Risk Insider: Ryan McGuinness

Analyzing Gaps in Cyber Risk Coverage

By: | December 8, 2016 • 2 min read
Ryan J, McGuinness, M.Ed., ARM, is the Manager of Risk and Insurance for the Hershey Company. Ryan can be reached at [email protected]

The basic tenet of the risk management profession is reducing, eliminating or transferring risks that could impact an organization’s bottom line, brand and reputation. A part of that process involves identifying gaps in coverage in your organization’s portfolio of insurance.

Gap analysis of traditional lines is somewhat tangible. We are accustomed, dependent upon our industry sector, to being the experts in identifying and managing those risks. Routinely, risk managers employ some form of coverage analysis with the help of their broker(s) as a tool to plug the gap.

The challenge we face is achieving a state of continuous improvement and being prepared with contingencies as risks change and emerge. Ultimately, the risk management portfolio should not only be scalable, but have the flexibility to respond in the world of changing risks.

In today’s world, a major cyber event can take the form of a tangible loss as well as a financial loss.

Today, we see the cyber liability space maturing from an insurable risk standpoint. Underwriters and brokers are offering new, innovative products and have a professional skill-set that ensures underwriting integrity and improved risk control. Likewise, many companies have risen to the challenge to protect their assets and mitigate the cyber exposure in depth and breadth.


From the risk management point of view, business continuity coverage and potential third-party liability coverage gets murky in certain cyber losses. There are endless contingencies, particularly in a dreaded Black Swan scenario.

The importance of table-top exercises attended by the C-suite, CISO, information security, operations, HR, public relations, risk management and external counsel is paramount. You don’t want to find out your crisis management plan doesn’t work during a crisis.

Equally important is determining the interplay of coverage in your cyber, property and umbrella/excess programs. Leverage your broker resources to perform a gap analysis on the interplay between your property, cyber and umbrella programs. The goal is to understand how coverage applies and identifies potential gaps in the event of a cyber loss.

In today’s world, a major cyber event can take the form of a tangible loss as well as a financial loss. It’s possible that a cyber event can result in not only loss of data but also first- and third-party property damage and bodily injuries.

Taken further, a property loss involving business interruption can complicate how your program will respond as you work through getting your operations back up and running. A side-by-side exercise using multiple breach scenarios will help the risk manager understand how the policies work and importantly identify gaps and overlap in coverage.

Some key areas of interplay of coverage are physical damage to tangible assets and data restoration costs, business interruption and contingent business interruption.

You should understand how the waiting period applies between programs, how business interruption is calculated and what costs are covered to restore or recreate lost data among other things. Playing out these scenarios help to reduce the uncertainty of how policies respond, and how the loss impacts your bottom line before the crisis strikes.

Be prepared, understand the interplay between programs and work with your broker partners to fill the gaps in coverage.

More from Risk & Insurance

More from Risk & Insurance

Risk Management

The Profession

After 20 years in the business, Navy Pier’s Director of Risk Management values her relationships in the industry more than ever.
By: | June 1, 2017 • 4 min read

R&I: What was your first job?

Working at Dominick’s Finer Foods bagging groceries. Shortly after I was hired, I was promoted to [cashier] and then to a management position. It taught me great responsibility and it helped me develop the leadership skills I still carry today.

R&I: How did you come to work in risk management?

While working for Hyatt Regency McCormick Place Hotel, one of my responsibilities was to oversee the administration of claims. This led to a business relationship with the director of risk management of the organization who actually owned the property. Ultimately, a position became available in her department and the rest is history.

R&I: What is the risk management community doing right?


The risk management community is doing a phenomenal job in professional development and creating great opportunities for risk managers to network. The development of relationships in this industry is vitally important and by providing opportunities for risk managers to come together and speak about their experiences and challenges is what enables many of us to be able to do our jobs even more effectively.

R&I: What could the risk management community be doing a better job of?

Attracting, educating and retaining young talent. There is this preconceived notion that the insurance industry and risk management are boring and there could be nothing further from the truth.

R&I: What’s been the biggest change in the risk management and insurance industry since you’ve been in it?

In my 20 years in the industry, the biggest change in risk management and the insurance industry are the various types of risk we look to insure against. Many risks that exist today were not even on our radar 20 years ago.

Gina Kirchner, director of risk management, Navy Pier Inc.

R&I: What insurance carrier do you have the highest opinion of?

FM Global. They have been our property carrier for a great number of years and in my opinion are the best in the business.

R&I: Are you optimistic about the US economy or pessimistic and why?

I am optimistic that policies will be put in place with the new administration that will be good for the economy and business.

R&I: What emerging commercial risk most concerns you?


The commercial risks that are of most concern to me are cyber risks, business interruption, and any form of a health epidemic on a global scale. We are dealing with new exposures and new risks that we are truly not ready for.

R&I: Who is your mentor and why?

My mother has played a significant role in shaping my ideals and values. She truly instilled a very strong work ethic in me. However, there are many men and women in business who have mentored me and have had a significant impact on me and my career as well.

R&I: What have you accomplished that you are proudest of?

I am most proud of making the decision a couple of years ago to return to school and obtain my [MBA]. It took a lot of prayer, dedication and determination to accomplish this while still working a full time job, being involved in my church, studying abroad and maintaining a household.

R&I: What is your favorite book or movie?

“Heaven Is For Real” by Todd Burpo and Lynn Vincent. I loved the book and the movie.

R&I: What’s the best restaurant you’ve ever eaten at?


A French restaurant in Paris, France named Les Noces de Jeannette Restaurant à Paris. It was the most amazing food and brings back such great memories.

R&I: What is the most unusual/interesting place you have ever visited?

Israel. My husband and I just returned a few days ago and spent time in Jerusalem, Nazareth, Jericho and Jordan. It was an absolutely amazing experience. We did everything from riding camels to taking boat rides on the Sea of Galilee to attending concerts sitting on the Temple steps. The trip was absolutely life changing.

R&I: What is the riskiest activity you ever engaged in?

Many, many years ago … I went parasailing in the Caribbean. I had a great experience and didn’t think about the risk at the time because I was young, single and free. Looking back, I don’t know that I would make the same decision today.

R&I: What about this work do you find the most fulfilling or rewarding?

I would have to say the relationships and partnerships I have developed with insurance carriers, brokers and other professionals in the industry. To have wonderful working relationships with such a vast array of talented individuals who are so knowledgeable and to have some of those relationships develop into true friendships is very rewarding.

R&I: What do your friends and family think you do?

My friends and family have a general idea that my position involves claims and insurance. However, I don’t think they fully understand the magnitude of my responsibilities and the direct impact it has on my organization, which experiences more than 9 million visitors a year.

Katie Siegel is a staff writer at Risk & Insurance®. She can be reached at [email protected]