Agenda Item
ii. Renewal of the District’s Excess Cyber Risk Insurance Policy (Not to exceed $143,884)
Summary: Presented by: Byron Schueneman, Chief Financial Officer, Division of Finance
Request: It is requested that the Board of Education approve the renewal of the District’s Excess Cyber Risk Insurance Policy with Liberty Surplus Insurance Corporation (“Liberty”) for an annual premium cost not to exceed $143,884. This cost is an early indication of the renewal quotation as, although not anticipated, the final quotation from Liberty may exceed this figure.
Why: The DeKalb County School District (“District”) currently has an Excess Cyber Insurance Policy with Liberty. The coverage was purchased earlier this year in February. The short-term policy will expire on July 1, 2024. Therefore, the District must select an insurance carrier to renew this coverage for the fiscal year 2025.
After conducting research, the additional excess insurance coverage is recommended due to continuing attempts by hackers to infiltrate computer networks of state, county, and local governmental entities. Educational entities have also been targets for cyber-attacks. Since there is a high potential for loss in this area that could impact the District’s financial position, excess insurance coverage is recommended.
Details: This item requests that the Board of Education approve the renewal of the District’s Excess Cyber Liability Insurance Policy with Liberty. The Alliant Property Insurance Program (“APIP”), currently provides the underlying coverage for the District’s cyber liability. Liberty has insured the District’s Cyber Liability exposure since early 2024 when coverage was purchased to enhance the existing coverage provided as part of the District’s insurance through APIP.
Financial impact: This is a budgeted expense within the Risk Management budget. The cost code is 100.2600.552000.00011.7490.9990.8010.050.7498.
Contact: Mr. Bryon Schueneman, Chief Financial Officer, Division of Finance, 678.676.0270
Mr. Glinton R. Darien, Jr., Director of Risk Management, Division of Finance, 678.676.0403
Status: Approved by General Counsel
DEKALB COUNTY SCHOOL DISTRICT
Excess Cyber Risk Insurance Renewal
Indication
July 1, 2024 to July 1, 2025
May 9, 2024
Prepared by:
LaToya Cotton- Robinson, Account Executive
Brittany Palmquist, Account Manager
1
�ACCOUNT SERVICE TEAM
ACCOUNT EXECUTIVE, PRINCIPAL LATOYA COTTON- ROBINSON, CRM, CIC, CISR
DIRECT DIAL 678.205.5949
E-MAIL – LATOYA.COTTON@EPICBROKERS.COM
ACCOUNT MANAGER BRITTANY PALMQUIST, CISR
DIRECT DIAL 678.957.2526
E-MAIL – BRITTANY.PALMQUIST@EPICBROKERS.COM
VICE PRESIDENT, CLAIMS MANAGER CHANTELLE PATTERSON
DIRECT DIAL 678.475.5706
DIRECT FAX 678.475.3858
E-MAIL - CHANTELLE.PATTERSON@EPICBROKERS.COM
RISK CONTROL MICHAEL NISCHAN, CDS, CCSP
SERVICE REPRESENTATIVES DIRECT DIAL 678.475.5720
MOBILE 678.938.2012
DIRECT FAX 678.475.3852
E-MAIL – MICHAEL.NISCHAN@EPICBROKERS.COM
MIKE FOLMER
DIRECT DIAL 678.242.1377
MOBILE 678.215.8024
E-MAIL – MIKE.FOLMER@EPICBROKERS.COM
2
�EXECUTIVE SUMMARY
Edgewood Partners Insurance Center (EPIC) is pleased to represent DeKalb County School District (DCSD) in its risk management and
insurance programs. EPIC is committed to providing you with quality products and services that exceed your expectations.
Accordingly, our purpose is to assist every employee and to act on your behalf with others in protecting the human and physical
assets of DeKalb County School District and its ability to deliver education and other critical services. Like DeKalb County School
District, EPIC measures success by how well we meet the needs of our Clients. Therefore, your input is critical in shaping the quality
of services we bring to you.
Today, we are presenting DCSD with an early indication of the July 1, 2024 to July 1, 2025 Excess Cyber Liability Insurance Renewal
Pricing. We expect to receive the final quotation between the last week of May and the first week of June. Upon receipt we will
remit the proposal expeditiously.
The APIP program currently provides coverage for the District’s Cyber Liability (Underlying) coverage. Cyber insurance
continues to become more competitive, challenging incumbents and rewarding insureds that have increased their security
posture with multifactor authentication (MFA), endpoint detection and response (EDR), and segregated backups. With that
said, we have seen an increase in threat actors, particularly those that take advantage of business email compromise and
ransomware. We’ve also seen an increased number of attacks based on either a group trying to further their own social
agenda or a group trying to fight the agenda of a policy or group they don’t agree with.
Despite an overall decline in incidents, fraudulent instruction events are on the rise, according to the report. The data shows
fraudulent instruction as a cause of loss is up from 2021 in nearly every industry sector, except education. Meanwhile, system
infiltration as a cause of loss declined for all industries other than health care.
The next six to 12 months will be critical. We expect soft market conditions in the interim, but for classes such as Healthcare,
Education, Payment Processing, Casinos/Gaming and Public Entities, market conditions may deteriorate swiftly.
Despite the improvement in controls overall, threat actors are continuing to find more innovative techniques to get around
them. We approached some markets with the Cyber Liability application completed by the District. Due to the application
being incomplete as well as the need for additional information, they were unable to provide a quotation within the District’s
tight proposal need by date. With expected increases of 50% -100% for Cyber Liability, we do not deem separating all three
coverages in the marketplace i.e. Cyber Liability, Property, and Automobile Physical Damage will garner any premium savings
to the District.
Below is a synopsis of the marketing effort. Due to the current market conditions as well the competitiveness of the APIP
packaged policy, the results would not significantly differ.
Carrier Response
Liberty Surplus Insurance Corporation Quoted.
(Incumbent)
AXA/ XL Not Competitive. Would require at least a $750K SIR.
Zurich Declined. Not within their appetite
Resilience Declined. Requires fully completed Cyber application as well as
additional time to underwrite.
Travelers Declined. Not within their appetite.
Coalition Not Competitive. Would require at least a $500K SIR.
3
�EXECUTIVE SUMMARY
We look forward to presenting this Renewal Indication to you. Thank you for allowing EPIC Insurance Brokers & Consultants to
serve as an extension of your Risk Management Department. We appreciate your continued support. We’re confident that
this renewal will continue to provide you with excellent value, which we define as the combination of an extremely broad
coverage form, competitive rates and outstanding service.
Should you have questions or concerns, please feel free to contact us.
4
�EXCESS CYBER LIABILITY
COMPANY: Liberty Surplus Insurance Corporation POLICY TERM 07/01/2024 to 07/01/2025
POLICY #: TBD PREMIUM: $138,000 Pure Premium
$ 350 Wholesale Broker Fee
$5,534 Surplus Lines Tax (4%)
$143,884 Total Premium
Retroactive Date: Follows APIP Cyber Underlying Policy
Coverage Form: Follow Form- Claims Made & Reported
Coverage & Limits: $2,000,000 Each Member Aggregate
$2, 000,000 Policy Aggregate
Underlying Layer Insurer Limits Retention Policy Period
Insurance
Primary Beazley $2,000,000 Follows APIP Cyber 07/01/2024 to 07/01/2025
Sub- Limits (Per Member and Policy Aggregate Dedicated Limits In Excess of APIP Core
Breach Response/ Notification Expense Costs $500,000 (Non- Beazley Vendors)
$1,000,000 (Beazley Vendors)
Business Interruption resulting from a System Failure $500,000
Dependent Business Interruption resulting from a Security Breach $750,000
Cyber Extortion Loss $750,000
Data Recovery Loss $750,000
Business Interruption resulting from a Security Breach $750,000
Dependent Business Interruption resulting from a System Failure $100,000
Fraudulent Instruction $75,000
Funds Transfer Fraud $75,000
Telephone Fraud $75,000
Computer Hardware Replacement (Bricking) $200,000
5
�EXCESS CYBER LIABILITY
Sub- Limits (Per Member and Policy Aggregate Dedicated Limits In Excess of APIP Core
Invoice Manipulation $100,000
Reputation Loss $200,000
Claims Preparation Cots For Reputation Loss Claims Only NIL
Criminal Reward NIL
Cryptojacking NIL
Group 1 Sub-limits subject to Qualifiers:
• Breach Response Costs
• Business Interruption System Failure
• Business Interruption Security Breach
• DBI System Failure
• DBI Security Breach
• Cyber Extortion Loss
• Data Recovery Costs
• Computer Hardware Replacement
• Reputational Loss
-Group 1, As a condition precedent to the coverage specified in Group 1, the Insured must have satisfied the
following conditions prior to the occurrence of such incident. Claim or Loss:
a. Enforce Multifactor Authentication for all remote and privileged access
b. Close all RDP ports if not in use
c. If RDP ports are in use:
1. Restrict RDP access by IP addresses via firewall rules and only allow trusted IP addresses to access the port
2. Place all RDP services behind a VPN and protect them using Two- Factor Authentication
Group 2 Sub-limits subject to Qualifiers:
• Fraudulent Instruction
• Telephone Fraud
• Funds Transfer Fraud
• Invoice Manipulation
-Group 2, As a condition precedent to the coverage specified in Group 2, the Insured must have satisfied the
following conditions prior to the occurrence of such incident, Claim or Loss:
a. Provided formal training to employees with respect to computer crime and social engineering
b. Required multiple forms of verification for all fund transfers and all changes to client, vendor or supplier details
such as routing numbers, account numbers and phone numbers.
Endorsements & • Sanction Limitation and Exclusion Clause-1
Exclusions: • Warranty Endorsement
• Pending & Prior Litigation Endorsement
• Following Specified Sublimit- With Conditions
• Disclosure- Terrorism Risk Insurance Act
6
�EXCESS CYBER LIABILITY
NOTES • Quote terms, conditions, and premiums subject to change depending on
the APIP cyber program’s underlying aggregate program limit
• BI and DBI coverages subject to $750K aggregate sublimit, as per
underlying Beazley policy
7
�PREMIUM SUMMARY RECAP
Coverage Policy Period Premium
Excess Cyber Liability ($2M xs
07/01/2024 to 07/01/2025 $143,884
$2M)
Total $143,884
Companies/ A.M. Best’s Rating Payment Plan
Liberty Surplus Insurance Corporation/ A.M. Best Rated A (Excellent) Paid In Full Upon Binding
Financial Size Category: XV ($2 Billion Or Greater)
The cost reflected below is an early indication of the renewal quotation expected to be received June 1st . Should the final
quotation totals exceed that provided below, APIP is not bound by that which is reflected in this indication.
NOTES:
• This indication is based on the current loss experience, market conditions, increases in underwriting information and is
subject to change if this insured’s loss ratio deteriorates further and/ or if the markets suffer a catastrophic event.
• Coverage outlined in this Proposal is subject to the terms and conditions set forth in the policy.
• Please refer to the Policy for specific terms, conditions and exclusions.
• Change in total Insurable Values (TIV) will result in adjustment in premium.
8
�