Steve Bauman
Zurich North America

Steve Bauman of Zurich suggests it will be interesting to see how regulators react and begin to craft legislation, controls and requirements around cyber

What are some of the top cyber threats a company faces on a daily basis?

There are a lot of different cyber threats around the protection of data, the privacy of that data and the security of that data. Cyber is such a broad term and people get confused because of how many areas there are. Cyber is just a generic term but security and privacy of data is the main focus of the product.

Are cyber risks coming from within or outside of the company? What are seen as the bigger threat?

Threat vectors stem from all directions. While current employees cause the largest portion of breaches, according to PwC’s Global State of Information Security Survey, opinions on whether internal or external actors pose a larger risk varies depending on the responder. External threats, which tend to be malicious and intentional in nature, leverage an army of resources to penetrate company perimeters, navigate the network, and mine for crown jewels.

Conversely, internal threats already reside and know the environment but are harder to detect without strong behavioural analytic tools, because human error may play a role.

How will these cyber threats evolve over the next five years?

I don’t think anybody knows. I think what’s unbelievable is that cyber is a risk no one in the captive field had on their radar until recently. If you think of where we as an industry are now, and the fact that in the news you hear of cyber breaches nearly every day, I can’t imagine where it’s going to be in five years.

I know if we don’t do anything about it no one is going to be in a good position. I think by recognising that cyber is an emerging exposure and risk, we can keep it under control and begin to do something. Buying insurance is a good way to start the process but I think captive utilisation is the next step and it also makes a lot of sense for many companies.

According to research in 2015, only 1 percent of captive owners were funding cyber risk through their captives. How has this number changed?

Only 1 percent of captive owners in 2015 is a very small number. I guess it’s because it wasn’t on anyone’s radar then or several years ago. I think we’re going to see exponential growth in captive utilisation for cyber.

Zurich recently launched its new cyber solution for captives. How does the programme work and how will clients benefit from this?

The new solution marries captive utilisation and the products that insurance companies like ours have in the marketplace. It takes our underwriting expertise, the policy forms and the policy infrastructure that we have and marries that to a captive.

The solutions gives the captive the benefit of having the expertise of the policy form and the ability to tap into the services that Zurich puts out in front of captives. Anytime you mitigate losses going to the captive, that’s money saved in the captive and that’s underwriting profit that’s retained. Captive utilisation accrues to the benefit of the parent owner of the captive.

As you said, cyber was off the radar for companies five years ago. What other emerging risks should companies be looking out for?

There continues to be the emerging risks of compliance, or rather non-compliance, or even lack of compliance. If you think about insurance that is regulated in every country around the world and every state in the US, the possibility or risk of being non-compliant is increasing. Captives really need to pay attention to the environment that they’re doing business in, and they need to make sure that the programmes that they are involved in are compliant. The risk of being non-compliant is increasing and that continues to be an emerging risk for captives and their owners as well.

What will be interesting is to see is how the worldwide regulatory bodies look at the cyber threat and how they will craft legislation, controls or requirements on companies and therefore captives to see how that develops. I think it is going to be really interesting.

As more compliance and regulatory bodies look at captives and more of them look at cyber, it will be really interesting to see how that develops. There are some regulatory bodies that are already looking at this issue now. I know the Federal Insurance Office and the National Association of Insurance Companies are both looking at it in the US, as is the International Association of Insurance Supervisors.

The latest interviews from Captive Insurance Times
The latest features from Captive Insurance Times
What should a captive look for when hiring a firm to manage its portfolio? Stephen Nedwicki of Comerica Bank takes a look
US captive insurance association leaders discuss the present challenges and future of the business, as federal policy confuses and SME growth continues
Join Our Newsletter

Sign up today and never
miss the latest news or an issue again

Subscribe now
Becky Butcher finds out why captive insurance is such a natural fit for financial institutions and how they will continue to dominate the market
With London’s ILS hub set for an autumn launch, Guernsey Finance’s Dominic Wheatley shares his thoughts on what to expect
Guernsey’s hard work is paying off as China looks to stretch the boundaries of its captive strategies. Becky Butcher reports
Guernsey’s ILS numbers reveal a booming market made better by regulatory innovation. Becky Butcher reports
A bigger market means an improving financial performance, perhaps even higher returns. Marsh’s annual analysis of the captive insurance market, now in its tenth year, discovers that it also means change
Attendees of the European Insurance Forum in Dublin heard how insurance and reinsurance professionals are readying for turbulent times ahead
Domicile profiles
The latest domicile profiles from Captive Insurance Times
Debbie Walker of the North Carolina Department of Insurance tells Becky Butcher why the state is among 2017’s standout performers
Experts convene to talk to Becky Butcher about the stability that Guernsey represents in a challenging financial and political environment
Asset Servicing Times

Visit our sister site
for all the latest asset servicing news and analysis
In an era of increasing uncertainty, Tamatoa Jonassen suggests that the Cook Islands can be a bridge to financial security in a captive
With a dedicated captive plan in place, the Lone Star State is on the rise, says Josh Magden of the Texas Captive Insurance Association
After 36 years of captive business, Vermont boasts a culture of legislative change, and still has a few tricks up its sleeve. Dan Towle and David Provost explain
After a successful 2016 and the licensing of its first securitisation cell company, Malta insurance industry professionals are looking ahead to 2017
Missouri’s captive programme is approaching a decade in operation. John Talley explains how the state has made it to this milestone
Less than 10 years ago, the Bahamas was a virtually forgotten player in the external insurance marketplace, according to Tanya McCartney and Michele Fields. But today, the jurisdiction has a reputation as a market leader