Cyber Risk Quantification
October 13, 2023
The Safe House Initiative podcast, hosted by Jeff Edwards and co-hosted by Tawana Johnson, delves into cyber insurance for small to mid-sized businesses. This series builds on previous discussions about incident response flaws, now focusing on the lifecycle of cyber insurance from risk assessment to claims and litigation.
Tawana Johnson, a former litigator and current cyber breach coach at Lewis Brisbois, shares her expertise in handling cyber incidents like ransomware attacks, emphasizing cyber insurance’s role in mitigating damage. A key point is the alarmingly low adoption rate (around 4%) of standalone cyber insurance policies among SMBs, attributed to a lack of understanding or perceived complexity.
Tawana explains her role as a breach coach: supporting clients in crisis, ensuring attorney-client privilege during investigations, and coordinating with insurance carriers, forensic teams, and vendors to navigate legal obligations and recovery.
The upcoming series will cover risk quantification, the role of brokers, underwriting, the claims process, class-action litigation, coverage disputes, and business interruption claims. Tawana highlights the evolving nature of cyber insurance, with carriers now using threat intelligence and penetration testing. She stresses the vital importance of standalone cyber insurance, as standard property and casualty policies often fall short in cyber coverage.
Overall, the episode introduces the complexities of cyber insurance, addressing long-term risks beyond immediate incident response. The goal is to raise awareness, boost adoption, and offer practical guidance for SMBs to better protect themselves from cyber threats.
Highlights:
🔹 Low Adoption: Only ~4% of SMBs have standalone cyber insurance.
🔹Breach Coach Expertise: Tawana Johnson offers unique insights from her legal and breach coaching background.
🔹Privilege & Coordination: Breach coaches are key to maintaining attorney-client privilege and managing incident response.
🔹Risk Quantification: Essential first step before purchasing insurance.
🔹Educated Brokers: Crucial for proper cyber insurance advice.
🔹Comprehensive Series: Covers claims, litigation, and disputes.
🔹Standalone Policies: Provide critical, specialized cyber protections.
Key Insights:
🔹Awareness Gap: Low adoption indicates a lack of understanding and accessibility of cyber insurance.
🔹Breach Coach Role: Provides crucial legal and emotional support, ensuring privileged communication.
🔹Evolving Market: Requires greater due diligence due to sophisticated underwriting (e.g., pen testing).
🔹Broker’s Pivotal Role: Knowledgeable brokers are essential for appropriate policy selection.
🔹Incident Response Coordination: Multi-stakeholder collaboration, often led by a breach coach, is vital.
🔹Litigation Risk: Increasing class action lawsuits and coverage disputes necessitate preparedness.
🔹Standalone Benefits: Offer unique services (breach coaches, negotiation support) beyond financial coverage.
This episode aims to empower businesses with knowledge and strategies for managing and mitigating cyber risks in the digital world.
#CyberInsurance #SMBsecurity #Ransomware #Cybersecurity #BusinessProtection
Tawana Johnson delves into cyber insurance for small to mid-sized businesses, focusing on the lifecycle of cyber insurance from risk assessment to claims and litigation.
Craig Bowman dives deep into the urgent need for a federal cyber enterprise that seamlessly integrates public and private sector efforts to fortify national cybersecurity.
Daron Hartvigsen, a former technical services agent and cyber program manager for the Air Force Office of Special Investigations (OSI) shares his incredible career journey, offering invaluable insights into the evolving world of cybercrime and defense.
Luke Tenery, Partner at StoneTurn and former cybersecurity leader at Kroll, unpacks the human and technical layers of building a federal threat pursuit model.
Jeff Crume and Jeff Edwards discuss how AI is disrupting Cybersecurity and what to expect in the future. Original air date Dec. 29, 2023.
In this thought-provoking episode, Alastair Patterson, CEO and co-founder of Harmonic Security, tackles big questions – Is AI is a friend or a foe? Are companies truly ready for the AI revolution? What is the risk of “shadow AI” in today’s organizations.
