V2018.11 Cyberedge® Outsourced Service Provider Supplemental

CyberEdge® Outsourced Service Provider Supplemental Checklist Questionnaire

This Supplemental Questionnaire is used if the Applicant is seeking increased coverage for business interruptions caused by covered events involving the computer systems of Outsource Service Providers under the Network Interruption Coverage Section. Please see policy wording for definition of Outsourced Service Provider, as well as any other terms, conditions, exclusions, or limitations, including exclusions or sub-limits for specific types of service providers. As used herein, “Applicant” includes the Company applying for CyberEdge® coverage and its subsidiaries.

Full Name of Applicant: ______

This Supplemental Questionnaire has three sections that are requested to be completed and note the below instructions for completing each section:

- Section 1 – Applicant to check the box next to each service provider that the Applicant uses under each service category.

- Section 2 – Applicant to write-in which IT Service Providers they consider to be the top 10 most impactful to their business. IT Service Provider means an entity that provides information technology services to the Applicant pursuant to a contract, including those entities that provide “cloud computing” or other hosted computer resources.

- Section 3 – Applicant to write-in which non-IT Service Providers they consider to be the top 20 most impactful to their business. Non-IT Service Provider means an entity, that is not an IT Service Provider, that provides products or services to the Applicant pursuant to a contract.

In determining which providers are the most impactful under Section 2 and 3, the Applicant’s primary considerations should be the likelihood and severity of the harm to the Applicant should the provider be unable to provide the products and services for which the Applicant contracted.

V2018.11

Section 1 Instructions: Check the box next to each service provider that the Applicant uses under each service category. (Check all that apply)

Cyren Corporation CloudFlare Dell Technologies Hosting Services ☐ ☐ ☐ Endurance Int’t Technologies Corporation Service Company F5 Networks ☐ ☐ ☐ ☐ Akamai Technologies GoDaddy DNS Made Easy Fortinet, Inc ☐ ☐ ☐ Amazon AWS Google Dyn Hewlett Packard Enterprise ☐ ☐ ☐ ☐ AT&T MailChannels easyDNS Technologies (Aruba AirWave) ☐ ☐ ☐ CenturyLink Marketo, Inc Endurance Int t Technologies Infoblox ☐ ☐ ☐ ’ ☐ CloudFlare McAfee, Inc GoDaddy IBM ☐ ☐ ☐ ☐ DigitalOcean Microsoft Microsoft ☐ Juniper ☐ ☐ ☐ Endurance Int’l Technologies Mimecast Namecheap Inc Level 3 ☐ ☐ ☐ ☐ F5 Networks Proofpoint Neustar Group Micro Focus International ☐ ☐ ☐ ☐ GoDaddy Rackspace (Mailgun) OVH SAS Red Hat ☐ ☐ ☐ ☐ Google Return Path, Inc Rackspace Riverbed Technology ☐ ☐ ☐ ☐ IBM Salesforce.com Sedo SolarWinds Inc ☐ ☐ ☐ ☐ Microsoft SendGrid, Inc Tucows (OpenSRS, Enom) SonicWALL ☐ ☐ ☐ ☐ OVH SAS Symantec United Internet (Arsy) Zabbix LLC ☐ ☐ ☐ ☐ Rackspace The Rocket Science Group Web.com ☐ ☐ ☐ SoftLayer Technologies (MailChimp/Mandrill) Wix.com Ltd ☐ ☐ Tucows United Internet Content Delivery Network ☐ ☐ United Internet AG Web.com Services (CDN) ☐ ☐ UnitedLayer Zendesk Akamai Technologies ☐ ☐ Network Management ☐ Verizon Communications Amazon AWS ☐ Services ☐ Web.com Inc Automattic Group ☐ Arista Networks ☐ ☐ ☐ Brightcove Inc. Domain Name Services Blue Coat Systems ☐ ☐ CloudFlare (DNS) BMC Software E-mail & Related Services ☐ Cloudinary Ltd. Akamai Technologies Brocade Communication ☐ ☐ ☐ Amazon AWS SES Amazon AWS Facebook ☐ ☐ CA Technologies ☐ AppRiver, LLC ☐ Fastly Inc. ☐ AT&T Cisco ☐ ☐ ☐ GoDaddy Barracuda Networks Clarivate Analytics Citrix ☐ ☐ ☐ ☐

V2018.11

Google SAP Oracle Wirecard AG ☐ ☐ ☐ ☐ ☐ IAC/InterActiveCorp SugarCRM PeopleAdmin ☐ ☐ Imperva Veeva Systems PeopleFluent ☐ ☐ ☐ Limelight Networks Zoho Corporation SAP Security Services ☐ ☐ ☐ Microsoft Ultimate Software Group Akamai Technologies ☐ ☐ ☐ Progress Software WorkDay Cisco ☐ ☐ ☐ Rackspace Financial Systems Services Xactly Corporation CloudFlare ☐ ☐ ☐ Stack Exchange FIS Global Comodo Group ☐ ☐ ☐ StackPath (MaxCDN) Fiserv cPanel Inc ☐ ☐ ☐ TripAdvisor NCR E-Commerce & Payment DigiCert ☐ ☐ ☐ Twitter NetSuite Services Gandi SAS ☐ ☐ ☐ Verizon (inc Yahoo) Oracle Adyen B.V GMO GlobalSign ☐ ☐ ☐ ☐ QuickBooks Amazon AWS GoDaddy ☐ ☐ ☐ Sage Intact Apple HugeDomains.com ☐ ☐ ☐ Relationship Management SAP (inc. Ariba & Concur) BlueSnap IBM ☐ ☐ ☐ Services SS&C Technologies CCBill Let s Encrypt ☐ ☐ ☐ ’ Aptean Discover Financial McAfee (inc. Skyhigh ☐ ☐ ☐ Astute EverCommerce Security) ☐ ☐ Campus Management HR Management Services Ingenico Microsoft ☐ ☐ ☐ Deltek ADP Intercontinental Exchange Okta ☐ ☐ ☐ ☐ eGain Avature Recruiting Klarna AB OVH SAS ☐ ☐ ☐ ☐ Gainsight Careerify Maestro Technologies Parallets ☐ ☐ ☐ ☐ Google Ceridian Magento Dell (inc. SecureWorks) ☐ ☐ ☐ ☐ Infor Charterhouse Capital NCR Corporation Starfield Technologies ☐ ☐ ☐ ☐ Ivanti Group Cornerstone PayPal Symantec ☐ ☐ ☐ ☐ Medallia Inc Halogen Software Recurly Tenable Network ☐ ☐ ☐ ☐ Microsoft iCIMS Square TrustWave Holdings ☐ ☐ ☐ ☐ NetSuite Stripe Web.com, Inc ☐ Infor ☐ ☐ ☐ Oracle IBM Vanco Payment Solutions ☐ ☐ ☐ Pegasystems Jobvite Vantiv ☐ ☐ ☐ Sage Group Kronos VeriFone Systems ☐ ☐ ☐ Salesforce.com NICE Systems Visa ☐ ☐ ☐

V2018.11

Oracle GE Industrial/Construction ☐ ☐ Monitoring & Control of Kiewit Corporation Honeywell Services ☐ ☐ Specialty Equipment PlanGrid Metso Aconex Limited ☐ ☐ Services ☐ Procore Technologies Mitsubishi Electric Autodesk ☐ ☐ E.on ☐ RIB Software Rockwell Automation ☐ Bentley Systems ☐ ☐ GE ☐ Sage Group Rolls Royce ☐ Computer Methods Int’t ☐ ☐ Itron ☐ Viewpoint Schneider ☐ (CMiC) ☐ ☐ Landis+Gear Siemens ☐ Foundation Software ☐ Mita-teknik ☐ Toshiba ☐ Heavy Construction System ☐ Rolls Royce ☐ Industrial Control Providers Yokogawa ☐ Specialists ☐ Sensus Infor ABB ☐ ☐ ☐ Siemens Microsoft Bosch ☐ ☐ ☐ Vestas Nemetschek AG Emerson ☐ ☐ ☐

Section 2 Instructions: Applicant to write-in which IT Service Providers they consider to be the top 10 most impactful to their business. IT Service Provider means an entity that provides information technology services to the Applicant pursuant to a contract, including those entities that provide “cloud computing” or other hosted computer resources.

1) 6) 2) 7) 3) 8) 4) 9) 5) 10)

V2018.11

Section 3 Instructions: Applicant to write-in which non-IT Service Providers they consider to be the top 20 most impactful to their business. Non-IT Service Provider means an entity, that is not an IT Service Provider, that provides products or services to the Applicant pursuant to a contract.

1) 11) 2) 12) 3) 13) 4) 14) 5) 15) 6) 16) 7) 17) 8) 18) 9) 19) 10) 20)

THIS SUPPLEMENTAL QUESTIONNAIRE IS INCORPORATED INTO AND MADE PART OF ANY APPLICATION FOR CYBEREDGE COVERAGE℠ SUBMITTED BY THE APPLICANT (THE “CYBEREDGE APPLICATION”). ALL REPRESENTATIONS AND WARRANTIES MADE BY APPLICANT IN CONNECTION WITH SUCH CYBEREDGE APPLICATION ALSO APPLY TO THE INFORMATION PROVIDED IN THIS SUPPLEMENTAL QUESTIONNAIRE.

SHOULD INSURER ISSUE A POLICY, APPLICANT AGREES THAT SUCH POLICY IS ISSUED IN RELIANCE UPON THE TRUTH OF THE STATEMENTS AND REPRESENTATIONS IN THIS SUPPLEMENTAL QUESTIONNAIRE OR INCORPORATED BY REFERENCE HEREIN. ANY MISREPRESENTATION, OMISSION, CONCEALMENT OR INCORRECT STATEMENT OF A MATERIAL FACT, IN THIS SUPPLEMENTAL QUESTIONNAIRE, INCORPORATED BY REFERENCE OR OTHERWISE, SHALL BE GROUNDS FOR THE RESCISSION OF ANY POLICY ISSUED.

Signed: ______(Duly authorized representative, by and on behalf of the Applicant)

Date: ______

Title: ______Organization: ______

(Must be signed by an authorized officer) (Organization’s seal)

V2018.11