Jake Kouns is the CISO for Risk Based Security that provides vulnerabilities and data breach intelligence. He previously oversaw the operations of the Open Sourced Vulnerability Database (OSVDB.org) and DataLossDB. Mr. Kouns has presented at many well-known security conferences including RSA, Black Hat, DEF CON, DerbyCon, CISO Executive Summit, EntNet IEEE GlobeCom, FIRST, CanSecWest, InfoSecWorld, SOURCE and SyScan; and cyber liability forums such as AAMGA events, ACI’s Cyber and Data Risk Insurance, NetDiligence’s Cyber Risk & Privacy Liability Forum and PLUS. Jake has briefed the DHS and Pentagon on Cyber Liability Insurance issues and is frequently interviewed as an expert in the security industry by Information Week, eWeek, Processor.com, Federal Computer Week, Government Computer News and SC Magazine. He has appeared on CNN as well as the Brian Lehrer Show and was featured on the cover of SCMagazine. Jake is the co-author of the book Information Technology Risk Management in Enterprise Environments, Wiley, 2010 and The Chief Information Security Officer, IT Governance, 2011. He holds both a Bachelor of Business Administration and a Master of Business Administration with a concentration in Information Security from James Madison University. In addition, he holds a number of certifications including ISC2's CISSP, and ISACA's CISM, CISA and CGEIT. Many people believe that there are only two types of companies: those that have been hacked, and those that will be. It doesn’t matter what industry or the size of an organization, as no company seemed to be immune to data breaches. More businesses are coming to this conclusion every day and have started to purchase Cyber Liability Insurance in case of a data breach. This session will provide information on the current data breach landscape and then a behind the scenes look into Cyber Liability insurance and discuss how this coverage is being integrated into a risk management plan. Information Security professionals and responders are in many cases unaware of how the insurance process works when there is a data breach and do not understand the requirements that can affect the incident response process. With the rise of Cyber Insurance, incident responders need to understand how this impacts them and their processes. Real data breach examples will be dissected and then mapped to insurance coverage to outline the response and claims process.