Begun work on my 2nd book. This one is focused on insurance and cyber. 1st book: “Stone Tablets to Satellites: The Continual Intimate but Awkward Relationship Between the Insurance Industry and Technology".
The "better" actuaries and underwriters will tell their management that because there is not enough credible data, the insurance product should not come to market. At all. (Re)insurers and brokers have been enjoying the safety of the insurance industry generating profit from the sales of cyber insurance over the last 20+ years. That situation will soon come to an end as cyber risks become more complex (and maximum probable losses either hard to estimate or have estimates that result in combined ratios over 100%) and systemic cyber attacks become the norm. Think CrowdStrike on steroids ... #cyber #cyberrisks #systemiccyberattacksthenorm #crowdstrikeonsteroids
Lucas Urbisaia
1mo
Would it make sense to treat it as finance would do with market risk and bake it into the price of every other product?
I agree, always was skeptical about how to price something that has a huge chance of happening and a large distrubution of possibles losses.
Vice President of Technology at IE Construction.
1moInsurers need to be able to understand the risk of the data as much as they need to understand the risk to the data today. It's no longer enough to look at what controls are in place to keep attackers out, insurers need to be able to quantify the risk once the attackers get in.