CyberCube/Advisen Team Up On Cyber Threats
“Cybercrime is the #1 crime globally in terms of risk-to-payoff ratio,” said Charlotte Anderson, cyber risk analyst at CyberCube Analytics, during a recent panel hosted by Advisen and CyberCube, highlighting the importance of cybersecurity awareness and competency for brokerages. Joining her in discussing how brokers (and the rest of the industry) can quantify cyber risk and assist their clients in hardening their electronic systems were Christopher Keegan, senior managing director of Executive Liability at Beecher Carlson, and Oren Schetrit, director of Product Management at CyberCube Analytics. We’ve distilled their conversation down into a few key points brokers should keep in mind when working with their clients to develop cyber risk programs.
While ransomware attacks may seem to be the most relevant for insurance companies and brokers, it is crucial to also keep in mind the wider threat surface many organizations have as a result of third-party services. Now that so many new devices, systems and infrastructures have internet connection capabilities or rely on the internet/cloud services to function, it’s more important than ever to be aware of vendors’ and cloud service providers’ security practices. After all, according to Aon’s 2019 Cyber Risk Report, 59% of companies in the U.K. and the U.S. said they experienced a data breach via a third party.
Please review the table below for some of the most important takeaways from the panel: the most common cyber threats for each industry.
|INDUSTRY||COMMON THREATS||ADDRESSING THREATS|
|Healthcare||Ransomware attacks, business interruption, data loss, regulatory fines||Employee training, email filtering, consistent system backups, antivirus/firewall, content scanning and filtering, up-to-date patches|
|Retail||PCI theft, payment system vulnerabilities, web app breaches||Vet vendors to ensure they employ robust security practices, validate payment software, use approved PIN entry devices|
|Tech||Supply chain attacks, nation-state espionage||Vulnerability management, vet vendors and third parties, ensure defenses are hardened, up-to-date patches|
|Education||DDOS attacks, phishing attacks||Employee training, email filtering, consistent system backups, antivirus/firewall, content scanning and filtering, up-to-date patches|
|Finance (including insurance)||Ransomware attacks||Employee training, email filtering, consistent system backups, up-to-date patches, encryption and virtual private networks (VPNs)|
|Service industry||Exposure to businesses through third-party services: phishing, account compromise, and credit theft||Employee training, vet vendors to ensure they employ robust security practices, up-to-date patches, antivirus/firewall, content scanning and filtering|
Oren Schetrit of CyberCube also explained the difference in how both carriers and brokers should approach cyber risk. Carriers, he said, should be concerned with frequency, “but brokers should be talking about severity, not frequency—especially in the context of cyber risk, which is a low-frequency, high-severity event.”
We see this in the outsized impact of the WannaCry and Petya attacks in 2017, as well as the Capital One, Marriott and Equifax breaches, among others. Contextualizing the severity of a possible claim or a company’s financial exposure as a result of cyber risk can help clients make better decisions when it comes to cyber insurance, and also position the broker as the “trusted advisor” when it comes to this niche.
But how could a broker convey this information without introducing too much friction into the sales process? Schetrit proposed breaking an organization’s potential cyber threat into three different factors: the “likely offender,” the “suitable target,” and if there’s an “absence of a suitable guardian.” On top of that, he also suggested breaking down threats into a “few different categories,” like “asset exposure, liability exposure, threat exposure, security exposure,” which would “allow you to organize an efficient way to address your different vulnerabilities.”
“Not only is cyber risk complex,” said Christopher Keegan of Beecher Carlson. “[But] it changes all the time.” That’s why it’s critical for brokers to understand how to break down cyber risk and cyber threats in order to guide their clients, especially in today’s digital age.