Cyber Liability Online Application

Personal Information

First Name(Required)

Last Name(Required)

Number of Owners(Required)

Name(s) of Company Owner(s), with % ownership(Required)

Description of Operations:(Required)

Formal Name of Business(Required)

Is your company a franchise?(Required)

If yes, provide full legal name of franchisor:

Business Type(Required)

Year Established(Required)

Street(Required)

City(Required)

State(Required)

ZIP / Postal Code(Required)

Primary Phone Number(Required)

E-Mail Address(Required)

Website Address:(Required)

RISK BACKGROUND

Has any entity proposed for insurance closed, sold, merged with or acquired any company in the past 12 months or anticipates doing so in the next 12 months?(Required)

Do you perform services in the State of New York?(Required)

If “Yes,” what percentage is performed in the five (5) boroughs and what percent in the rest of New York?

Please list all States in which you operate.(Required)

Estimated Annual Gross Revenue(Required)

Prior 12 months annual gross revenue(Required)

Number of full-time employees(Required)

Number of part-time employees(Required)

Number of temporary/ seasonal employees(Required)

Number of independent contractors (Required)

DATA AND RECORDS INFORMATION

Estimated number of individual client records whose information (credit card, soc sec #, etc.) is stored transmitted or collected by your company or any third party service provider on behalf of your client.(Required)

Estimated number of foreign individuals whose personal information is stored, transmitted, or collected.(Required)

Type(s) of personally identifiable information collected, transmitted, or stored'(Required)

Hold down the Ctrl Key to make multiple selections.

# of records collected or transmitted each year: Social security # or individual taxpayer identification #s(Required)

Maximum number of records stored at any one time: Social security # or individual taxpayer identification #s(Required)

# of records collected or transmitted each year: Financial account record (e.g. bank accounts)(Required)

Maximum number of records stored at any one time: Financial account record (e.g. bank accounts)(Required)

# of records collected or transmitted each year: Payment card data (e.g. credit or debit cards)(Required)

Maximum number of records stored at any one time: Payment card data (e.g. credit or debit cards)(Required)

# of records collected or transmitted each year: Driver’s license # passport # or other State or Federal ID#(Required)

Maximum number of records stored at any one time: Driver’s license # passport # or other State or Federal ID #(Required)

# of records collected or transmitted each year: Protected health information (e.g. medical records)(Required)

Maximum number of records stored at any one time: Protected health information (e.g. medical records)(Required)

# of records collected or transmitted each year: Username/email address, in combination with password or security question(Required)

Maximum number of records stored at any one time: Username/email address, in combination with password or security question(Required)

# of records collected or transmitted each year: Other – Please provide details

Additional Comments

Maximum number of records stored at any one time: Other – Please provide details

Additional Comments

CURRENT CYBER LIABILITY/DATA BREACH POLICY INFO

Do you currently have a cyber liability/data breach insurance policy?(Required)

Current Insurance Provider(Required)

Current Limits(Required)

Current Deductible(Required)

Current Premium(Required)

CLAIM ACTIVITY

In the last five years, has the applicant had a data breach resulting in the misappropriation or public disclosure of personal Information?(Required)

In the last five years, has the applicant had any claim, suit, inquiry, complaint, notice of charge, notice of hearing, regulatory action, governmental action or administrative action related to the coverage applied for?(Required)

WEBSITE MEDIA LIABILITY

Does the applicant have a website or utilize a social media platform?(Required)

If “Yes,” please answer the following regarding the content used online:

Does the applicant review material that is posted or utilized online?(Required)

Does the applicant obtain written releases from all images used(Required)

Does the website have a privacy policy?(Required)

Information/Network Security Risk Management

Select all the controls your company utilizies:(Required)

Hold down the Ctrl Key to make multiple selections.

Does the applicant proactively address system vulnerabilities, including regular updates to anti-virus/ malware protection and critical security patches?(Required)

Has the applicant had a vulnerability assessment, penetration test, or other network security assessment performed in the last 12 months?(Required)

Does the applicant have a data retention and destruction plan in place that includes both electronic and physical data? (Required)

Information/Network Security Policy

Does the applicant have a written physical and network security policy in place?(Required)

Do all employees receive training on the privacy policy at least annually?(Required)

Does the applicant have a designated individual responsible for the management of, and compliance with the applicant’s security policies?(Required)

If “Yes,” what is the name and title of this individual?

Breach Response/Disaster Recovery/Business Continuity Planning

Does the applicant have a written data breach response plan in place?(Required)

Does the applicant back up all valuable/sensitive data, including personal information* of others, on a daily basis?(Required)

If not daily, how often?(Required)

Does the applicant have a disaster recovery and business continuity plan in place that is designed to avoid business interruption due to IT systems failure?(Required)

If 'yes' Is this plan regularly tested and updated?

If 'yes', how many hours does it take the applicant to fully restore their systems?

Encryption

Does the applicant encrypt personal information in the following scenarios?(Required)

Hold down the Ctrl Key to make multiple selections.

Physical Security

Does the applicant have physical security in place to restrict access to computer systems or paper records that contain sensitive information?(Required)

Vendor Controls

Are business associate agreements in place for all third parties?(Required)

Has applicant confirmed payment processor and any third party assisting with payment cards is compliant with Payment Card Industry Data Security Standards? (PCIDSS)(Required)

Have you entered into a written contract or agreement with a service provider or utilize a third party that holds, transmits, or stores personal information* on your behalf?(Required)

If 'yes' provide the Service Provider Name, Services Provided, Type of Personal Information stored and # of records stored

Employee Controls

Does the applicant conduct background checks on all employees?(Required)

Does the applicant restrict employee access to Personally Identifiable Information on a business “need-to-know” basis?(Required)

Is remote access to the network permitted only if through Virtual Private Network (VPN) or equivalent system?(Required)

Does applicant terminate all associated computer access and user accounts as part of the regular exit process when an employee leaves the company?(Required)

Do you track and monitor all access to network resources?(Required)

Additional Comments

Cyber Liability Online Application

Personal Information

RISK BACKGROUND

DATA AND RECORDS INFORMATION

CURRENT CYBER LIABILITY/DATA BREACH POLICY INFO

CLAIM ACTIVITY

WEBSITE MEDIA LIABILITY

If “Yes,” please answer the following regarding the content used online:

Information/Network Security Risk Management

Information/Network Security Policy

Breach Response/Disaster Recovery/Business Continuity Planning

Encryption

Physical Security

Vendor Controls

Employee Controls

Get a Quote