Keen to Compete

2017 Insurance Executives to Watch

The 2017 Insurance Executives to Watch shoulder pressing responsibilities in a global competition for customers, talent and top-line growth; and that’s just fine with them.
By: | December 14, 2016 • 20 min read

We started the Insurance Executives to Watch feature in our magazine five years ago as a way to highlight insurance executives who are taking on substantial new responsibilities. Be they engaged in a sizable merger, a product to counter an emerging risk, or a daunting turnaround, these are executives the industry will be keeping their eyes on.

In this year’s issue, you will read profiles of executives who fit that very mold. Several are tasked with maximizing their organization’s ability to use data to manage risk and craft coverage.

Advertisement




Others are shouldering the responsibility of competing in the program business, or some other highly competitive area where many of their competitors are pushing to build out top-line growth.

FM Global’s Carmelina Borsellino is charged with bringing her company’s substantial engineering expertise to bear in countering one of the most hazardous risks we face: cyber. That risk in just the past five years grew from an IT concern to an enterprise risk.

Allied World’s Grace Meek brings 20 years of experience to bear in building up that carrier’s program business. Meek owns a track record of producing double-digit growth in programs, a business that many carriers have their eye on.

Another area that measures change in the double-digits is the amount of turnover the industry sees in claims handling. Patrick Walsh, an executive vice president with the York Risk Services Group, cautions not to overthink the issue.

Putting energy into attracting talent and training isn’t rocket science, he reasons. Rather, talent attraction and retention are fundamental functions that the industry carelessly lets wither. Get back to basics, he says, and put the work in.

The executives featured in the following pages are keen rivals. What makes them special is that they don’t fear competition but embrace it.

All of them accomplished a lot to be placed in their current positions of trust. Now we’ll see what they do with that trust.
_______________________________________________________

Meeting Diverse Challenges

122016_01_cs_postlewhiteStephen Postlewhite
CEO
Aspen Insurance

Aspen Insurance restructured its core management team to create a collaborative global organization. It’s up to Stephen Postlewhite, who was appointed CEO in May, to make that transition succeed, even as the insurer copes with challenges that are “regulatory-related, exposure-related and growth-related,” he said.

“Part of the art of managing an insurance business is to recognize the different dynamics and characteristics across product lines and look for suitable opportunities, rather than fundamentally reshaping everything,” the CEO said.

Postlewhite said Aspen hired around 60 people in the last six months.

“One of the challenges we faced was pulling all these people together into a cohesive team, aligned with the global operating model and global culture, which we have now successfully done.”

The company also restructured to operate a dozen global products with global leadership, with regional products run by regional leaders. Previously, it ran almost as two separate businesses, domestic and international.

“Getting that to work well gives us a real differentiator and is a valuable strategic benefit for the long term,” said Postlewhite, who previously was CEO of Aspen Re and chief risk officer of Aspen Group.

Overall, he said, Aspen sees the U.S. as “an area where we are pushing for growth.” But it is challenged, particularly by U.S. property CAT, which has “seen some fairly significant rate reductions over the past two and a half years.” Aviation and energy are also lines where it’s “difficult to see really significant growth.”

Among its other coverages, cyber, surety, and accident and health are bright spots. He also sees growth opportunities for marine and the company’s new product recall coverage. “Our diversification gives us the opportunity to be flexible and recognize where there’s greater competition and where there is less,” he said.

_______________________________________________________

Planning for the Long Term

122016_01_cs_zubretskyJoseph Zubretsky
CEO
The Hanover Insurance Group

In an organization that has seen some turnover in its leadership ranks, Joseph Zubretsky brings more than 35 years of experience to the helm of The Hanover Insurance Group.

In that role he’s moving deftly, leveraging his experience as a business builder and working with The Hanover’s experienced team to position the company for continued success in a rapidly changing marketplace.

During a Q3 earnings call in November, Zubretsky told analysts the company is “in the middle of a comprehensive, long-term strategic planning process. … Our goals through this process are to build on existing elements of the business, to anticipate developing industry trends, and to determine how to position our company to succeed with technology as an increasingly powerful enabler of change.”

Hanover will help its “independent agency channel” target value-added markets, including specialty, and explore “product adjacencies” with the underwriting platform at Chaucer, a Lloyd’s market syndicate through which it writes insurance and reinsurance, he said.

Advertisement




Zubretsky also said Hanover will target the “emerging affluent” as part of its U.S. personal lines business, which accounts for 31 percent of the carrier’s book, along with 50 percent commercial lines and 19 percent international, according to Standard & Poor’s. It focuses on small and midsize accounts. Zubretsky came to Hanover from Aetna, where he was CEO of its Healthagen Holdings subsidiary.

He follows retired CEO Frederick Eppinger, who grew the company from a small, regional insurer into one that expanded nationally and internationally. Eppinger stayed through mid-year 2016 to allow for a smooth transition in leadership. Hanover’s CFO David Greenfield passed away unexpectedly in the fall of 2015. He since was succeeded by former AIG financial executive Jeffrey M. Farber.

_______________________________________________________

Focused on Superior Outcomes

122016_01_cs_fallonMike Fallon
President, National Insurance
Liberty Mutual

Mike Fallon was appointed in June to lead Liberty Mutual’s National Insurance, a business that helps large and specialized businesses solve complex risk management problems.

“Our continued growth and success will come, in part, from offering a full range of effective primary and excess products, backed by exceptional service,” Fallon said.

In the upcoming year, Fallon plans to continue to add products and services to make it easier for brokers and clients to partner with Liberty Mutual on comprehensive risk management solutions. The team recently added two new excess casualty products, Utility Follow Form Excess for the power and utility sectors, and Integrated Occurrence Form for the large corporate sector.

He is also cognizant of the impact the industry continues to feel from commercial auto severity increases — whether it be from favorable economic trends leading to additional miles driven or distracted driving — as well as severe weather resulting in increased large property losses.

“Liberty Mutual helps buyers and brokers meet these and other risk management challenges by proactively identifying all the risks faced by a company, developing a plan for effectively managing and mitigating those exposures, improving safety to prevent the accidents that trigger claims, and effectively managing claims to produce superior outcomes,” Fallon said.

Before being appointed to lead National Insurance, Fallon served as chief financial officer for Liberty Mutual Insurance’s Commercial Insurance strategic business unit. He’s been with the company almost 24 years.

“I grew up professionally at Liberty Mutual in a culture where long-term relationships are highly valued, and have learned from a number of industry icons,” Fallon said. “I can’t think of a better setting from which to learn, and I am extremely excited to work with my new team and our partners to help us become a stronger, more solution-oriented organization.”

_______________________________________________________

A Leap Forward on Cyber

122016_01_cs_borsellinoCarmelina Borsellino
Vice president and manager of cyber hazards
FM Global

Cyber security ranks as one of the top risks in every industry sector, but it changes constantly and is hard to assess.

Carmelina Borsellino, vice president and manager of cyber hazards at FM Global, is charged with giving insureds more peace of mind in that area.

“Cyber is top of mind for many of our clients,” said Borsellino, who was promoted to that post in September after 27 years in engineering followed by three years as a business process improvement consultant with the mutual insurance company.

Cyber security threats are constant and evolving, from loss of data, to ransomware demands, to connectivity risks of the Internet of Things, to employee behavior, and to trepidation over industrial or property damage.

Adding to the challenge is that attacks are often kept confidential by companies, resulting in a dearth of loss history.

“We, in the industry, have to become much more forward-thinking on cyber,” she said.

Advertisement




“It’s not a static or predictable risk.”

Borsellino is part of a new Cyber Risk Engineering Unit at FM Global.  The group will use research and loss prevention engineering to assess cyber risks related to physical security, industrial control systems and information security.

The team plans to develop location- and account-based assessment standards, tools and methodologies. Several products and services will be available in 2017.

“We are going to approach cyber the same way we approach every other risk,” Borsellino said.

“We are always going to leverage our research and science. Then we will apply what we learn.

“Risk managers need to get in front of it. Historically, it’s been more of an IT issue, but it’s more of an enterprise risk now,” she said.

_______________________________________________________

Speed With Discipline

122016_01_cs_johnstonRuss Johnston
CEO, North America
QBE

There’s the brand of QBE, the global insurer headquartered in Australia, and then there’s the personal brand of its new CEO for North America, Russ Johnston.

“People ask me, ‘Russ, who are you?’ and I tell them I’m an underwriter,” said Johnston.

Johnston, appointed in May to lead the largest division by revenue for one of the largest insurers in the world, considers himself a person equally comfortable interacting with brokers and underwriters.

“I try to be a market-facing leader, with the people that actually place the business,” he said.

“It allows me to flex in this organization in a way that is really positive and tangible for our people and our policyholders,” he said.

Johnston’s division is moving at quite a pace.  In the past 24 to 36 months QBE North America has come out with more than 30 new products.

“But speed and urgency doesn’t mean that you don’t act thoughtfully and diligently either,” he said.

For example, before the division stood up a health care business, it spent 18 months developing a view of the market and putting together a business plan.

Like all insurance leaders, Johnston must monitor a talent environment where the best and the brightest are in short supply.

He thinks he has a compelling reason why they should pick QBE North America.

“We have a very flat organization,” he said. “In order to run an organization that way you have got to empower people,” he added. “At the same time when they need access to decisionmakers, they have it, and they can make that decision and move,” he said.

“We do operate with urgency and we have been fairly focused on product introduction but there is a lot of discipline that goes into everything we do,” he said.

_______________________________________________________

A Global Journey

122016_01_cs_gonzalezIvan Gonzalez
CEO of North America
Swiss Re Corporate Solutions

Ivan Gonzalez, the CEO for North America at Swiss Re Corporate Solutions, said that Swiss Re Corporate Solutions “is on a journey.” And for much of his career, the 40-year-old has been along for the ride.

In July, nearly 17 years after joining the company, Gonzalez was charged with piloting Swiss Re’s expansion strategy in primary insurance in the U.S. and Canada. That primary arm, Swiss Re Corporate Solutions, started six years ago with about 1,000 employees. Today it has 2,600 employees in 55 offices across 22 countries. About 1,150 of them report to Gonzalez in North America.

Much of Gonzalez’s focus in 2017 will be advancing Swiss Re Corporate Solutions’ strategy to extend its leadership in excess layers while developing capabilities as a primary lead underwriter in domestic and multinational programs.

Advertisement




“We are in the process of expanding our product suite, establishing a truly global footprint and perfecting our operational and claims capabilities,” he said, ading that the company won’t pursue growth at the expense of profitability.

Gonzalez encourages his team to focus on pricing, strong terms and conditions, and improved cost management. Insurers are facing significant pressures on both the asset and the liability side, and “only players with the financial strength and long-term vision of Swiss Re Corporate Solutions can afford to take capacity out of the market if the profitability is not adequate.”

Gonzalez points to his Latin American background and young age as proof of his company’s commitment to diversity and attracting younger workers to the insurance indiustry.

“Swiss Re Corporate Solutions is on a journey,” he said. “From 2010 to today, it has been building, almost from scratch, a global commercial insurance player.  Our ambition is to be a preferred partner for Corporates’ global and local insurance needs.”

_______________________________________________________

An Eye for Talent

122016_01_cs_walshPatrick Walsh
Executive vice president
York Risk Services Group

Patrick Walsh, a 30-year veteran of the insurance industry, joined York Risk Services in April in part because he liked the company’s culture.

“Rick [Taketa, the president and CEO of York] likes to talk about when you see a problem, run to it,” said Walsh, who also is president of York’s Risk Management Practices business.

“I think that is a really good way to characterize what we are building in terms of what we expect out of the people who work at York.”

One issue that the claims handling industry in general is struggling with is talent. Walsh’s perception of any talent shortage in claims handling is very cut and dried, and he is candid in his expression of it.

“The industry created this talent shortage,” he said.

“The industry stopped training people. The industry stopped attracting people.”

For its part, York instituted an onboarding system that gives claims handlers the training they need.

“It’s all about welcoming and indoctrinating people into our organization and approach,” Walsh said.

“We don’t let them touch a client’s work until they have proven proficiency.”

Talent is one area where claims organizations can differentiate themselves. Data is another, Walsh said.

Using data to flag cases that could spiral out of control, and giving claims handlers actionable information in real time is the Holy Grail in claims management.

“I do think the ability to invest in innovating and trying different things is what is going to set a company apart,” Walsh said.

“It’s one thing to say we have data and reporting and we can give you information in real time,” said Walsh. “It’s another to put data into action and then show that action and make adjustments in your processes.”

_______________________________________________________

Carrying the Torch Onward

122016_01_cs_fernandezGeno Fernandez
Chief underwriting officer
Zurich North America

On July 5, Geno Fernandez took the helm as chief underwriting officer for Zurich North America.

Fernandez has big shoes to fill, taking over the position from the well-respected Mary Merkel, had a distinguished 33-year career at Zurich.

During her tenure, Merkel maintained disciplined underwriting strategies for property/casualty lines in North America, fine-tuned risk selection and pricing, and advanced Zurich’s analytical capabilities through its predictive analytics center of excellence in North America.

Fernandez is charged with continuing her work, maximizing underwriting efficiency to drive profits under the pressure of a persistent soft market. Other trends, such as advancing technology and the rapid pace of change, also demand innovative leadership.

Fortunately, he has the résumé to prove he’s ready for the role.

Advertisement




As the former head of strategic execution for Zurich North America Commercial, he brings extensive knowledge of the insurer’s operations in the region to his new position.

He was credited with leading a “strategic transformation to a more customer-focused organization, engaged with key brokers on critical initiatives,” and with “strengthening Zurich’s analytics capabilities,” according to a statement announcing his move.

Prior to joining Zurich in 2012, Fernandez served as a senior partner and leader in the insurance practice at McKinsey & Co. Over 13 years there, he helped develop corporate strategy and global underwriting capabilities.

He also served as a special attaché for economic affairs to the Secretary of State and currently serves on several nonprofit boards, including the National Leadership Roundtable.

Fernandez has actively worked with Habitat for Humanity, the March of Dimes and the American Cancer Society.

_______________________________________________________

In It for the Long Haul

grace-meek-alt-headshot-300-by-230Grace Meek
Senior vice president and head of U.S. Programs
Allied World

Grace Meek makes it clear that she and her company are in the programs business for the long haul.

The senior vice president and head of U.S. Programs for Allied World has been working in the programs space for almost the entirety of her career.

“I like the diversity because it is never the same,” Meek said of a business in which program administrators underwrite and bring to market risks in specific industries.

Doing something different every day is a blessing, she said. In programs, forming and keeping long-term relationships is an important responsibility.

“It’s a small space within the insurance industry so it is a tight-knit group of people. I have a 20-year reputation in this segment,” she added.

“People know that we are serious about it and we’re not coming in and out of the space.”

Meek said those who know her will tell you that she is candid and that she greatly values transparency.

“I work with the PAs (program administrators) to help them work through hard times and good times. So whatever happens, they will know exactly where they stand with me.”

Meek joined Allied World in 2011 and appears to be thriving in the position. Since then, according to the company, Meek increased Allied World’s program business by more than 20 percent on a compounded basis and more than doubled the division’s premium.

This success is nothing new. At her previous employer, Delos Insurance Group, Meek is credited with developing a portfolio of programs that increased by 200 percent over three years.

“I think in the program space the most important thing is the people that we are going to be working with. That’s always my gut check. Is this someone that we can trust?”

_______________________________________________________

Achieving Growth in a Challenging Market

122016_01_cs_lylesKelly Lyles
Chief executive, Client and Country Management, and deputy chair, Insurance Leadership Team
XL Catlin

With more than 20 years of experience in the insurance industry, including roles as both an underwriter and country manager, Kelly Lyles is poised for success as XL Catlin’s new chief executive, Client and Country Management, and deputy chair of the Insurance Leadership Team. She previously served as chief executive of Insurance Global Professional.

In her new role, Lyles is responsible for global broker management and for overseeing country managers to ensure the efficient delivery of insurance products to market.

She outlined a few of her key objectives for 2017.

“We will continue improving service to our clients through global programs by making them more streamlined and efficient,” she said.

“First and foremost, my focus is making sure we grow profitably while still innovating new products and solutions to address evolving client needs.

Advertisement




“Strategically, our top challenge will be staying relevant to clients; listening to their concerns and continually developing solutions to address them. We periodically sit down with groups of our broker partners and clients to hear about what they need or what we can improve.

“The innovation piece is not something the industry has traditionally been good at, but we need to strengthen strategies to grow profitably in the continuing soft market while innovating.”

Other long-term goals include entering into the retail and accident and health markets, improving the carrier’s offerings in global M&A products, and expanding cyber coverage internationally.

“We are one of the top three cyber markets within the U.S., but don’t have much of a presence outside of it,” Lyles said.

“Expanding our cyber coverage abroad is a big focus.”

_______________________________________________________

Stronger Together

122016_01_cs_obrienFrances O’Brien
Division president, North America personal risk services
Chubb

Throughout 2016, Frances O’Brien led the integration of ACE private risk services with its former competitor, Chubb personal insurance, creating a new Chubb high net worth business unit for the U.S. and Canada.

The merger also included the high net worth personal lines insurance portfolio of The Fireman’s Fund Insurance Co., which ACE acquired in 2015. Between the three combined companies, Chubb has more than 500,000 customers, and has settled millions of claims.

“Bringing the three portfolios together [Chubb, ACE and Fireman’s Fund] has given us an unprecedented view of three former competitor books of business and how agents and brokers both placed business with the three companies, as well as the way each company successfully serviced their respective clients,” said O’Brien.

According to a 2012 Barclays report, there has been an increase in investing in tangible property such as fine art, jewelry and real estate. It is estimated that there is $33 billion in untapped premium in the segment — business that Chubb is uniquely positioned to capture.

“Understanding our clients and their lifestyles is at the center of it all,” said O’Brien. “What people passionately collect; the cars they love to drive; whether they travel, where they go and how they get there; if they have teens or college-age children — these and so many other factors can impact the right mix of products and services that can be crafted on a bespoke basis for each client.”

Moving forward through 2017, O’Brien’s team will focus on new technology and solutions to increase value to clients and drive retention, as well as attract more customers into the offices of its agents and brokers.

As other companies enter the space, the challenge will be to understand the market’s increasingly insurance-savvy customers and offer the services they value. That’s where the deep expertise of O’Brien and her team will shine.

_______________________________________________________

Staying the Course

122016_01_cs_robustoDino Robusto
Chairman and CEO
CNA

Among the talent moving from Chubb to CNA count Dino Robusto, who became chairman and CEO of the country’s eighth largest commercial insurance writer in November.

CNA recently added four Chubb alumni as senior vice presidents: Joel Townsend (claims), Kathleen Ellis and Barbara Sandelands (commercial underwriting), and Drew Feldman (marine and equipment breakdown).

And former CEO Thomas Motamed, who retired after eight years at CNA, also worked at Chubb — before its acquisition by ACE.

Robusto joined Chubb in 1986 as a commercial lines underwriter and held a number of leadership positions, ending as executive vice president and president of its commercial and specialty lines. He was also responsible for information technology and innovation.

It will be Robusto’s job to continue CNA’s “strong business risk profile,” according to Standard & Poor’s.

“With about $11 billion in annual gross premiums written, CNA has a market-leading position in some property/casualty lines and positive geographic diversification,” S&P reported in October.

Advertisement




“Enhancing this has been CNA’s solid market presence in specialty P&C insurance and its ability to generate consistently stable operating earnings.”

Because of the magazine’s print schedule, Robusto had not yet joined CNA at press time.

In an interview with A.M. Best earlier this year before he retired, Motamed said he removed “nonperforming businesses and geographies” from the company during his tenure, and entered into a reinsurance agreement to protect against asbestos claims.

He said the company’s strategy shifted to “focus on industry segments, including construction, manufacturing, technology, financial institutions, health care, and others.”

_______________________________________________________

Passionate About the Future

122016_01_cs_thomasMegan Thomas
Chief underwriting officer – Liability Lines
AIG

AIG’s board announced a two-year plan to streamline businesses and reduce expenses by about $1.6 billion at the beginning of 2016. As chief underwriting officer for the casualty business, Megan Thomas is an integral part of the team involved in the development and execution of the strategy to help AIG get there. In 2017, Thomas will focus on transformation, including new product development, identifying new market opportunities and continuing to ensure underwriting best practices are met.

“The responsibility I have as a chief underwriter is to ensure that we have the right strategy in place and we have the right execution of that strategy,” Thomas said. “The results we’ve seen to date have continued to reaffirm the trajectory we are on.

“There will be a continued focus on superior risk selection, which enables us to write sustainable business through the various market cycles, interest rate environments, and the challenging litigation environment that we are faced with in the U.S.,” Thomas said.

Increasingly, she said, she’s using analytics for insights into risk selection and pricing to allow for meaningful partnership with clients.

“We continue to be faced with a litigation environment that has uncertainty associated with it,” Thomas said. “We see increasingly large verdicts, and as an industry we have to deal with those in terms of ensuring that we can provide the appropriate products that are needed, at the appropriate pricing that will enable us to have a continued sustainable business as an industry.”

Thomas also co-leads a diversity and inclusion initiative with Rob Schimek, the CEO of AIG Commercial, to support AIG’s focus on a diverse — including more youthful — workplace.

“I’m pretty passionate about trying to attract people to the industry and starting to foster a culture of innovation by looking at areas and experience that are outside the traditional insurance industry,” Thomas said.

The R&I Editorial Team may be reached at [email protected]

More from Risk & Insurance

More from Risk & Insurance

Cyber Liability

Fresh Worries for Boards of Directors

New cyber security regulations increase exposure for directors and officers at financial institutions.
By: | June 1, 2017 • 6 min read

Boards of directors could face a fresh wave of directors and officers (D&O) claims following the introduction of tough new cybersecurity rules for financial institutions by The New York State Department of Financial Services (DFS).

Advertisement




Prompted by recent high profile cyber attacks on JPMorgan Chase, Sony, Target, and others, the state regulations are the first of their kind and went into effect on March 1.

The new rules require banks, insurers and other financial institutions to establish an enterprise-wide cybersecurity program and adopt a written policy that must be reviewed by the board and approved by a senior officer annually.

The regulation also requires the more than 3,000 financial services firms operating in the state to appoint a chief information security officer to oversee the program, to report possible breaches within 72 hours, and to ensure that third-party vendors meet the new standards.

Companies will have until September 1 to comply with most of the new requirements, and beginning February 15, 2018, they will have to submit an annual certification of compliance.

The responsibility for cybersecurity will now fall squarely on the board and senior management actively overseeing the entity’s overall program. Some experts fear that the D&O insurance market is far from prepared to absorb this risk.

“The new rules could raise compliance risks for financial institutions and, in turn, premiums and loss potential for D&O insurance underwriters,” warned Fitch Ratings in a statement. “If management and directors of financial institutions that experience future cyber incidents are subsequently found to be noncompliant with the New York regulations, then they will be more exposed to litigation that would be covered under professional liability policies.”

D&O Challenge

Judy Selby, managing director in BDO Consulting’s technology advisory services practice, said that while many directors and officers rely on a CISO to deal with cybersecurity, under the new rules the buck stops with the board.

“The common refrain I hear from directors and officers is ‘we have a great IT guy or CIO,’ and while it’s important to have them in place, as the board, they are ultimately responsible for cybersecurity oversight,” she said.

William Kelly, senior vice president, underwriting, Argo Pro

William Kelly, senior vice president, underwriting at Argo Pro, said that unknown cyber threats, untested policy language and developing case laws would all make it more difficult for the D&O market to respond accurately to any such new claims.

“Insurers will need to account for the increased exposures presented by these new regulations and charge appropriately for such added exposure,” he said.

Going forward, said Larry Hamilton, partner at Mayer Brown, D&O underwriters also need to scrutinize a company’s compliance with the regulations.

“To the extent that this risk was not adequately taken into account in the first place in the underwriting of in-force D&O policies, there could be unanticipated additional exposure for the D&O insurers,” he said.

Michelle Lopilato, Hub International’s director of cyber and technology solutions, added that some carriers may offer more coverage, while others may pull back.

“How the markets react will evolve as we see how involved the department becomes in investigating and fining financial institutions for noncompliance and its result on the balance sheet and dividends,” she said.

Christopher Keegan, senior managing director at Beecher Carlson, said that by setting a benchmark, the new rules would make it easier for claimants to make a case that the company had been negligent.

“If stock prices drop, then this makes it easier for class action lawyers to make their cases in D&O situations,” he said. “As a result, D&O carriers may see an uptick in cases against their insureds and an easier path for plaintiffs to show that the company did not meet its duty of care.”

Advertisement




One area that regulators and plaintiffs might seize upon is the certification compliance requirement, according to Rob Yellen, executive vice president, D&O and fiduciary liability product leader, FINEX at Willis Towers Watson.

“A mere inaccuracy in a certification could result in criminal enforcement, in which case it would then become a boardroom issue,” he said.

A big grey area, however, said Shiraz Saeed, national practice leader for cyber risk at Starr Companies, is determining if a violation is a cyber or management liability issue in the first place.

“The complication arises when a company only has D&O coverage, but it doesn’t have a cyber policy and then they have to try and push all the claims down the D&O route, irrespective of their nature,” he said.

“Insurers, on their part, will need to account for the increased exposures presented by these new regulations and charge appropriately for such added exposure.” — William Kelly, senior vice president, underwriting, Argo Pro

Jim McCue, managing director at Aon’s financial services group, said many small and mid-size businesses may struggle to comply with the new rules in time.

“It’s going to be a steep learning curve and a lot of work in terms of preparedness and the implementation of a highly detailed cyber security program, risk assessment and response plan, all by September 2017,” he said.

The new regulation also has the potential to impact third parties including accounting, law, IT and even maintenance and repair firms who have access to a company’s information systems and personal data, said Keegan.

“That can include everyone from IT vendors to the people who maintain the building’s air conditioning,” he said.

New Models

Others have followed New York’s lead, with similar regulations being considered across federal, state and non-governmental regulators.

The National Association of Insurance Commissioners’ Cyber-security Taskforce has proposed an insurance data security model law that establishes exclusive standards for data security and investigation, and notification of a breach of data security for insurance providers.

Once enacted, each state would be free to adopt the new law, however, “our main concern is if regulators in different states start to adopt different standards from each other,” said Alex Hageli, director, personal lines policy at the Property Casualty Insurers Association of America.

“It would only serve to make compliance harder, increase the cost of burden on companies, and at the end of the day it doesn’t really help anybody.”

Advertisement




Richard Morris, partner at law firm Herrick, Feinstein LLP, said companies need to review their current cybersecurity program with their chief technology officer or IT provider.

“Companies should assess whether their current technology budget is adequate and consider what investments will be required in 2017 to keep up with regulatory and market expectations,” he said. “They should also review and assess the adequacy of insurance policies with respect to coverages, deductibles and other limitations.”

Adam Hamm, former NAIC chair and MD of Protiviti’s risk and compliance practice, added: “With New York’s new cyber regulation, this is a sea change from where we were a couple of years ago and it’s soon going to become the new norm for regulating cyber security.” &

Alex Wright is a U.K.-based business journalist, who previously was deputy business editor at The Royal Gazette in Bermuda. You can reach him at [email protected]