This episode is about cybersecurity insurance. We’ll discuss what it means to have it, what it means to need it, and whether it is even a real thing.
Don’t worry, we’re not going to spend the episode selling insurance to you. But we feel it’s important to do a show about it, because the truth is even people with decades of experience in either cybersecurity or insurance were quite resistant – until quite recently – to the idea of combining the two.
That’s the case, with our guests today, who were skeptical about cybersecurity insurance but are now full supporters. If you want to learn more about how cyber insurance can be to your benefit, you’ll want to give the episode a listen.
Stanton Gatewood is an experienced and successful cybersecurity professional and information technology leader, with more than 35 years of experience in Federal, State, and local government, higher education, and the public sector. Jeffrey Smith founded Cyber Risk Underwriters to simplify the access to cyber insurance and cyber warranty products via a network of insurance agents, cyber security vendors and infosec investors.
This episode starts with a frank discussion on how the Covid-19 pandemic continues to reconfigure an industry that was already highly dynamic. We’ll explore this transformation in reference to some key statistics:
- 68% of business leaders feel their cybersecurity risks are growing YOY
- Only 5% of internal company folders are properly protected
- 78% of companies are now investing in AI-based security programs to help protect their data
- 71% of breaches were financially motivated, and 25% were motivated by espionage
- The global cybersecurity insurance market size was $3.89 billion in 2017, but is also expected to grow to $23.07 billion by 2025
In response to this expanded threat landscape, Gatewood and Smith argue that effective cybersecurity now relies on insurance coverage. They explain the difficulties that face the insurance industry when trying to come up with a business model that would cover hacking and data breaches and describe the development of the industry.
They then take us through a list of key questions that organizations should ask themselves when considering cyber insurance, including:
- Before applying for cyber insurance, what kind of preparation can produce the outcomes you need?
- What are underwriters looking for when they evaluate and calculate cyber insurance premiums?
- What changes and technologies can an organization implement to lower those costs?
Our guests point out that, just like personal life insurance, the preparations and choices you make before and during the underwriting process will lead to vastly different outcomes in the cost of your premiums.
This week’s episode will be invaluable for cybersecurity engineers intrigued by the idea of cyber insurance, as well as risk managers who want to learn the best cybersecurity practices to follow. As on every InSecurity podcast, our goal is to connect otherwise distant experts, and to see what we can each gain from an open discussion.
About Stanton Gatewood
Stanton Gatewood is an experienced and successful cybersecurity professional and information technology leader, with more than 35 years of experience in Federal, State, and local government, higher education, and the public sector. He has been recognized for his contributions to the State of Georgia and the University System of Georgia.
Stan enjoys helping his peers increase their Cyber Knowledge, Skills, Abilities + experience with his work in NASCIO.
About Jeffrey Smith
Jeffrey Smith founded Cyber Risk Underwriters to simplify the access to cyber insurance and cyber warranty products via a network of insurance agents, cyber security vendors and infosec investors. In this role, Jeffrey is building a business model to educate clients about the catastrophic nature of cyber security risks, generate alternative distribution channels for cyber insurance products and custom programs for unique customers.
About Matt Stephenson
Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity Podcast and video series at events around the globe.