Phishing for trouble

What do captive insurers require from their parents in order to prevent a cyber attack?

Like any other insurance company, they are going to want to see controls and see how the company is mitigating the exposures of cyber risk. They are going to look for multiple things, such as checking to see that response plans are in place, with decent technology and coordination among their functional operating groups so that there’s discussion about what type of cyber risks exist in the company.

What are the main problems within a business that can cause a cyber breach?

There are so many different conclusions on what ranks as the top issue causing cyber breaches, but studies suggest that hacking, phishing and social engineering are the main causes. I think that you can definitely rank phishing as one of the biggest issues in 2016, with ransomware being one of the highlights. There are also obvious causes for breaches, such as hacking events, and human error or human element events.

Do breaches also come from within the business?

Yes, there are errors that can be created by an employee, as well as a malicious component of human element, which is huge in the business environment.

Should all companies have a prevention programme?

There should be a loss prevention programme in place and I think it should start with the internal response plan. The plan should identify who is in charge of preparing for a breach, determine how to prepare it, and lay out processes so that the company is ready for any situation when it occurs.

A company also has to have a post-breach response plan. There has to be a mitigation component and within that there should be an internal response plan, which is going to lead the charge in how the company handles a breach.

Are you still being approached by large companies that do not have cyber cover in place? Why do you think they are yet to purchase cover?

Yes, and I think there are a lot of reasons why companies are still not purchasing cyber coverage. I think there is a disconnection in the type of information sharing which is going on within the cyber risk community, particularly on the brokerage side.

I believe the sophisticated brokers are able to share good quality information, starting from a risk management perspective all the way down to insurance.

But, unfortunately, I think in some cases there tends to be a disconnection in the communication process.

That means the corporations may not have had the risk properly explained to them and do not understand the value of the insurance.

In those situations, what you get is disconnection and confusion, which makes it a much harder process for a company to secure the proper insurance.

How often should companies be updating covers because of new emerging risks?

Those updates should be made annually. At the moment we know that the cyber policies are still going through changes and we are seeing emerging risk taking into account the bodily injury and property damage component of an event.

Most cyber insurance policies are not addressing bodily injury and property damage, and if they are, it’s a small segment of the insurance market place that is able to provide such.

Not all companies have the exposure but there are a lot of companies out there that are concerned an attack on their computer systems could result in some sort of bodily injury or property damage, particularly from organisations that are in the power and utility sector.
The latest features from Captive Insurance Times
What should a captive look for when hiring a firm to manage its portfolio? Stephen Nedwicki of Comerica Bank takes a look
US captive insurance association leaders discuss the present challenges and future of the business, as federal policy confuses and SME growth continues
Join Our Newsletter

Sign up today and never
miss the latest news or an issue again

Subscribe now
Becky Butcher finds out why captive insurance is such a natural fit for financial institutions and how they will continue to dominate the market
With London’s ILS hub set for an autumn launch, Guernsey Finance’s Dominic Wheatley shares his thoughts on what to expect
Guernsey’s hard work is paying off as China looks to stretch the boundaries of its captive strategies. Becky Butcher reports
Guernsey’s ILS numbers reveal a booming market made better by regulatory innovation. Becky Butcher reports
A bigger market means an improving financial performance, perhaps even higher returns. Marsh’s annual analysis of the captive insurance market, now in its tenth year, discovers that it also means change
Attendees of the European Insurance Forum in Dublin heard how insurance and reinsurance professionals are readying for turbulent times ahead
Domicile profiles
The latest domicile profiles from Captive Insurance Times
Debbie Walker of the North Carolina Department of Insurance tells Becky Butcher why the state is among 2017’s standout performers
Experts convene to talk to Becky Butcher about the stability that Guernsey represents in a challenging financial and political environment
Asset Servicing Times

Visit our sister site
for all the latest asset servicing news and analysis
In an era of increasing uncertainty, Tamatoa Jonassen suggests that the Cook Islands can be a bridge to financial security in a captive
With a dedicated captive plan in place, the Lone Star State is on the rise, says Josh Magden of the Texas Captive Insurance Association
After 36 years of captive business, Vermont boasts a culture of legislative change, and still has a few tricks up its sleeve. Dan Towle and David Provost explain
After a successful 2016 and the licensing of its first securitisation cell company, Malta insurance industry professionals are looking ahead to 2017
Missouri’s captive programme is approaching a decade in operation. John Talley explains how the state has made it to this milestone
Less than 10 years ago, the Bahamas was a virtually forgotten player in the external insurance marketplace, according to Tanya McCartney and Michele Fields. But today, the jurisdiction has a reputation as a market leader
The latest interviews from Captive Insurance Times