Time
48 minutes
Difficulty
Advanced
CEU/CPE
1

Video Description

This lesson covers the underwriting process and the considerations surrounding it. When underwriting, take into the following factors into account: 1. Determine the hazard grade 2. Review controls in place 3. Consider discretionary factors 4. Evaluate individual risk exposure 5. Understand he limits needed to address the exposures

Video Transcription

00:04
Okay, So now we're getting ready to wrap up this session. Our last topic will be focusing on cyber security insurance underwriting. So how exactly does an insurance underwriter assess your risk in a sign of premium?
00:18
Well,
00:19
first, they need to determine that hazard grade. An example of this might be what type of information are you processing?
00:26
And are you
00:28
in a business vertical that historically
00:31
has higher averages of a breach such as recently with health care or baking your finance review The controls that are in place.
00:39
Do you have a firewall? You have I D. S. Do you have policies and procedures? Things like that consider discretionary factors. An example of this would be, let's say, compensating controls evaluate the company's individual risk exposure
00:54
and then a sign of dollar value
00:57
that allows them to understand what the limits are needed to address those very same
01:02
exposures.
01:03
Remember service Lights ago,
01:04
we were exploring a cost benefit analysis for potentially outsourcing a variety of internal job requirements to a mansion security service provider and one of things that we were looking at our other factors to consider such a CZ. The costs of instant response
01:22
legal defense breach notification and credit monitoring.
01:26
And I had asked the question
01:26
And do you have cyber insurance? And if you don't, how do you plan paying for that? It's important for you to understand
01:34
that statistically,
01:36
the largest percentage of your policy
01:40
is utilized for incident response and disaster recovery to the tune of over 80%. So if you have a $1,000,000 policy
01:49
and you think that you're covered, taking a consideration that about $800,000
01:55
will be burned
01:57
for the cost of instant response and disaster recovery,
02:00
which is great because that's money out of the insurance company's pocket and not yours. So that is a definite plus.
02:07
However, that only leaves you about $200,000 left to deal with breach notifications or potentially credit monitoring,
02:16
and doesn't even begin to scratch the surface on what your potential costs for legal defense might be.
02:23
Through the course of this session, we have covered a lot of ground.
02:27
My sincerest hope is that our time together has exposed you to some new concepts that will help you with your professional growth and development. As a separate professional

Corporate Cybersecurity Management

Cyber risk, legal considerations and insurance are often overlooked by businesses and this sets them up for major financial devastation should an incident occur.

Instructed By

Instructor Profile Image
Carter Schoenberg
Executive VP of IPKeys Power Partners
Instructor