Insuring Cyber Podcast - Insurance Journal
Insurance Journal
All episodes
Best episodes
Top 10 Insuring Cyber Podcast - Insurance Journal Episodes
Goodpods has curated a list of the 10 best Insuring Cyber Podcast - Insurance Journal episodes, ranked by the number of listens and likes each episode have garnered from our listeners. If you are listening to Insuring Cyber Podcast - Insurance Journal for the first time, there's no better place to start than with one of these standout episodes. If you are a fan of the show, vote for your favorite Insuring Cyber Podcast - Insurance Journal episode by adding your comments to the episode page.
EP. 5: Expecting the Unexpected: Cyber Lessons from 2020
Insuring Cyber Podcast - Insurance Journal
01/13/21 • 20 min
What is the biggest lesson that cyber insurers should carry into 2021 after a year in which the COVID-19 pandemic took center stage?
In the first Insuring Cyber podcast episode of the new year, Tim Zeilman, vice president and global cyber product owner at Hartford Steam Boiler (HSB), discusses how lessons learned from the coronavirus pandemic and from recent significant cyber attacks are more related than insurers may think.
“I think the lesson is pay attention and learn the lessons of the close calls,” he says. “So when you think about the COVID-19 pandemic that we’re in the midst of right now, it’s not the first one. We had inklings that things like this might happen.”
Indeed, over the last decade, disease outbreaks such as Ebola and H5N1, or the avian flu, hit the news, although these outbreaks never amounted to the same global scale as the COVID-19 pandemic, he explains.
“I think you can make an analogy to cyber attacks,” he says. “We haven’t seen the big one yet. We haven’t seen the massive cyber hurricane that everybody worries about and models, but we have seen some smaller events. In particular in 2017, we saw NotPetya and WannaCry.”
He says the message to be taken away from this pandemic as well as the cyber attacks seen in the past few years is don’t ignore the near misses.
“Don’t expect that the future is going to look like that – that we’re always going to have these small, somewhat contained events that might be big but are not the massive big one,” he says. “I think that the bottom line there is really to keep your focus in cyber insurance on accumulation, to plan for that big one that might look like a WannaCry or a NotPetya event but on a much larger scale and much greater impact, and plan for what that would mean to your cyber insurance business.”
Also in this episode, Lauren Winchester, vice president of Smart Breach Response at Corvus – a provider of artificial intelligence driven commercial insurance products – takes a look back at some of the big trends in cyber insurance in 2020 and discusses what cyber insurers should be paying attention to in the new year.
“I think visibility into vulnerabilities is going to be really key – how cyber insurers manage to partner with other vendors or build in-house capabilities in order to get a better sense of their risk pool and the vulnerabilities among their policy holders,” Winchester says.
She adds that going forward into 2021, it will be important for cyber insurers and their clients to establish a greater partnership in order to better understand how they can work together.
“I think insurance buyers in working with their brokers should really be considering what else their cyber insurance company can be doing for them,” she says. “It’s really so much more than just risk transfer at this point, and they should and can ask more of their cyber insurer.”
Thanks for listening and be sure to check back for new episodes every other Wednesday published together with Insurance Journal’s Insuring Cyber newsletter.
The post EP. 5: Expecting the Unexpected: Cyber Lessons from 2020 appeared first on Insurance Journal TV.
EP. 4: What Cyber Insurers Should Know About the Federal Ransomware Advisories
Insuring Cyber Podcast - Insurance Journal
12/16/20 • 35 min
As the COVID-19 pandemic and the switch to remote work have highlighted cyber risks and drawn attention to the various methods cyber attackers are using, ransomware has continued to steal the spotlight.
Ransomware is a type of malicious software that is designed to block access to a computer system until a ransom is paid, and these attacks have increased in severity and frequency in the past year alone.
Just this October, the U.S. Treasury Department issued a warning that individuals or businesses, including cyber insurers, that help facilitate ransomware payments could be violating anti-money laundering and sanctions regulations.
The warnings came in a pair of advisories, one from the Financial Crimes Enforcement Network (finCEN) and the other from the Office of Foreign Assets Control (OFAC). The advisories came as the FBI and Homeland Security officials also warned in October that Eastern European criminals are increasingly targeting U.S. hospitals with ransomware and urged healthcare facilities to beef up their preparations.
“[The advisories] are going to create potential exposures and potential costs that arguably were not there before,” said Josh Mooney, chief privacy officer at Philadelphia-headquartered law firm White and Williams LLP, in this episode of the Insuring Cyber Podcast. “Cyber carriers are now going to have to take a look at what are some additional liabilities out there? And are they going to run afoul with U.S. law if they honor the obligations they have under their policies to help pay for a ransom caused by a ransomware attack?”
In particular, he added that these advisories will almost certainly add an additional layer of cost and potential liability with carriers in forensic firms – a layer that only adds to the already increased proliferation and sophistication of these attacks.
“Ransomware attacks that we’re dealing with today are very different than the ransomware attacks that we addressed and saw even as recent as 12, 14 months ago,” he said. “Before, again, as recent as a year, year and a half ago, the typical ransomware demand would be maybe in the five or six figures. Now, many of them start in seven or even eight figures.”
Ransomware has become so common that it’s actually turned into somewhat of a business model, according to Michael Carr, head of underwriting at insurance provider Coalition. He explains in this Insuring Cyber Podcast episode that there are groups – sometimes referred to as Ransomware as a Service, or RaaS – that establish footholds on companies’ networks and periodically sell that access to other groups who will drop malicious software on those networks and seek a ransom.
“So it is a situation where there’s the potential that you can be a victim more than once if you don’t properly recover from the first attack,” Carr said.
With this in mind, Carr urged victims of ransomware attacks to act quickly and work with their cyber insurers to respond.
“This is a situation where the first thing I would say is for Ghostbusters fans, who are you going to call if the incident occurs?” he said. “So is your cyber insurer going to have somebody on the other end of the phone line who can actually quickly engage all of the right resources, legal forensics, etc., to respond to the attack? Because generally speaking, the longer it takes to respond, the more expensive these things can become.”
Check out this latest episode of the Insuring Cyber Podcast to see what else Michael and Josh had to say and be sure to tune in every other Wednesday for new episodes published along with the Insuring Cyber newsletter.
The post EP. 4: What Cyber Insurers Should Know About the Federal Ransomware Advisories appeared first on Insurance Journal TV.
EP. 1: Insurance’s Digital Transformation in the COVID-19 Era
Insuring Cyber Podcast - Insurance Journal
10/28/20 • 22 min
“Insurance is a technology industry now.”
That’s according to Todd Lukens, chief information security officer at Nationwide.
“You think about the entire workflow of how insurance works, everything from creating a quote to binding to utilizing artificial intelligence and machine learning and our claims processes and our fraud processes, it’s a technology industry,” he adds.
In the first episode of Insurance Journal’s bi-monthly Insuring Cyber Podcast, Lukens speaks with host Elizabeth Blosfield about what Nationwide is learning from its transition to a hybrid operating model with 98% of its workforce being remote – a move the company announced in April as the coronavirus pandemic was ramping up.
Also in this episode, Pete Arterburn, digital transformation lead at Aon Affinity, discusses how the insurance industry is being pushed to embrace tech with COVID-19 at its heels. He explains what this means for a relationship-driven industry in terms of connecting with its customer base and attracting top talent.
“I think ultimately we’re going to start to see tectonic shift,” he says. “You’re going to start to see a number of agencies maximize that technology capability to really move to that virtual environment...I really do think that will continue to be the new norm.”
Thanks for listening. Check back twice a month for new episodes of the Insuring Cyber Podcast every other Wednesday.
The post EP. 1: Insurance’s Digital Transformation in the COVID-19 Era appeared first on Insurance Journal TV.
EP. 79: The Art of Managing Cyber Risk for Museums
Insuring Cyber Podcast - Insurance Journal
02/14/24 • 39 min
As museums and cultural institutions are increasingly relying on technology to display digital works and manage internal systems and documents, they could be opening themselves up to growing cyber risks. John Farley, managing director of the cyber practice at Gallagher, Anthony Dolce, head of professional liability and cyber at The Hartford, and Joshua Morin, director of IT and application services at The American Alliance of Museums, spoke on this episode of The Insuring Cyber Podcast about the biggest risks facing museums and how cyber insurance can provide needed resources.
The post EP. 79: The Art of Managing Cyber Risk for Museums appeared first on Insurance Journal TV.
EP. 37: Riding the Wave of InsurTech 3.0: What It Takes to Not Just Survive, But Thrive
Insuring Cyber Podcast - Insurance Journal
05/11/22 • 27 min
As the InsurTech industry approaches the next wave of innovation, experts say this could mean navigating rough waters.
“I believe what you’re going to see is that you’re going to have Insurtechs, the cream of the crop, are going to survive and thrive, and a lot of them are going to have to deliver on the promises they made to their investors and to their partners,” Upasana Unni, chief commercial officer at Sayata, said in this episode of The Insuring Cyber Podcast. “It’s going to be a little bit rough seas, I think, out there in the next quarter to three quarters.”
Unni said that she believes the next phase of InsurTech – InsurTech 3.0 – will be largely focused on the ways InsurTechs and insurance carriers can serve each other, and this could result in a more active acquisition landscape as the industry faces consolidation.
“They’re not trying to disrupt, they’re trying to support or improve, basically helping insurance companies evolve,” she said. “And then a few players, I think, will have business models that actually prove out to be truly profitable at scale.”
Jeff Radke, CEO and co-founder of Accelerant, added earlier in the episode that while InsurTech 1.0 focused on the consumer insurance space, the next phase – InsurTech 2.0 – moved toward business-to-business and commercial products.
“3.0, at least as I’ve heard it described and the way we tend to think about it at Accelerant, is a little more broad in that, I think, it’s focused very much on accessing high quality data and making it available across all the players,” he said. “I guess the fancy word for that would be transparency.”
Unni said that the challenge in navigating a wealth of data is analyzing which data points to actually utilize.
“Even though there is a wealth of information ... which data points actually make sense to include, which data points do you train your model on?” she said.
Radke said that as InsurTech works to navigate some of these new challenges, it’s important to remember that it’s a fairly new space with plenty of risk as well as opportunity.
“I don’t think it’s even close to maturing,” he said. “While it’s been around since 2010 in one form or another, or at least talked about since then, I would say ... we have a long way to go. I view that as a really exciting thing. That’s good news to me.”
He said this means there are plenty of “green fields of opportunity” in InsurTech to help modernize traditional insurance company functions and capture, catalog, manage and understand the quality and the province of the data that’s available.
“Making that available throughout the value chain is really becoming a powerful force, at least in our corner of the market. It’s drawing in much more demand for insurance policies. At the same time, it’s drawing in significantly increased capital supply to back those insurance policies,” he said. “The operations of the typical insurance company, I think, might have more upside from modernization than perhaps distribution, but I’m not sure how much we’ve even begun to scrape those opportunities.”
Unni added that although InsurTech is still a fairly new space, it has seen a shift in thinking among traditional insurers from being a disruptor to a welcome addition to the industry in many cases.
“I think 10 years ago, you would’ve had a lot of insurance executives dismissing the new kids on the block, which is how they thought of a lot of InsurTechs,” she said. “And now, frankly, half of the introductions I get to InsurTechs come from traditional carriers, or executives I know there, introducing me to an InsurTech partner that they’d love for me to meet. It’s a huge turnaround from dismissing them as a fad even a couple of years ago.”
Check out this episode of The Insuring Cyber Podcast to find out what else Jeff and Upasana had to say, and be sure to check back for new episodes publishing every other Wednesday along with the Insuring Cyber newsletter. Thanks for listening.
The post EP. 37: Riding the Wave of InsurTech 3.0: What It Takes to Not Just Survive, But Thrive appeared first on Insurance Journal TV.
EP. 36: Lions Versus Gazelles: The Evolution of the Web and Its Risks, Opportunities
Insuring Cyber Podcast - Insurance Journal
04/27/22 • 19 min
It’s often said that cyber risks are constantly evolving, so to keep up, cybersecurity technology has to change with it.
Lou Steinberg, founder and managing partner of CTM Insights – a cybersecurity research lab and incubator – says on the most recent episode of The Insuring Cyber Podcast that this process imitates what happens in nature.
“Co-evolution says that when the lions get faster, the gazelles get faster, because slow gazelles get eaten. And when the gazelles get faster, the lions get faster, because slow lions starve,” he says. “And so what happens is over time, both the lions and the gazelles ratchet up their capabilities. And we see the same thing in cyber security.”
The problem, however, is that cyber criminals are the lions in his metaphor.
“The attackers and defenders are both evolving capabilities at this crazy pace,” he says. “But the issue, of course, is that we’re the gazelles, right? We’re just trying not to get eaten.”
Steinberg says this fast pace of evolution explains how the internet is moving toward web 3.0, which is the next anticipated phase of the internet’s development.
Web 1.0 served as the original web of the 1990s and early 2000s before web 2.0 came along, which is the version of the internet that is widely used today. If smartphone technology and social networking have been behind the growth of web 2.0, experts say web 3.0 will be largely driven by artificial intelligence and machine learning.
Web 3.0 is often described as a decentralized version of the internet, with information housed in multiple locations, breaking down the large databases that currently hold data and giving that control to web users. Data generated by things like phones, desktop computers, and even vehicles and appliances would be sold through decentralized data networks so that users can retain ownership.
Steinberg says this iteration of the internet can benefit insurers as all of this data on the internet can be used for machine learning to train artificial intelligence technology.
“Imagine how much smarter an Alexa-like device would be if it understood every post ever written, and the posts aren’t being filtered or controlled,” he says. “So in cyber insurance, we could dramatically improve our understanding of risk by including way more information about threats and vulnerabilities, and massively expand training data to create a step function in AI capability.”
That said, opportunities don’t typically come without risks, and Steinberg says the decentralized aspect of web 3.0 could lead to misinformation and bias within artificial intelligence technology if not carefully navigated.
“A decentralized web that’s free of controls is a strength that can lead to a weakness,” he says. “When anyone can publish anything, accurate or not, the consumer of information now has to take responsibility for correctness before they use it. The real challenge with AI is we often don’t know how it reached the conclusion it came to, and so we’re going to have to ensure that the inputs to our models have data that’s free from bias.”
Steinberg believes that internet users need to move from critical thinking to critical consumption in order to clear these hurdles.
“When you consume information from random sources online, you have to consider the source, and you also have to consider the possibility that what you’re getting is intentionally biased or flat out wrong,” he says. “We probably need some kind of a consensus mechanism for data correctness. Until then, I think we have to be careful about having good models with bad inputs. We might build a great engine, but if we feed it water instead of gasoline, it isn’t going to run well.”
Although the internet hasn’t fully evolved toward web 3.0 yet, should this concept and the risks that come along with it be keeping insurers and cybersecurity professionals awake at night? Even though it remains a future concept for now, Steinberg says it’s important to always be prepared.
“Our problem as gazelles is what happens when the lions get jet packs? What happens when they get much faster, and all of a sudden, have a new capability that we didn’t prepare for?” he says. “When you’re only playing defense against somebody who’s only playing offense and they get a new offensive weapon, you better have predicted it and planned for it. And sometimes they catch us a little unaware.”
To find out what else Lou has to say, check out the rest of this episode and be sure to check back for new episodes of The Insuring Cyber Podcast publishing ever other Wednesday along with the Insuring Cyber newsletter. Thanks for listening.
The post
EP. 28: Looking in the Rearview Mirror: Cyber Lessons Learned from 2021
Insuring Cyber Podcast - Insurance Journal
12/01/21 • 31 min
The year is coming to an end and cyber insurers as well as their clients may be reflecting on lessons learned from this year’s biggest threats. However, Kurt Suhs, founder and CEO of cyber risk company Cyber Special Ops, says moving forward in the current threat landscape is an ongoing challenge.
“The thing about cyber is we want to get organizations on the road, but you will never get to your destination because the technology, the litigation, the threat landscape is changing so quickly that by the time you were actually even to model a threat landscape, you’re already going to be examining and looking at things from the rearview mirror,” he says. “So that’s the challenge, and that’s where I think organizations just need to get on that road, on that path, and move forward.”
Ransomware attacks have continued growing in scale and complexity this year as they affected businesses, hospitals, schools, local governments, critical infrastructure and even insurance companies’ own operations, and experts on this podcast episode say this cyber threat landscape will likely continue in the new year.
“I think certainly the lesson learned is that cyber attacks and the ransom malware that’s hitting so many organizations will look at your organization regardless of how large you are, what type of business you’re in and where you are geographically,” Suhs says. “So it just continues to get worse every day, and I think it will continue to do so in both frequency and severity.”
As cyber incidents become more and more unavoidable for many organizations, Vishaal Hariprasad, who goes by V8 and is the CEO of Resilience Cyber Insurance Solutions, warns that organizations need to begin planning for incidents early.
“Get more proactive,” he says.
Suhs agrees.
“People like to say it’s not if, but when,” he says. “I like to say it’s not if, it’s not when, but it’s how large.”
This means that insurers have an important job of educating clients and helping them to reduce their vulnerabilities to avoid getting exploited, Hariprasad says.
“Our companies, our clients, don’t have the specialty and time and resources to become cyber experts themselves,” he says. “The insurance world, I believe in all realms, including cyber, does a great job of clarifying what are the key items of risk that they need to address in providing the loss control and risk engineering guidance so that it’s actionable, and then providing the appropriate financial incentives, in the form of risk transfer, to incentivize the clients to adopt it.”
The key takeaway for cyber insurers and clients alike in 2022, although not necessarily hopeful, is an important one, Hariprasad adds.
“The key takeaway is the vulnerabilities will always be exploited,” he says. “It’s a continuous effort, not just a one-off where you block it and you’re done. Cyber’s going to always be a continuous cat and mouse game.”
Check out the rest of this episode to find out what else V8 and Kurt had to say, and be sure to check back for The Insuring Cyber Podcast’s first episode of 2022, publishing on Wednesday, January 19th. Thanks for listening.
The post EP. 28: Looking in the Rearview Mirror: Cyber Lessons Learned from 2021 appeared first on Insurance Journal TV.
EP. 27: Two Experts Debunk Some of the Biggest Myths Around Cyber Insurance
Insuring Cyber Podcast - Insurance Journal
11/17/21 • 31 min
Cyber attacks are continuously evolving, and companies that don’t stay educated about the space could be caught off guard, experts say.
“A lot of times, I think cyber has this type of mentality that it’s not going to happen to me,” said Luis Gazitua, principal at JAG Insurance Group, on this episode of the Insuring Cyber Podcast.
However, that’s a misconception that businesses need to avoid as cyber losses mount, he said.
“Cyber specifically is one of those things that could take down your business,” he said. “It’s one of what I consider the biggest unknown losses.”
This is particularly true for small businesses, despite misconceptions that they won’t be targeted without as large of a footprint as bigger firms.
“Small businesses are the ultimate low hanging fruit,” he said. “It’s more likely that a cyber attack would shut them down indefinitely.”
However, many firms – especially in the small or mid-sized space – may be worried that they can’t afford cyber insurance. Earlier in this episode, Odin Olson, vice president of business development at security operations provider Arctic Wolf Networks, spoke about why he believes this is a false notion.
“Can you afford, or did you plan?” he said. “Maybe it’s a slightly different way to look at that. Can we afford things that come up within two weeks as an organization that maybe hasn’t budgeted or planned for this kind of thing? That’s painful. Can you afford if you’ve thought ahead of time and, as I mentioned just a minute ago, looked for different carriers, different options, different coverage options and that kind of thing?”
He also raised another important question.
“And can you afford not to?” he said. “I think you probably can’t afford to have a $5 million ransomware event.”
One method to ensure businesses can not only afford coverage but also will qualify for it is to get started early, he said.
“I think if you let this conversation go until you’re 30 days out or two weeks out from having to buy a new policy for the year, you’re probably out of time to qualify if you haven’t explored other carriers or brokers,” he said. “That may be one of the biggest items, which is start thinking about this now.”
This will give insureds more time to make technology decisions that are becoming primary drivers for insurers in deciding whether or not to grant coverage, he added.
“You can’t implement technology in two weeks to have the capabilities you need to get a lot of the policies these days,” he said.
For agents and brokers, education about technology and cybersecurity is equally important, he said. Whether it’s multifactor authentication, backup tools, 24/7 monitoring or privileged account management, Olson said brokers should be familiar enough with those terms to give clients at least a two-sentence explanation.
“I think that’s something that the brokers can also be doing to bring more value to their clients,” he said. “To really understand the why and what’s happening with these trends and with these technologies so they’ll be better advisors to their clients.”
According to Gazitua, however, the biggest misconception around cyber insurance is still summarized by the sentence, “It’ll never happen to me.”
“It’s not just, ‘I spent $10,000 on the best IT infrastructure,’ or, ‘I pay every month for the best malware system to protect me from a potential issue,’” he said. “But the truth is most of it is human error.”
He added that with the ongoing remote working environment due to the COVID-19 pandemic, this is even more prevalent.
“There are a lot of systems set up where it’s just human error,” he said. “It could be your kids using your laptop, right? Because how do you balance the personal and business laptop? Those things are happening. I think another big misconception is it’s not just about the system you have in place, but the human error element is never going to go away. That is the most likely reason why you’re going to have a cyber claim.”
For those still questioning whether cyber insurance is affordable or makes sense for their business, Gazitua has a word of caution.
“This is going to be something where maybe you get caught off guard,” he said. “More and more, it is going to become the norm in the next three to five years.”
Check out the rest of the episode to hear what else Odin and Luis had to say, and be sure to check back for new episodes of The Insuring Cyber Podcast publishing every other Wednesday on Insurance Journal TV and Apple Podcasts along with the Insuring Cyber newsletter. Thanks for listening.
The post EP. 27: Two Experts Debunk Some of the Biggest Myths Around Cyber Insurance appeared first on Insurance Journal TV.
EP. 50: Training the Next Generation of Cyber Ninjas with Continuing Education
Insuring Cyber Podcast - Insurance Journal
11/09/22 • 68 min
As cyber attack methods are constantly evolving, guests on this episode of The Insuring Cyber Podcast offered their best advice for how to evolve with them. This all starts, guests agreed, with continuous education. Davis Hake, vice president of policy and a co-founder of Resilience Insurance; Shelley Ma, incident response lead at Coalition in Canada; and Kall Loper, vice president of digital forensics and incident response at cybersecurity firm Cyderes, joined the podcast to talk about how education, training and talent acquisition in cyber insurance needs to reflect the dynamic nature of the risks.
This episode is The Insuring Cyber Podcast’s 50th episode, and to thank our listeners for celebrating with us, we’re offering two free classes on cyber insurance through Insurance Journal’s Academy of Insurance. Click this link to add the two classes to your shopping cart and enter the promo code CYBER50 at checkout. Thanks to IJ’s Academy for this gift, and thanks to everyone for listening and supporting this podcast.
The post EP. 50: Training the Next Generation of Cyber Ninjas with Continuing Education appeared first on Insurance Journal TV.
EP. 77: Haute Cyber? Attackers Are Strutting into 2024 with More Sophistication
Insuring Cyber Podcast - Insurance Journal
01/17/24 • 30 min
Happy 2024! On the first episode of The Insuring Cyber Podcast for the new year, Dr. Magda Chelly, managing director and chief information security officer for cybersecurity organization Responsible Cyber, discusses ways in which cyber attacks are evolving in sophistication. She says despite a dip in the frequency of ransomware attacks, things like new regulation and generative AI are keeping cyber criminals on their toes to think of new, creative strategies. Check it out!
The post EP. 77: Haute Cyber? Attackers Are Strutting into 2024 with More Sophistication appeared first on Insurance Journal TV.
Show more best episodes
Show more best episodes
FAQ
How many episodes does Insuring Cyber Podcast - Insurance Journal have?
Insuring Cyber Podcast - Insurance Journal currently has 85 episodes available.
What topics does Insuring Cyber Podcast - Insurance Journal cover?
The podcast is about News, Insurance, Podcasts, Finance and Business.
What is the most popular episode on Insuring Cyber Podcast - Insurance Journal?
The episode title 'EP. 36: Lions Versus Gazelles: The Evolution of the Web and Its Risks, Opportunities' is the most popular.
What is the average episode length on Insuring Cyber Podcast - Insurance Journal?
The average episode length on Insuring Cyber Podcast - Insurance Journal is 34 minutes.
How often are episodes of Insuring Cyber Podcast - Insurance Journal released?
Episodes of Insuring Cyber Podcast - Insurance Journal are typically released every 13 days, 23 hours.
When was the first episode of Insuring Cyber Podcast - Insurance Journal?
The first episode of Insuring Cyber Podcast - Insurance Journal was released on Oct 28, 2020.
Show more FAQ
Show more FAQ