price$85m Customer Class Action$35m SEC Fine$80m Securities Class Action$29m Shareholder Derivative

£0.25m ICO Fine (DPA 1998)Uber Nov 2016 $148m U.S. Attorney General Settlement

€0.4m French CNIL Fine€0.6m Dutch DPA Fine

£0.385m ICO Fine (DPA 1998)Equifax May 2017 $430m Gross Expenses to Date

$514m Total Estimated Gross Expenses£0.5m ICO Fine (DPA 1998)

Facebook Sep 2018 £0.5m ICO Fine (DPA 1998)British Airways Sep 2018 £183.0m ICO Fine (1.6% of Revenue)

Marriott Nov 2018 $250m *Estimated Insurance Loss TD£100m ICO Fine (0.6% of Global Revenue)

*Data as of July 2019

Decription

Moral Hazard

Punitive

Nature

Stimulates Growth

The ICO has not yet specified if insurance coverage is ruled out on itsfines, meaning incidents are generally being treated on a case by casebasis. A spokesperson for the ICO said last year that there was“nothing in the GDPR which either permits or prohibits insurancecoverage for regulatory fines.”

9