Cyber Risk Quantification
October 13, 2023
And that’s a wrap on our Cyber Insurance Summer Series! 🎬
In this must-watch conclusion, series co-host Tawana Johnson joins Jeff Edwards to distill the biggest lessons, surprising insights, and actionable advice from our expert guests.
If you’re a small to mid-size business owner trying to navigate the complexities of cyber insurance, this episode ties everything together. Tawana walks us through the entire lifecycle—from quantifying risk and applying for a policy to handling a claim and dealing with potential litigation. Find out the key themes that every single expert agreed on and the concrete steps you can take today to protect your business.
Key Takeaways from the Series
Throughout the series, our experts consistently highlighted several crucial themes:
🔑 Know Your Data: Understanding what data you have and where it’s stored is the foundation of your entire security and insurance strategy.
🤝 A Good Broker is Essential: An educated broker is your guide through the application, risk quantification, and claims process.
⏰ Timely Notification is Critical: Report incidents to your broker and insurance carrier immediately to ensure coverage.
⚖️ An Emerging Area of Law: There isn’t much case law for cyber claims, making settlements common and expert guidance vital.
🎯 “It’s Not If, But When”: Every organization, regardless of size, is a target.
Top 4 Action Items You Can Do Today
Want to improve your cybersecurity posture right now? Our guests recommend focusing on these four things:
Know Your Data: Identify and classify all the data you handle.
Enable Multi-Factor Authentication (MFA): Enforce it for every user on every application.
Maintain Good Backups: Ensure you are backing up frequently and that your backups are secure. This is your best defense against paying a ransom.
Have an Incident Response Plan: Create a plan and have a team in place before an incident occurs. Important: Keep a printed copy offline!
About The Safe House
The Safe House podcast is brought to you by The Safe House Initiative. We’re dedicated to providing insights and practical advice to help organizations become more secure and resilient.
Connect with us:
📧 Email: info@safehouseinitiative.org
💻 Website: https://safehouseinitiative.org
Thanks for joining us! Remember to be safe, be resilient, and be kind.
#CyberInsurance #SmallBusiness #Cybersecurity #RiskManagement #DataBreach #IncidentResponse
Federal cybersecurity responsibility has shifted to the states. What happens next?
In this episode of The SafeHouse Podcast, Jeff Edwards welcomes James Saunders, Chief Information Security Officer for the State of Maryland, for a deep conversation on state-level cybersecurity, resilience, and leadership.
James walks through his path from early technical support roles to federal cybersecurity leadership and now to protecting Maryland’s digital ecosystem. He explains Maryland’s IT Master Plan, the state’s five-pillar cybersecurity strategy, and how partnerships, talent, and resilience come together in practice.
This episode offers a behind-the-scenes look at how cybersecurity decisions are made at scale, how states collaborate with one another, and why taking care of people matters as much as taking care of systems.
Kirsten Bay, CEO and co-founder of Cysurance, explains why warranties are becoming a critical layer in cyber risk management. Bay explains how AI-driven cyber certification can help organizations predict where risk is most likely to surface, prevent disruption before it becomes a claim, and protect both insureds and carriers by creating clear, defensible signals of cyber maturity.
Ryan Ettridge, CEO of CyberCert, tackles a problem many organizations struggle with – cybersecurity frameworks that look good on paper but feel overwhelming or unusable in practice.
Ryan explains how AI-driven cyber certification can help organizations predict where risk is most likely to surface, prevent disruption before it becomes a claim, and protect both insureds and carriers by creating clear, defensible signals of cyber maturity.
Chart a clear path from path from compliance to real-world readiness with fundamentals covered in this episode.
Charlotte Hooper, Co-Founder and Head of Operations at The Cyber Helpline, shares how a deeply personal experience with cyberstalking led her from policing into building one of the most practical cyber victim support models in operation today.
Keith Gologorsky, Head of Public Sector at Hack the Box, shares his personal journey from computer science graduate to government analyst, recounting pivotal moments in military operations, threat analysis, and international collaboration. The discussion explores the limitations of traditional certifications, the importance of hands-on training, and the need for regularly updated, gamified learning experiences. Keith also addresses the cybersecurity skills gap, the evolving role of AI, and offers actionable advice for organizations of all sizes: prioritize cross-training and real-world practice to build resilient teams.
Sarah Flukes, CTO at Admeritia, explains cyber decision diagrams that capture how OT/ICS environments actually operate. This podcast covers origins in water utilities, why function modeling beats asset lists, cognitive effectiveness, and how these diagrams power risk assessments, incident response, and security-by-design.
