The National Bank of Blacksburg v. Everest National Insurance Company
Stakeholder Press Conference Exercise
Purpose: This exercise is designed to give you practical experience in handling real-life threats for their organization. Through this exercise, you will better understand how the types of events described in class are applied, take a shot at forming policy solutions, and sharpen your communication skills.
Deliverables: Prepare a sample press packet. This press packet should include the following items:
Press Release (1 page)
Short technical background sheet (1-2 pages)
• This section should describe in more detail the technical issues of the problem at hand. It may also include pictures and diagrams.
Frequently Asked Questions (1 page)
• This section should anticipate questions other stakeholders or the media would ask in response to the problem and should provide your organization’s answers.
Read the material found via the links below. Additional research on stakeholder positions is strongly suggested as well. You may use any resource you deem necessary to prepare your statement, press kit, and for Q&A.
There are two important stakeholder roles in this cybersecurity crisis situation. You may choose to take on one of two different roles:
• National Bank of Blacksburg
• Everest National Insurance Company
Scenario: A cyber insurance policy, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is designed to help an organization mitigate risk exposure by offsetting costs involved with recovery after a cyber-related security breach or similar event.
Hackers stole over $2.4 million from the National Bank of Blacksburg in two separate cyber intrusions that were carried out using phishing email, in a span of eight-month period. The Virginia bank requested for a full recovery from its insurance provider, Everest National Insurance. Everest denied coverage under the Crime Rider. Everest accepted coverage under the Debit Card Rider but claimed that the first and second hack were a single event, and thus, total coverage was only $50,000.
June 28, 2018, the National Bank filed a lawsuit against the Everest National. According to the lawsuit the bank said that it had a policy with the insurance company which provided insurance to computers & electronic devices in the event of any cybercrime. The policy also covered insurance for the losses which were directly incurred by the stolen or altered debit card or counterfeit cards.
Your assignment is to explore this incident further, using your research to present it from the perspective of your stakeholder. Your goal is to publish a press release which explains the controversy and your organization’s future plans or suggested policy changes in response to it.
Sources and Additional Reading:
1. Hackers Stole $2.4M From Virginia Bank and Insurer Denies Coverage
2. Cybercriminals hacked the National Bank of Blacksburg twice in 8 months
3. Hackers Steal $2.4 Million From Bank, Lawsuit Filed Against Insure
4. Russian hackers blamed for $2.4 million cyber-heist at National Bank of Blacksburg
5. Avoiding The Most Common Cyber Insurance Claim Denials
6. Courts’ Approach To Cyber Insurance Continues to Evolve