Black Hat 2019: Cyber Insurance Joins the Security Conversation
Although cyber insurance is still a small market, rising threat scenarios -- and rising damages from data breaches -- are fueling interest in the topic at the upcoming Black Hat 2019.
July 22, 2019
Jake Kouns has been trying for years to get Black Hat organizers to pay attention to cyber insurance. As the CISO for Risk Based Security, he has proposed talks on the subject multiple times, only to be rejected. This year, the organizers had a change of heart. Not only was his talk accepted, but the topic of cyber insurance is the focus of a micro session (multiple talks) at the annual event, held this year on August 7th and 8th in Las Vegas.
“The uptick on policies continues, and people are finally more open to having this conversation,” said Kouns. “Now people are asking questions and wanting to know more about what is going on with cyber insurance.”
Cyber insurance, also known as cyber risk insurance, is still a small market. PWC estimates only about 30 percent of companies have cyber risk insurance or cyber liability insurance coverage. But the market appears poised for growth. In 2017, 170 U.S. insurers reported writing cyber insurance, up from 140 in 2016 and 119 in 2015, according to the U.S. Cyber Market Update report from Aon. And in a recent report, PWC noted cyber insurance has huge potential. The firm estimates that annual gross written premiums are set to grow from around $2.5 billion today to reach $7.5 billion by the end of the decade.
Before growth can really take off, Kouns believes it will be critical to clear up a vast amount of misunderstanding and misconception about the product among security professionals.