<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">
Cyber Insurance

BitSight EXCHANGE Sound Bites: Transferring Risk Through Cyber Insurance

BitSight | December 26, 2018

In the months since BitSight’s inaugural EXCHANGE forum inaugural EXCHANGE forum, we have been digesting and processing the incredible sessions and discussions that came about from this forum. It was a great event that brought together security executives from all over to discuss the challenges they face in their roles every day.

One session that stood out was the discussion between Graeme Newman (Chief Innovation Officer at CFC Underwriting) and Jake Olcott (VP of Corporate Communications & Government Affairs, BitSight), which focused on how cyber insurance has developed and changed in the past few years, as well as their thoughts on the future of the market.

Below, Newman shares his thoughts on the cyber insurance underwriting process.

 

“I suppose what we're really looking for is very much, like, the BitSight kind of philosophy. We try and look on the outside to see what we can see, and then make inferences about how that means that a business operates. So a few of the questions are just trying to gauge a level of security maturity, as much as we can see from the outside. Because we can't micro underwrite businesses. The economic model doesn't stack up for us to do weeks and weeks of review internally for us to ascertain a price, also remembering that we're not trying to price for your day to day operational risk. That's not what insurance is about.

You shouldn't be looking to get an annual return on investment on your cyber insurance spend. What we're looking to do is price the kind of one in 100, the one in 250-year event. When you're pricing what we call the tail of the distribution, right, the cat event, we tend to focus less on the control environment and more on the exposure environment, right? So we're looking for risk characteristics that will tell us how bad an event is in that one in 100, one in 250-year event, because that's the thing that we're worried about and that's the thing that we're pricing for.”

Thank you to Graeme and Jake for an extremely informative discussion!

Read the recap of the inaugural BitSight EXCHANGE forum. 

Suggested Posts

As Cyber Insurance Claims Soar, Businesses Need to Demonstrate a Standard of Care

Hardly a day goes by without the emergence of a disturbing new trend in cyber crime or headline-grabbing hack. Hackers are getting smarter and threat vectors are constantly evolving. The escalating threat is forcing businesses to file more

READ MORE »

BitSight EXCHANGE Sound Bites: Transferring Risk Through Cyber Insurance

In the months since BitSight’s inaugural EXCHANGE forum inaugural EXCHANGE forum, we have been digesting and processing the incredible sessions and discussions that came about from this forum. It was a great event that brought together...

READ MORE »

Silent Cyber: What It Is & How You Can Avoid It

Companies typically buy several lines of insurance—from property, to general liability, to professional liability. When something goes wrong, it’s common for a company to run to its insurance provider and claim that it has coverage. But...

READ MORE »

Subscribe to get security news and updates in your inbox.