According to a survey conducted at the Risk & Insurance Management Society conference in April, seventy-six percent of risk managers said the loss of confidentiality of information was the biggest cyber risk, followed by 16 percent who cited service interruption and 5 percent who cited government intrusion. About 70 percent of U.S. businesses experienced at least one hacking incident in 2014, and more than 50 percent of risk managers say their businesses are not doing enough to prevent cyber-attacks. Even with this information, surprisingly about 36 percent of businesses do not have any level of cyber insurance, while 46 percent said their business had purchased cyber insurance for the first time or increased its coverage levels in the last year.
Cyber risk is a hot topic for potential coverage by captives. Several educational sessions have been held to define, prepare for and prevent risk, but because it’s in relatively early stages, cyber risk still represents a small percentage of overall risks covered by captives. There are many issues one has to consider: selection, understanding the types of risks and exposures; how the risks are structured; capitalization and forms of capital; and access to reinsurance. VCIA hosted a webinar that included a case study by Gary Langsdale, the risk manager of Nittany Insurance Company (Pennsylvania State University), on cyber exposures they face and how they built a successful program to cover those risks. Understanding the specific risks faced by your organization, and then crafting a cyber-program tailored to those risks has rigorously limited Penn State’s ongoing cyber exposure. The webinar is called “Captives & Cyber Risk: Exposure, Coverage and Opportunity” and it’s available from VCIA’s Resource Center on http://www.vcia.com
So you have a choice, Neo: which pill are you going to take?
Thank you all very much, and I look forward to hearing from you.