Carrier Management
Run Time: 31:28

EP. 28: Looking in the Rearview Mirror: Cyber Lessons Learned from 2021

1 Star2 Stars (+2 rating, 1 votes)


Embed Video

Use the below code to add this video to your website.

The year is coming to an end and cyber insurers as well as their clients may be reflecting on lessons learned from this year’s biggest threats. However, Kurt Suhs, founder and CEO of cyber risk company Cyber Special Ops, says moving forward in the current threat landscape is an ongoing challenge.

“The thing about cyber is we want to get organizations on the road, but you will never get to your destination because the technology, the litigation, the threat landscape is changing so quickly that by the time you were actually even to model a threat landscape, you're already going to be examining and looking at things from the rearview mirror,” he says. “So that's the challenge, and that's where I think organizations just need to get on that road, on that path, and move forward.”

Ransomware attacks have continued growing in scale and complexity this year as they affected businesses, hospitals, schools, local governments, critical infrastructure and even insurance companies' own operations, and experts on this podcast episode say this cyber threat landscape will likely continue in the new year.

“I think certainly the lesson learned is that cyber attacks and the ransom malware that's hitting so many organizations will look at your organization regardless of how large you are, what type of business you're in and where you are geographically,” Suhs says. “So it just continues to get worse every day, and I think it will continue to do so in both frequency and severity.”

As cyber incidents become more and more unavoidable for many organizations, Vishaal Hariprasad, who goes by V8 and is the CEO of Resilience Cyber Insurance Solutions, warns that organizations need to begin planning for incidents early.
“Get more proactive,” he says.

Suhs agrees.

“People like to say it's not if, but when,” he says. “I like to say it's not if, it's not when, but it's how large.”

This means that insurers have an important job of educating clients and helping them to reduce their vulnerabilities to avoid getting exploited, Hariprasad says.

“Our companies, our clients, don't have the specialty and time and resources to become cyber experts themselves,” he says. “The insurance world, I believe in all realms, including cyber, does a great job of clarifying what are the key items of risk that they need to address in providing the loss control and risk engineering guidance so that it's actionable, and then providing the appropriate financial incentives, in the form of risk transfer, to incentivize the clients to adopt it.”

The key takeaway for cyber insurers and clients alike in 2022, although not necessarily hopeful, is an important one, Hariprasad adds.

“The key takeaway is the vulnerabilities will always be exploited,” he says. “It's a continuous effort, not just a one-off where you block it and you're done. Cyber's going to always be a continuous cat and mouse game.”

Check out the rest of this episode to find out what else V8 and Kurt had to say, and be sure to check back for The Insuring Cyber Podcast’s first episode of 2022, publishing on Wednesday, January 19th. Thanks for listening.

Other videos you might like: