Newsletters
Risk Central
Digital EditionRising Star Sulim Bartok Discusses Cyber Liability Dynamics in the Public Sector
Come see the Stars! As part of our ongoing coverage of the best brokers in the commercial insurance space, Risk & Insurance®, with the sponsorship of Philadelphia Insurance, is expanding its coverage of the Rising Stars, those brokers who represent the next wave of insurance brokering talent.
Look for these expanded profiles on the Risk & Insurance website and in your social media feeds now and continuing into 2023.
Here’s our conversation with Sulim Bartok, area vice president at Gallagher, and a 2022 Public Sector Power Broker Winner.
Risk & Insurance: How did you become a specialist in cyber liability for the public sector?
Sulim Bartok: Cyber liability has become one of the pre-eminent threats to my public entity clients.
As they have become high frequency and severity targets of cyberattacks over the years, I have become more adept at dealing with the problem, understanding the coverage and recommending solutions that can improve their risk profile.
I try to stay up to date with market trends, to see what’s going on in the industry and to deepen my industry knowledge by reading various articles about breaches that have occurred and how they could have been prevented.
I also work closely with my larger cyber carrier partners, touching base with them on a monthly basis to see if their risk appetite has changed and what controls they are looking for, and then [I] pass that information on to my clients.
R&I: What are the biggest cyber liability challenges currently facing the public sector?
SB: The public entity sector, like many others, is constantly strapped for money. There are budgetary constraints that most, if not all, public entities have to deal with, so it’s a matter of finding the dollars within their budget to invest in proper controls and IT infrastructure that will mitigate the risk of them being breached or attacked.
Until a few years ago, cyber had never been talked about, and now, all of a sudden, they have to invest large amounts of money into making sure they have a host of new controls in place, such as multi-factor authentication, an endpoint detection response tool, an incident response plan and encrypted back-ups.
All of these things that they didn’t need to think about before are now at the forefront of their minds, and they cost a lot of money to implement.
The other big problem is dealing with the human element of loss, so ensuring that employees are properly trained on what to look for and how to prevent a breach occurring in the first place, as well as what to do should one occur.
R&I: How do you innovate to secure your clients the best solution with respect to coverage, terms and limits, while ensuring there are no gaps?
SB: Right now, it’s a unique time in the cyber marketplace. We have had a hard market for the best part of three years now, but that has started to soften a bit over the past six or so months — which is good news for clients.
But it still means that it’s imperative to carry out a full marketing effort on an annual basis as carriers’ risk appetites are changing almost on a monthly basis.
By doing marketing due diligence, I can ensure my clients are consistently getting the best deal available with regard to both coverage and cost.
R&I: What have been some of the biggest cyber incidents your clients have been affected by and how did you help them through it?
SB: Thankfully, I haven’t had to deal with that many really big claims, but that’s not to say there haven’t been any.
One of my clients was breached by a social engineering scam where a contractor they had been working with for years purportedly sent them an invoice asking them to wire money for services performed to a bank account. At first glance, the email and invoice appeared to be genuine, so they went ahead and made the payment.
But it wasn’t until a couple of months later that they discovered the money had never reached the contractor’s account.
The cyber criminal who had posed as the contractor had been able to get hold of the contractor’s information and make it seem like the request had come from them. As a result, my client was out of pocket by almost six figures, but as soon as they found out what had happened, they contacted me, and I put their carrier on notice and reported the claim.
A breach response coach from the carrier then talked them through the process and gave them advice on what they needed to do to secure their system. I also managed to recoup some of the money from the bank, and the balance of the loss was paid by the carrier.
Over the next few months, I will work with my client to make sure they are able to tell their story to the marketplace and to reassure the carriers that the same type of incident won’t happen again because of the measures they have put in place.
R&I: As cyberattacks continue to increase in frequency and severity, what advice would you give insureds to both protect themselves and ensure they are presenting their risk in the best possible light?
SB: Clients need to invest in both themselves and their people.
If they have a reserve fund within their budget, they can pull money from that and invest it in their IT infrastructure and controls and training employees, whether that’s on phishing or social engineering scams to look out for in order to mitigate their exposure and likelihood of being breached.
Also, by having a robust incident response plan in place, their employees can follow a road map to know what steps they need to take.
If they don’t have one, carriers and brokers have the resources to help them develop one, and [if] they do have one, they can help them to review it and update it with recommendations. &
