}

ATLANTA, April 15, 1997 /PRNewswire/ via Individual Inc. — A new program providing protection against many of the exposures of doing business over the Internet and Intranets was unveiled at the Risk and Insurance Management Society’s annual conference. The program combines an Internet security liability insurance policy with Web certification.

The insurance policy, named InsureSite (SM), is being underwritten by member companies of American International Group, Inc. (AIG) and is available through Atlanta-based insurance broker Hamilton Dorsey Alston Co. (HDA). Insureds whose Web sites are certified by the National Computer Security Association (NCSA) are eligible for premium discounts.

The InsureSite policy consists of three coverage parts. Under the Customer Funds Security Liability Coverage Part, the policy responds to a company’s third-party liability for loss of money or electronic funds arising out of its covered Web site. Another coverage part covers personal injury liability caused by electronic communication of information or a person’s unauthorized access to the Web site with limits up to $1 million. The policy also covers direct physical damage to or loss of computer equipment and declared electronic data and media as a result of vandalism, computer virus or other perils and provides reimbursement for the loss of net income, continuing operating expenses and extra expenses incurred while suspended operations are being restored.

“Existing insurance products were created prior to the widespread use of the Internet and Intranets. Unlike InsureSite, traditional general liability, property, crime and errors and omissions policies were not designed to respond to the liabilities associated with the use of the Internet and Intranets for electronic commerce and other business transactions,” said Steven H. Haase, senior vice president of HDA.

The NCSA’s Web Certification Program, which recently was expanded to Intranet sites, considerably reduces Web site risks and liabilities by providing, verifying and improving the use of best-in-class logical and physical baseline security standards. The annual certification process not only raises security awareness and typically exposes overlooked or neglected threats to an Internet or Intranet site, but also demonstrates management’s efforts to assure site availability, information protection and data integrity. By implementing methods, procedures and policies required to achieve certification, a site can enhance user trust and confidence while reducing the risk of downtime, intrusion, data loss and theft, tampering and other known security exposures.

Available through the NCSA and its network of authorized security consultants, the Web Certification Program comprises a detailed field guide, on-site evaluation, remote testing, random spot-checking and an evolving set of industry-endorsed best practices. Certification cost is based on a per Web server fee of $8,500 with discounts for multiple servers and sites.

“NCSA clearly provides the on-going, third party security verification needed to ensure adequate Internet and Intranet defense mechanisms,” said Dr. Peter Tippett, president and CEO of the NCSA. “AIG and HDA are significantly contributing to NCSA’s efforts to secure the Web infrastructure and encourage commerce on the Web.”

Located in Carlisle, PA, NCSA is an independent, privately held company that strives to continually improve commercial computer security through certification, sharing knowledge and disseminating information. The company’s services include training, testing, research, product certification, underground reconnaissance, a help desk and consulting. For more information on the NCSA and its Web Certification Program, call (800) 488-4595, send e-mail to webcert.com or visit the organization’s Web site at http://www.ncsa.com.

HDA offers a full range of risk management and brokerage services to private and publicly-held companies throughout the United States and abroad. With 100 employees, HDA is the largest insurance brokerage based in Atlanta. Among other areas of expertise, it has considerable experience with technology and telecommunications client. To contact Haase about InsureSite insurance protection, including the discounts based on NCSA certification, call (888) WEB-RISK or send him e-mail at SteveHaase@webriskins.com. Policy information and an application also can be found at http://www.webriskins.com.

SOURCE National Computer Security Association

/CONTACT: Ann Deering of ADVice, 212-661-5373 or adeering@shebute.com; Barbara Rose of NCSA, 717-241-3233 or brose@ncsa.com; or Steven Haase of HDA, 888-WEB-RISK or SteveHaase@webriskins.com/

[Copyright 1997, PR Newswire]