The evolving role of insurance in cyber resiliency
Citizens, business and government have come to rely upon the insurance industry to provide solutions for risk, based upon indemnification for unforeseen losses resulting from specific perils, such as the cost replacing a warehouse lost in a fire. Our growing use of technology not only enhances communication, efficiency and innovation; digitalization presents us with new security and privacy risks for which traditional insurance solutions are inadequate. In the case of cyber risk, new threats are constantly developing, requiring industry and government to rethink risk management. The question is no longer “if”, rather than “when” a cyber attack will be suffered. In our networked world, losses can spread faster than wildfire, and cause simultaneous chaos, loss of life, business interruption, damage to property, theft of intellectual property, and legal liability in locations across the world. For an insurer to simply “settle the bill” is not enough.
Insurers are moving beyond reimbursement, taking an active role in assessment, prevention, detection, response and recovery. While cyber risk is new, insurers can apply the knowledge and experience they have gained from more established risks also characterized by low frequency and high impact, such as natural catastrophe and terrorism. Cyber insurance is not, however, a standalone solution. Resiliency requires better risk awareness, incident and threat data sharing, proactive government policy and regulatory foresight as well as sound planning by business leaders.
Michael S. Ricks
Mr. Ricks helps business and government leaders to understand cyber risk and opportunity, then formulate and execute strategy. His current functional focus includes cyber security, blockchain, artificial intelligence, machine learning and the Internet of Things. He recent sector experience includes FinTech, communication, health care, aerospace, geospatial and high tech.
At the George C. Marshall European Center for Security Studies, Michael is a seminar co-lead and expert lecturer on risk management and insurance, public private partnerships and crypto currency for the Program on Cyber Security Studies.
While partner of Big 4 consulting firms, he held national, regional and global leadership roles in the Financial Services / Insurance practices. He earned an MBA from the Thunderbird School of Global Management and is a holder of the professional designations Chartered Property Casualty Underwriter, Associate in Reinsurance, Associate in Insurance Services and Diploma in Company Direction. He an active board member, advisor, and business angel, and is the managing director and founder of the specialist advisory firm Cyberlogix.