Expecting the Unexpected: Cyber Lessons from COVID and What Could Be Ahead
What is the biggest lesson that cyber insurers should carry into 2021 after a year in which the COVID-19 pandemic took center stage?
In the first Insuring Cyber podcast episode of the new year and the fifth overall, Tim Zeilman, vice president and global cyber product owner at Hartford Steam Boiler (HSB), discusses how lessons learned from the coronavirus pandemic and from recent significant cyber attacks are more related than insurers may think.
“I think the lesson is pay attention and learn the lessons of the close calls,” he tells Insurance Journal’s Elizabeth Blosfield. “So when you think about the COVID-19 pandemic that we’re in the midst of right now, it’s not the first one. We had inklings that things like this might happen.”
Indeed, over the last decade, disease outbreaks such as Ebola and H5N1, or the avian flu, hit the news, although these outbreaks never amounted to the same global scale as the COVID-19 pandemic, he explains.
“I think you can make an analogy to cyber attacks,” he says. “We haven’t seen the big one yet. We haven’t seen the massive cyber hurricane that everybody worries about and models, but we have seen some smaller events. In particular in 2017, we saw NotPetya and WannaCry.”
He says the message to be taken away from this pandemic as well as the cyber attacks seen in the past few years is don’t ignore the near misses.
“Don’t expect that the future is going to look like that – that we’re always going to have these small, somewhat contained events that might be big but are not the massive big one,” he says. “I think that the bottom line there is really to keep your focus in cyber insurance on accumulation, to plan for that big one that might look like a WannaCry or a NotPetya event but on a much larger scale and much greater impact, and plan for what that would mean to your cyber insurance business.”
Ahead to 2021
Also in this episode, Lauren Winchester, vice president of Smart Breach Response at Corvus – a provider of artificial intelligence driven commercial insurance products – takes a look back at some of the big trends in cyber insurance in 2020 and discusses what cyber insurers should be paying attention to in the new year.
“I think visibility into vulnerabilities is going to be really key – how cyber insurers manage to partner with other vendors or build in-house capabilities in order to get a better sense of their risk pool and the vulnerabilities among their policy holders,” Winchester says.
She adds that going forward into 2021, it will be important for cyber insurers and their clients to establish a greater partnership in order to better understand how they can work together.
“I think insurance buyers in working with their brokers should really be considering what else their cyber insurance company can be doing for them,” she says. “It’s really so much more than just risk transfer at this point, and they should and can ask more of their cyber insurer.”
By Elizabeth Blosfield | January 15, 2021
Source: Elizabeth Blosfield posts new episodes in her Insuring Cyber podcast every other Wednesday together with Insurance Journal’s Insuring Cyber newsletter. Blosfield and her guests explore how the world of cyber and the business of insurance are connected.