Insurance taskforce seeks federal backstop for catastrophic cyber loss

Insurance taskforce seeks federal backstop for catastrophic cyber loss | Insurance Business

Insurance taskforce seeks federal backstop for catastrophic cyber loss

The cyber insurance industry has grown exponentially in the past decade. As more and more businesses – of all sizes and in every sector – purchase cyber policies, the cyber insurance industry gains stronger and more actionable data insights.

One group trying to turn these insights into action is the Insurance Industry Cybercrime Task Force (IICTF), a specialized think tank sponsored by NetDiligence. The IICTF was formed in 2018 to help cyber insurers share their valuable underwriting and claims experience with law enforcement, legislators, and business leaders in order to boost national efforts to stop cybercrime.

Read next: The Ferrari of cybersecurity is no good without a driver

The mission of the IICTF is to collect, organize and report on cybercrime activity; publish a biannual briefing on cybercrime trends; present findings to a range of audiences including law enforcement, legislators and business leaders via conferences and industry meetings; and advocate for cybersecurity best practices – all from the vantage point of the cyber risk insurance industry.

“It all started at the NetDiligence Cyber Liability Conference in Santa Monica in October 2017,” said Jeremy Barnett (pictured below), senior vice president of marketing at NAS Insurance, and founding member of the IICTF. “During that conference, I raised the mantel of saying: ‘We can’t just sit here and talk about addressing cyber incidents. Our job as an industry is to help fight cybercrime, so what are we doing?

“Out of that, we formed a cybercrime taskforce with the aim of pooling our knowledge and experience and sharing it with law enforcement, legislators, and business leaders. We see cybercrime every day. We have people on the ground dealing with claims day-in and day-out, and we have lots of visibility into this stuff. We want to share what we’re seeing so that we can help influence policy.”

The IICTF will publish a bi-annual report on cybercrime trends observed within the insurance arena and will present its findings to a range of audiences via conferences and industry meetings. Its first report, The Cybercrime Explosion, was launched during the NetDiligence Cyber Risk Summit in Philadelphia in June.

Read more: Lloyd’s calls for insurance policies to be explicit over cyber coverage

The second step, after publishing these reports, is to influence national policy, explained Barnett. He told Insurance Business: “The cyber insurance community is full of people who are willing to collaborate and share – but that communication and collaboration doesn’t necessarily drive towards a common goal. The idea of the IICTF is to say: ‘Let’s continue to collaborate and to network, but let’s give it some direction. Let’s take this energy and channel it into something tangible.

“As a taskforce, we’re going to continue to have ad hoc committee meetings and discussions, and then eventually we want to appeal to Congress to develop something similar to a federal backstop for catastrophic cyber loss. None of us, as individual insurance carriers or as multiple insurance carriers, should have to bear the burden of a large catastrophic loss as a result of a cybercrime incident. As such, we want to appeal to Washington as a unified group and we want to help policymakers build some form of national infrastructure to protect against cybersecurity threats.”

Current members of the IICTF include: Jeremy Barnett, NAS Insurance; Tony Dolce, Chubb; Robert Jones, AIG; Brian Robb, CNA; Jennifer Coughlin and Ed Finn, Mullen Coughlin; Sean Hoar, Lewis Brisbois; Winston Krone and Shawn Melito, Kivu; Doug Howard, RSA; Phil Rosace, Guidewire; and Vinny Sakore and Heather Osborne, NetDiligence.