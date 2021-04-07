InSecurity Podcast: Stanton Gatewood and Jeffrey Smith Discuss Whether Cyber Insurance is Really a Thing





This episode is about cybersecurity insurance. We'll discuss what it means to have it, what it means to need it, and whether it is even a real thing. Don't worry, we're not going to spend the episode selling insurance to you. But we feel it's important to do a show about it, because the truth is even people with decades of experience in either cybersecurity or insurance were quite resistant - until quite recently - to the idea of combining the two. That's the case, with our guests today, who were skeptical about cybersecurity insurance but are now full supporters. If you want to learn more about how cyber insurance can be to your benefit, you'll want to give the episode a listen. Stanton Gatewood is an experienced and successful cybersecurity professional and information technology leader, with more than 35 years of experience in Federal, State, and local government, higher education, and the public sector. Jeffrey Smith founded Cyber Risk Underwriters to simplify the access to cyber insurance and cyber warranty products via a network of insurance agents, cyber security vendors and infosec investors. This episode starts with a frank discussion on how the Covid-19 pandemic continues to reconfigure an industry that was already highly dynamic. We'll explore this transformation in reference to some key statistics:

68% of business leaders feel their cybersecurity risks are growing YOY

Only 5% of internal company folders are properly protected

78% of companies are now investing in AI-based security programs to help protect their data

71% of breaches were financially motivated, and 25% were motivated by espionage

The global cybersecurity insurance market size was $3.89 billion in 2017, but is also expected to grow to $23.07 billion by 2025

In response to this expanded threat landscape, Gatewood and Smith argue that effective cybersecurity now relies on insurance coverage. They explain the difficulties that face the insurance industry when trying to come up with a business model that would cover hacking and data breaches and describe the development of the industry. They then take us through a list of key questions that organizations should ask themselves when considering cyber insurance, including:

Before applying for cyber insurance, what kind of preparation can produce the outcomes you need?

What are underwriters looking for when they evaluate and calculate cyber insurance premiums?

What changes and technologies can an organization implement to lower those costs? Our guests point out that, just like personal life insurance, the preparations and choices you make before and during the underwriting process will lead to vastly different outcomes in the cost of your premiums. This week's episode will be invaluable for cybersecurity engineers intrigued by the idea of cyber insurance, as well as risk managers who want to learn the best cybersecurity practices to follow. As on every InSecurity podcast, our goal is to connect otherwise distant experts, and to see what we can each gain from an open discussion.



Stanton Gatewood is an experienced and successful cybersecurity professional and information technology leader, with more than 35 years of experience in Federal, State, and local government, higher education, and the public sector. Jeffrey Smith founded Cyber Risk Underwriters to simplify the access to cyber insurance and cyber warranty products via a network of insurance agents, cyber security vendors and infosec investors.

