Worth a read (and not just because they quote our estimate of premium volume). Great commentary by Dave Perera on Cyber in the political realm, including the administration’s encouragement of Cyber insurance.
The summary is here: Politico
Unfortunately the balance of the article is behind their paywall, but the summary is useful.
PLUS was kind enough to invite me to speak at this year’s Cyber Symposium, a not-to-be missed gathering of leaders in the Cyber insurance and risk community.
Unfortunately, I was unable to attend due to a scheduling conflict but PLUS asked me to pre-record a keynote address. Done in the form of an interview, it was presented during the opening breakfast and can be watched here: PLUS Cyber Symposium 2015 Betterley Keynote
My thanks to PLUS for allowing me to share some of my current thinking about product, market conditions, and what’s on the horizon for Cyber.
Today’s Wall Street Journal included an excellent piece by reporter Devlin Barrett on the vulnerability of corporate networks to cyber attacks. Commenting specifically on the FBI’s observations, he noted the deep concern and frustration over the inability of corporations to protect their data. Pointedly observing that ‘offense beats defense’ and ‘we are outgunned,’ the FBI says that the U.S. is losing the cyber war to the hackers.
Commenting on the FBI’s message, Devlin observed:
- Companies don’t do everything they can do, and when they suffer a breach, they call the FBI (which, by the way, currently has a caseload of 2,500 hacking investigations; I’m surprised it’s not more),
- Companies often aren’t even aware they have been hacked, and
- Corporate leadership is inadequately addressing security due to perceived cost and ease of use problems, and worse (my words) lack of comprehension
The FBI is promoting the idea that corporations need to depend less on their ability to prevent breaches and more on managing the breaches that they should assume are ongoing. I’m no technologist, but even I have been concerned for some time that the ability of organizations to defend themselves against hacker attacks is limited. It looks like the FBI is, too.
So, what are the implications for Cyber insurance? I have to wonder how carriers can stay ahead of this risk, when the FBI is telling us that the companies that are their insureds aren’t. Is it possible to price this exposure adequately?
Here’s the video from the Wall Street Journal Wednesday, March 28, 2012: