Category Archives: Cyber Risk Insurance

Contingent Business Interruption and Cyber Events

Recently it was reported that conventioneers attending 2 different Boston conferences are believed to have suffered credit card thefts.  The convention center and various local establishments (hotels, restaurants, etc.) denied that they were the source.

But what got my attention was the comments from attendees that they might think twice about coming to Boston-based on these thefts.  Silly? Yes. It could (and does) happen anywhere.

And it reminded me – when it comes to cyber security, we are all part of one big community.  The losses of one can affect the businesses (and security and contentedness) of other members of their community.

How should (or can) cyber insurers help their insureds protect against the cyber losses of others in which the insured isn’t even involved?  This goes beyond ‘traditional’ contingent cyber interruption.

Your comments are welcomed.

Specialty Insurance Year End Wrap-up Webinar 12/12 at 11 AM by Advisen

Please forgive me for a bit of self-promotion, but this program should be really good; I already learned a lot from our panelists’ conference call.

On Thursday morning, December 12 at 11 AM (eastern time), I will be on a panel moderated by Advisen’s David Bradford to review the trends and developments of 2013 in Specialty Lines insurance. The panel of experts will also provide insight into 2014 & beyond. This free, one-hour webinar is sponsored by OneBeacon Professional Insurance; registration is here.

The panel includes:

  • Paul Romano, President, OneBeacon Professional Insurance
  • David Lewison, National Practice Leader, AmWINS
  • Rick Betterley, President, Betterley Risk Consultants
  • David Bradford, President, Research & Editorial division, Advisen (moderator)

The economy continued to improve in 2013, which generally benefitted the insurance market. For specialty insurers, however, the year posed a number of challenges. Healthcare reform continued to reshape the risk landscape of hospitals and other healthcare organizations. Lawyers continued to feel the fallout of the credit crisis and recession as claims activity remained above historical averages. Network security challenges further evolved in the endless cat-and-mouse game between cyber criminals and system security experts.

This webinar will review the trends and developments of 2013 in “Specialty Lines” insurance. Our panel of experts also will provide their insights into the factors that will influence the market in 2014 and beyond.

Hope you can join us!

PLUS Conference – Cyber 3.0 Follow Up Interview

At the risk of overdoing the ‘look at me, I spoke at PLUS’ image, here is a link to the PLUS blog follow-up interview, in which I capture the essentials of Cyber 3.0.

In all seriousness, this is important stuff – Boards of Directors, Washington, investors, and customers all want assurance that organizations are doing the right things to protect themselves.  I hope the interview helps them do so.

And – credit to our panel at PLUS, which provided depth and context to this idea. Thanks again, Lori, Kristen, Jeremy, and Jeff, as well as to PLUS for its support for this superb conference.

The Victorian Con Artist’s Approach to Spam (obviously pre-email)

I generally don’t like posting a link to another well-known publication, but this article in The Atlantic about spam and con artists in the days before email is a good reminder of the ‘wishful thinking’ problem in network security.

Although why they also picked on DEC is beyond me.

Here is the link.

I’ll Be Moderating the Cyber 3.0 Panel at PLUS Next Week

Wednesday morning 8:30 – 9:45 I will be moderating Cyber Liability 3.0: Cutting Edge Advancements in Coverage and Services.  In addition to my introductory remarks covering the concept and progress to date, my panelists will be offering their insight into the concepts involved, including the avoidance and control of potential breaches and other forms of loss.

Our panelists are:

  • Lori Bailey – Zurich’s Global Head of Professional Liability
  • Kristen Dauphinais – Underwriter at Beazley
  • Jeremy Henley – ID Experts’ Insurance Solutions Executive
  • Jeff Stull – Risk Analytics’ Founder and Chairman

Here are some of those topics:

  • Is the Highly Protected Risk Model Useful for Cyber Insurance?
  • Can HPR approaches be effective in Cyber?
  • Are the costs justified by reduced losses?
  • Do they improve customer retention?
  • The Latest in Data Theft – How the Black Hats are Stealing Your Insured’s Data
  • Why Firewalls Fail
  • The role of governmental actors
  • Are there so many breaches that it just doesn’t matter anymore? 
  • Helping Insureds Help Themselves
  • The latest in coverage design
  • International policy differences
  • Is Active Defense Successful – and is it practical?
  • Difference between “offense” and “proactive defense”
  • Are live privacy expert services effective in reducing exposures?
  • The Small- and Mid-sized Market
  • Is a live privacy expert viable in the SME market?

If you are attending the program, please come up afterwards and say ‘hi’?  I’ll be zooming off for a video interview right after the program but should be able to linger for a few minutes.

Cyber 3.0 – I’ll Be Presenting at Law Seminar’s International Webinar for Attorneys this Friday

Law Seminars International’s webinar on Cyber insurance for attorneys is Friday 10/23 at 1 PM EDT.  I’ll be speaking on Cyber 3.0 coverage approaches, value-added risk management services, and tips on finding the right product.  My focus will be on law firms as insureds and as advisors to their clients.

Here’s the link (it’s not free, but for $195 you get Roberta Anderson, Partner at K&L Gates, Lon Berk, Partner at Hunton & Williams, and me): Law Seminars International: Insurance Coverage for Cyber Breaches

Market Size and Pricing – U.S. Cyber Insurance (Wall Street Journal)

Here is a link to the Wall Street Journal’s thoughts on the U.S. Cyber insurance market, including size, pricing, and growth (authored by Greg Millman, who writes about compliance in the WSJ’s Risk and Compliance Journal).

Cyber Insurance observations from RBC Capital Markets

Today’s Insurance Observations, the always-worthwhile read about the insurance business from the investor’s standpoint, includes extensive commentary on the Cyber insurance market.  Some of it is based upon The Betterley Report June issue (Cyber/Privacy Market Survey 2013) but there is much additional insight.  The investor perspective is especially useful (as is the follow-on bit about Sasquatch aka Big Foot insurance).

Well worth the read.  It is the August 19, 2013 issue.  Please let me know if you would like me to forward a PDF of the issue (which is RBC’s preference).

Experian White Paper on Cyber 3.0

I am proud to have been asked by Experian to author a white paper on the future of Cyber insurance.  The paper was published this week and is entitled Cyber Insurance 3.0: Risks, Rewards and Future Outlook.  You can obtain a copy at their site by clicking here (you will need to register to download the file but its easy).

In the paper I expand my thinking on the parallels between Highly Protected Risk insurance and the ways in which Cyber insurance can help organizations achieve better security through improved prevention tools and response services.  The rapid growth in Cyber insurance purchases doesn’t mean organizations can now sit back and ignore security – the paper makes the case that prevention is still critical.

The topic is a passion of mine and I appreciate Experian providing me with an opportunity to further explore it.

Reinsurer Interest in Cyber Products

100 members of the Reinsurance Association of America were in the audience in New York City for the RAA’s Current Issues: Cyber Liability program May 21st.  I think the heavy attendance was indicative of a growing interest in the product by reinsurers, especially since this was a members-only event.

I was joined in the opening session on The Cyber-Liability Landscape by Stephen Serfass, partner with Drinker Biddle.  My comments were focused on the evolving product, what I worry about, and product opportunities.  Steve spoke about the risk landscape.

Other speakers were Mike Brown of Guy Carpenter on reinsurer involvement, Beth Diamond of Beazley on breach and claims activity, and Larry Greengrass of Mound Cotton on claims and traditional policies.

The afternoon session provided insight into state and federal legislation, and was addressed by Robert Gordon of PCIAA and Steve Serfass.

I think the heavy attendance and the level of knowledge and interest expressed by the audience speaks volumes about the growth in importance of this fascinating product.

AM Best interviewed the speakers after their sessions; the videos are  here and were conducted by Meg Green.  Apologies for the very brief ad that precedes the interview.