Chapter 9

Question 1

Define cyber risk

Answer 1

Is any risk of financial loss, disruption of business, or damage to an organizations reputation due to the failure of its information technology system

Question 2

Explain Denial of service (DoS) attack

Answer 2

Perpetrated internally or externally to disable an organizations network and e-commerce services
DDoS attacks when multiple compromised systems flood the bandwidth or resource of targeted system

Question 3

Explain social engineering attack

Answer 3

A set of techniques that cyber criminals use to induce the targeted custom to take an action
Includes: phishing, business email compromise, and URL hijacking

Question 4

Explain virus

Answer 4

a computer program that can copy itself or corrupt files on a targeted computer without the users permission or knowledge

Question 5

Explain Trojan horse

Answer 5

A legitimate program into which an unauthorized code is inserted, causing it to change its functions to the legitimate user or system owners

Question 6

Explain worm

Answer 6

A self-replicating computer program that uses a network to send copies of itself to other computer terminals on a network

Question 7

Explain theft of intellectual property

Answer 7

Can include copyright infringement, piracy of software, and theft of digital intellectual property
Includes corporate espionage

Question 8

Explain intrusion offences

Answer 8

Relate to unauthorized access to computer systems
Threat actors often execute ransomeware have system access

Question 9

Explain attacks to critical infrastructure

Answer 9

Threaten the basic structural foundations of this media
Attacks to critical computer infrastructure threaten the economy, public safety, public health, and the national security of a country

Question 10

Explain extortion

Answer 10

Use ransomeware to illegally access encrypt, and/or copy files and threaten to expose the files publicly, sell the data on the dark web, or otherwise make available the data if a ransom is not paid

Question 11

Explain web defacement

Answer 11

Refers to malicious altering of a webpage by intruders by inserting or substituting provocative and offending data

Question 12

Explain remote hacking

Answer 12

Software vulnerabilities in autonomous vehicles or drones are exploited to gain control of the vehicle or drone

Question 13

Explain deepfake attacks

Answer 13

Synthetic media that includes fake images, audio recordings, and videos by leveraging generative artificial intelligence

Question 14

Explain multi-vector threats

Answer 14

A combination of various attacks in a single attack campaign

Question 15

Explain bot scam

Answer 15

Viruses that take over large numbers of computers

Question 16

What are the exposures arising from cyber crime?

Answer 16

Loss of reputation-additional costs with trying to restore reputation via communication
Contingency business interruption- occurs as a result of a cybercrime that will affect the company’s ability to operate
Financial fraud-transactions can be compromised, or fradster might steal funds from active account
Theft of customer data
Identity theft- for both customers and employees

Question 17

Define cyber crime

Answer 17

Any crime where a cyber element (that is, the internet and information technologies such as computers, tablets, or smart phones) has a substantial role in the commission of a criminal offences

Question 18

What amendments have been made to the criminal code in regards to cybercrime?

Answer 18

The following actives are illegal:
Use a computer without authorization
Make a mischief in relation to data
Possess a device to obtain telecommunication facility or service without authorization
Steal telecommunication service

Question 19

What are ways to maintain and update technology resources in regard to cybercrime?

Answer 19

Install and maintain anti-virus software
Install and enable firewalls
Install software patches as they are made available
Use anti-spyware tools
Use outside technical expertise when required
Disable access to the network after employees are terminated

Question 20

What are ways to maintain vigilance on the network in regard to cybercrime?

Answer 20

Practice regular diagnostic testing and monitoring
Analyze operations to identify areas vulnerable
Remove unused software
Remove unused user accounts
Conduct reference checks on employees
Monitor employee online activity
Deal with internal and external sources
Implement a forensic response plan
Develop business continuity plans

Question 21

What are ways to insitiute employee protocols in regard to cybercrime?

Answer 21

Train all employees
Use a third party cybersecurity vendor
Document and implement policies and procedures
Implement password system
Use caution with email attachments
Limit access to information
Have users lock their computers
Restrict to whom employees send “out of office”
Limit or restrict use of hot spots as well as others
Do not allow downloads
Prepare a user agreement for computers; require employees to sign it

Question 22

Prior to granting cyber coverage underwriters want to verify what?

Answer 22

Established technology protocols
Employee user-agreement contracts that specify non-abuse of company data
The implementation and enforcement of IT security
A robust data recovery plan that is regularly backed up

Question 23

Define epidemic

Answer 23

An above-average but limited incidence of an infectious disease such as influenza, cholera, and severe acute respiratory syndrome.
Any disorder in which infectious viruses or bacteria are easily transmitted can cause an epidemic

Question 24

Define endemic

Answer 24

To the presence of an infectious disease in a certain region at all times for a significant percentage of the population
Example: Malaria

Question 25

Define pandemic

Answer 25

The spread of a highly infectious disease over a wide geographical area, such as a large part of a continent

Question 26

Explain blockchain

Answer 26

A technology platform that enables distributed leader technology (DLT) Contains transactions that record and track the transfer of assets between two or more parties These assets can be anything of value

Question 27

What are the advantages and disadvantages of blockchain?

Answer 27

Advantages: a record is encrypted (time and date stamped) links previous block, distributed ledger eliminates the need for multiple databases and errors that may arise, continually synced through a protocol referred to as a consensus Disadvantages: hacker would have to change all subsequent blocks, functions,my may not be as good as typical databases

Question 28

Is blockchains public or private?

Answer 28

Can be both public or private Public blockchains are open to everyone (example Bitcoin) Private blocks is a permissioned network, deciding who is allowed to participating, to what extent, and what transactions will be allowed on the ledger

Question 29

What are the insurance uses for blockchain?

Answer 29

-Establishing customer identity- once customer identity is submitted to the blockchain it can be validated by comparing to a trusted databases -Underwritng and claims processes- used to centralize data about risks, helping insurer and underwriters with risk modelling risk assessment; claims process can be be transparent, faster, and requires no effort or involvement on the part of the insured to initiate the claim -Insurance fraud- identifying falsified injury or damage reports -Reinsurance-help speed placement and settlement -Micro insurance- help collect identity data about someone from smartphones along with things like a verifiable employment identity -Parametric Insurance- based in a risk event occurring or when certain index thresholds are exceeded -Real-Time Insurance- coverage that changes as real- time conditions change

Question 30

What are the physical risks with climate change?

Answer 30

Higher temperatures, more severe weather events, and an increase in natural catastrophes Every frequency and severity increases, the financial toll from damages impacts all Climate Proof of Canada and the Insurance Bureau of Canada are organizations that have pressured the Canadian government to support community resilience and establish public backstops for loss or damage caused by climate-related physical risks

Question 31

How does AI and Generative AI play into insurance?

Answer 31

Advanced Risk Assessment- can analyze vast datasets, incorporates real-time information, and consider complex variables that human analysts at overlook Streamlined claims process- faster, more efficient, and less susceptible to errors Enhanced fraud detection- can detect patterns and anomalies, helps in fraud prevention

Question 32

What coverage is provided for Cannabis risks?

Answer 32

Product recall insurance- indemnifies the insured for the cost of recalling products known or suspected to be defective Errors and Omissions (E&O) Insurance- protects the insured against liability for committing an error or omissions in the performance of professional duties Directors and Officers(D&O)- protection for officers and directors of a corporation against damages resulting from negligence or wrongful acts in the course of duties

Question 33

Explain Forever Chemicals

Answer 33

Per- and polyfluoralkyl substances are a class of 4,700 synthetic chemicals that have strong carbon-fluorine structures that ar dry chemically stable and do not degrade Became popular for their resistance to oil, water, and heat and they began to be used in manufacture coating for food packaging, cookware, adhesives, activewear, and firefighter foam

Question 34

What coverage is available PFAS (Forever Chemicals)?

Answer 34

Environmental impairment Lia usury insurance covers liability and sometimes cleanup costs associated with pollution