Information Release

Contact: Hugh Strawn
hstrawn@plrb.org
630-724-2230

Date: October 29, 2015

Cybersecurity - "Everyone is Involved"

Daniel Sutherland, Keynote Speaker
PLRB Large Loss Conference
Washington, D. C.

Cyber threats are real and ongoing. Cyber attacks against both public and private sector databases occur hourly; In 2014, 97,000 incidents were reported to the federal government. Defending against those attacks is everyone's responsibility. Those were just the highlights of a dynamic keynote address by Daniel Sutherland, J. D., Associate General Counsel, U.S. Department of Homeland Security, at the General Session of the 2015 PLRB Large Loss Conference.

Daniel Sutherland, J.D.
Associate General Counsel
U.S. Department of Homeland Security

Claims involving cyber losses are increasing, both high-profile large losses such as the Target stores thefts, and smaller losses that never receive much, if any, public notice. At the beginning of his address, Sutherland asked the hundreds of attendees in the General Session how many had received some sort of notification that their personal information might be at risk from a hacking attack. A sea of hands shot up. His point? We are all at risk and all involved in defending against cyber attacks.

His address, "Getting Our Arms Around Cyber Security: Threats, Resources, and Trends" provided the big picture of the offensive plays utilized by the attackers, and the defenses mounted by those being attacked. It opened the 2015 PLRB Large Loss Conference at the Marriott Wardman Park Hotel in Washington, D.C.

General Session Attendees
PLRB Large Loss Conference
Washington, D. C.

Who is Launching the Attacks?

Those on the offensive range from sophisticated foreign governments to organized crime, as well as "some 17 year old in the basement," said Sutherland. Their goals vary from snatching useful intelligence information, such as federal security files, to aid foreign governments, and theft, such as peddling Social Security numbers for $5.00 a piece by thieves, to the thrill of a 17-year old kid breaking into a database. Those attacked include government agencies from the federal to the local level, as well as private sector business and individuals.

What Defenses are There Against Attacks?

Defense strategies have been mounted by the federal government, as well as for-profit companies, noted Sutherland. Their common goal in defending against attacks is to identify and repel those with known strategies that utilize malicious coding and signatures, such as the everyday phishing emails. "The bad guys recycle the same tactics over-and-over," he said, "because they are effective."

The big challenge is defending against the unknown code. A Congressionally-created organization, the National Cybersecurity & Communications Integration Center (NCCIC), is charged with protecting the nation's critical infrastructure from cyber threats. One of its goals is identifying unknown codes, using reputational analytics to identify suspected IP addresses that could be cyber threats. Analysts piece together information on Internet locations where users at these IP addresses have visited and then gradually develop a pattern to help design defenses to deflect their attacks.

The NCCIC then shares with both public and private sector information technology departments about the trends it has identified. "Congress wants this information available to help protect the nation," noted Sutherland. Both the House of Representatives and the Senate have passed bills to provide liability protection for organizations that share cybersecurity information with the NCCIC. The bills will soon go through the reconciliation process, before being sent to the President for signature.

Daniel Sutherland, Keynote Speaker
Associate General Counsel, Department of Homeland Security
Talking with General Session Attendees following Address

Insurance Industry's Defense Role

One of the many private sector elements participating in the joint security efforts of the NCCIC is the insurance industry, which has been working closely with insurance company chief information officers. A repository of data on cyber events has been created and is growing daily. Its purpose is to provide data for actuarial decisions when cyber insurance policies are creates and rates established.

The Property & Liability Resource Bureau is a not-for-profit association of property and casualty insurance companies. It is located in Downers Grove, Illinois.