This session at the 2015 California Workers’ Compensation & Risk Conference illustrated the latest trends related to cyber security and the new insurance products that are being developed in response to them.
- Scott Ritto, Senior Director, Risk Management at Kilroy Realty Corporation
- Jeff Phillips, Managing Director at PwC
- James Patterson, Cyber Specialist/Western Region, Executive Liability at AIG
- Tina Tabb, Senior Vice President at Marsh FINPRO
The cyber challenge now extends beyond enterprise. Technology-led innovation has allowed business models to evolve, creating a dynamic environment that is increasingly interconnected, integrated and interdependent. Cybersecurity encompasses information technology, operational technology and consumer technology. This is increasing opportunity for risk.
According to a survey conducted by PwC:
- 61% of CEOs name cyber security as their fasted-growing concern
- 70% of organizations expressed concern about their inability to protect intellectual property.
- 53% of CEOs consider cyber security as strategically important to their organization.
- However, from 2013 to 2014, organizations have decreased investment in cyber security by 4%.
Businesses need to adapt to the new reality. It is no longer feasible to protect your “four walls”. Today’s breeches are organized, funded and targeted, and motivated by economic, monetary and political gain.
It’s expected that there will be over $4 billion spent on cyber crime this year. People are beginning to look at it very differently. Because of this, it is anticipated that the cyber insurance market will grow significantly. Early adopters have been in the e-commerce area. Now, organizations with any type of operational technology are considering the cost of network interruption and looking seriously at cyber insurance.
Primarily two different approaches are now offered in cyber insurance:
- The One-Stop Shop – Insured looks to the insurance company to provide all experts needed.
- Traditional Approach – Insured wants to be responsible for contacting legal, forensics, etc., and the insurance company will reimburse.
Additional coverage may include:
- First-party cost coverage
- Fines and penalties coverage
- Business interruption coverage
Overall, the best way to manage cyber risk is to prevent a breach from ever happening. Risk control products are rapidly being developed to help insureds avoid a data breach altogether.