Security Controls Cyber Insurers Are Looking for These DaysTwo Experts Discuss Cyber Insurance's Impact on Cybersecurity Posture of Companies
Most people would assume that ransomware tops the list of cyber insurance claims. Not so these days. Most claims are originating from third-party attacks, said Peter Hedberg, vice president of cyber underwriting at Corvus Insurance, and Christopher J. Seusing, partner and team lead of the cybersecurity and data privacy practice group at law firm Wood Smith Henning & Berman.
"Two or three years ago, if you had asked me that question, ransomware was just ravaging a lot of businesses in America. Right now, I am personally seeing a little less on ransomware and more on the third party," Hedberg said.
"For third-party claims, there is a shift in liability now," Seusing said. "We're seeing a client who's been attacked by a ransomware attack now try to shift that liability to their IT provider or to some other third-party vendor - somebody in the supply chain where they can try to push off those costs of the response."
In this video interview with Information Security Media Group at RSA Conference 2023, Hedberg and Seusing discuss:
- Why both privacy and cybersecurity should be top priorities for organizations;
- Coverage limitations and legal considerations for nation-state attacks;
- Cybersecurity controls that cyber insurance firms are looking for in exchange for coverage.
Hedberg specializes in cyber and tech E&O. Entrusted with leading a world-class underwriting organization, he leverages predictive data-driven insights to provide superior risk selection, accelerated decision-making and IT security recommendations.
Seusing is managing partner of WSHB's Boston and Connecticut offices. He also leads the firm's national cybersecurity and data privacy team. Seusing has more than 15 years of collective experience in the areas of cyber, professional and management liability.