Cyber Risk

Academy Advises Brokers on Cyber Risk

The Travelers Cyber Academy offers free training for brokers that work with small and mid-sized clients, where risk is on the rise.
By: | October 7, 2016 • 4 min read

Travelers has launched a project to help agents and brokers to provide more thorough cyber advice for small and medium enterprises, where the risk of attack is on the rise.

Advertisement




The Travelers Cyber Academy offers free training for brokers and agents, while opening the possibility for buyers to participate as well, under invitation from their insurance partners.

The project is composed of eight webinars where both in-house experts and cyber security aces from outside the insurance industry strive to explain, in an accessible way, the pitfalls of the cyber world and how SMEs should deal with them.

“Customers are asking questions, and many agents have some degree of understanding and expertise, but they would like to have some more,” said Tim Francis, enterprise cyber lead at Travelers.

Tens of thousands of invitations were sent for the first lesson in September, and the response by the targeted public has been more enthusiastic than to previous educational initiatives, the company said.

Drawing from data by Symantec, Travelers points out that small companies account for 43 percent of all cyber attacks against business, and for 22 percent of attacks against mid-sized enterprises.

Cyber risks rank in the top five risks feared by American SMEs, according to a survey by Zurich Insurance Group.

Tim Francis, enterprise cyber lead, Travelers

Tim Francis, enterprise cyber lead, Travelers

Francis said that, although the understanding of cyber risks by large brokers and corporations has progressed considerably in recent years, expertise about the subject among smaller brokers and their clients remains a work in progress.

“As the cyber industry has grown, many of the agents that service clients with cyber coverages are sometimes a little behind in terms of understanding exposures and translating them to their customers,” he said.

Contacts with agents and customers alike revealed that the appetite for knowledge in this particular area is increasing. However, the educational material currently available often falls short of the needs of this particular public.

Francis mentions the example of ransomware, the subject of the second webinar offered by the Travelers Cyber Academy. It’s an emerging threat where hackers paralyze a business by locking its IT systems until a ransom is paid, but while the wealth of literature on the subject thrills the IT community, it more often than not sounds like Greek to everyone else.

“There is no shortage of whitepapers on the topic of ransomware. But they are either very technical or so high level that they do not deliver much information for customers,” Francis said.

“We feel that we can help to provide deeper understanding about such a topic, without the need for being a cyber security expert in order to understand what is talked about.”

The series of webinars runs from September to May, and Travelers expects to offer it again in subsequent years, first in the U.S. alone, but maybe in other countries as well in the future. If a participant misses a section, it can be watched later as the webinars will be kept available online for registered users.

Agents will also be able to introduce the training sessions to customers with particular interests in the area.

“All businesses are today in the line of fire.” — Vinny Troia, certified ethical hacker

The initiative was launched with a session on the so-called dark web, an obscure side of the internet where hackers and criminals enjoy high levels of anonymity to pursue their bad deeds. With succinct explanations and infographics, the session tackles complex materials such as the workings of TOR, the browser developed by the U.S. military that is used to keep dark web activities out of the reach of the authorities.

Vinny Troia, a certified ethical hacker, described ransomware in the video as “a business to ruin your business.”

He provides tips such as how to train employees to avoid spear phishing attacks.

“All businesses are today in the line of fire,” Troia said in the video.

In forthcoming webinars, other invited speakers will elaborate on subjects like the forensics of cyber risks, the legal cyber environment, data breaches and so on.

Advertisement




“We are also adding our own expert input, not only from our underwriting team, but also from a member of the teams that support and service claims and underwriting,” Francis said. Travelers’ cyber team includes professionals with different backgrounds such as law enforcement, FBI forensic investigations and cyber security.

He pointed out that a challenge for the project will be to keep up with developments in a field where the risk is evolving at a thunderous pace.

“We can modify the curriculum to accommodate events or issues that we have not anticipated,” Francis said.  “In the world of cyber security, things change so fast that a presentation made today could become obsolete very soon, or a new issue could be on top of everybody’s minds a month from now.”

Rodrigo Amaral is a freelance writer specializing in Latin American and European risk management and insurance markets. He can be reached at [email protected]

2018 Most Dangerous Emerging Risks

Emerging Multipliers

It’s not that these risks are new; it’s that they’re coming at you at a volume and rate you never imagined before.
By: | April 9, 2018 • 3 min read

Underwriters have plenty to worry about, but there is one word that perhaps rattles them more than any other word. That word is aggregation.

Advertisement




Aggregation, in the transferred or covered risk usage, represents the multiplying potential of a risk. For examples, we can look back to the asbestos claims that did so much damage to Lloyds’ of London names and syndicates in the mid-1990s.

More recently, underwriters expressed fears about the aggregation of risk from lawsuits by football players at various levels of the sport. Players, from Pee Wee on up to the NFL, claim to have suffered irreversible brain damage from hits to the head.

That risk scenario has yet to fully play out — it will be decades in doing so — but it is already producing claims in the billions.

This year’s edition of our national-award winning coverage of the Most Dangerous Emerging Risks focuses on risks that have always existed. The emergent — and more dangerous — piece to the puzzle is that these risks are now super-charged with risk multipliers.

Take reputational risk, for example. Businesses and individuals that were sharply managed have always protected their reputations fiercely. In days past, a lapse in ethics or morals could be extremely damaging to one’s reputation, but it might take days, weeks, even years of work by newspaper reporters, idle gossips or political enemies to dig it out and make it public.

Brand new technologies, brand new commercial covers. It all works well; until it doesn’t.

These days, the speed at which Internet connectedness and social media can spread information makes reputational risk an existential threat. Information that can stop a glittering career dead in its tracks can be shared by millions with a casual, thoughtless tap or swipe on their smartphones.

Aggregation of uninsured risk is another area of focus of our Most Dangerous Emerging Risks (MDER) coverage.

The beauty of the insurance model is that the business expands to cover personal and commercial risks as the world expands. The more cars on the planet, the more car insurance to sell.

The more people, the more life insurance. Brand new technologies, brand new commercial covers. It all works well; until it doesn’t.

As Risk & Insurance® associate editor Michelle Kerr and her sources point out, growing populations and rising property values, combined with an increase in high-severity catastrophes, threaten to push the insurance coverage gap to critical levels.

This aggregation of uninsured value got a recent proof in CAT-filled 2017. The global tally for natural disaster losses in 2017 was $330 billion; 60 percent of it was uninsured.

Advertisement




This uninsured gap threatens to place unsustainable pressure on public resources and hamstring society’s ability to respond to natural disasters, which show no sign of slowing down or tempering.

A related threat, the combination of a failing infrastructure and increasing storm severity, marks our third MDER. This MDER looks at the largely uninsurable risk of business interruption that results not from damage to your property or your suppliers’ property, but to publicly maintained infrastructure that provides ingress and egress to your property. It’s a danger coming into shape more and more frequently.

As always, our goal in writing about these threats is not to engage in fear mongering. It’s to initiate and expand a dialogue that can hopefully result in better planning and mitigation, saving the lives and limbs of businesses here and around the world.

2018 Most Dangerous Emerging Risks

Critical Coverage Gap

Growing populations and rising property values, combined with an increase in high-severity catastrophes, are pushing the insurance protection gap to a critical level.

Climate Change as a Business Interruption Multiplier

Crumbling roads and bridges isolate companies and trigger business interruption losses.

 

Reputation’s Existential Threat

Social media — the very tool used to connect people in an instant — can threaten a business’s reputation just as quickly.

 

AI as a Risk Multiplier

AI has potential, but it comes with risks. Mitigating these risks helps insurers and insureds alike, enabling advances in almost every field.

 

Dan Reynolds is editor-in-chief of Risk & Insurance. He can be reached at [email protected]