Association of Bermuda Insurers and Reinsurers
John Huff, CEO of the Association of Bermuda Insurers and Reinsurers, explains that Bermuda is leading the defence against cyber risk and why the International Cyber Risk Management Conference is an important asset in that fight
Cyber risk is quickly evolving into one of the most dangerous challenges that businesses face, as global connectivity grows and the attack surface widens.
The ‘cybercrime epidemic’ is, according to the Cybersecurity Ventures 2017 Crime Report, the greatest threat to every company globally and could cost the world $6 trillion annually by 2021. The insurance market is evolving to help companies protect against the threat and Aon Insight suggests that cyber insurance premiums will experience the most rapid growth of any insurance product premiums by 2021.
As a world leader in insurance, Bermuda and it’s global insurance market is not shying away from that challenge and between the 6 and 7 of December this year, the island will bring together some of the industry leaders on cyber risk for the International Cyber Risk Management Conference (ICRMC).
Captive Insurance Times spoke to John Huff, CEO of the Association of Bermuda Insurers and Reinsurers and a speaker at the conference, about cyber risk and the conference itself.
Have you seen a growth in the relevance of cyber risk since you took your current role at the association?
Absolutely. I just started as CEO of the Association of Bermuda Insurers and Reinsurers in January of this year. I previously served as a state insurance regulator in Missouri, and was president of the US National Association of Insurance Commissioners. Cyber risk is fast becoming one of the most complex and challenging situations for individuals and businesses worldwide and Bermuda’s global insurance market is leading the way.
What current and emerging cyber risk trends have you identified in 2018?
Enterprises of all sizes are assessing their appetite for retaining cyber risk. It’s not just the large organisations. Likewise, insurers and reinsurers are assessing where they want to be in taking on cyber risk, including taking stock of any ‘silent’ cyber exposures and stress testing these scenarios.
Insurers are really stepping up to add value when policyholders are facing network security and data privacy events. Building and immediately deploying a network of reliable partners to respond quickly and efficiently to events can be crucial to containing losses and preserving reputations.
New privacy protection laws are adding additional complexities and require sophisticated coverages.
How are cyber-insurance services and offerings addressing them?
Managing cyber risk is not just about risk transfer. The insurance underwriting process alone contributes to raising awareness of cyber risks. Insurers are scrutinising risks and the underwriters are rewarding increased levels of cyber security.
New coverages are being developed for regulatory actions and to fill gaps identified in traditional property and liability coverages.
How much of a role do you think captives can play in helping cover cyber risk?
Insurance coverage for cyber risk is evolving and risk professionals are exploring all kinds of structures. Captives may be a tool to fill any coverage gaps or viewed as supplemental to commercial coverage.
For example, businesses may decide their appetite for risk allows them to take a primary layer of coverage through a captive and get peace of mind with excess layers in the commercial market.
What opportunities does the conference offer for captive/risk professionals?
The ICRMC is an essential forum for risk professionals with an agenda that focuses on risk transfer approaches to cyber risk management. Bermuda’s global insurance market includes some of the leading cyber insurance carriers and professionals.
What are you most looking forward to about the conference?
Besides being in Bermuda in December and the wicked art collection at the Hamilton Princess? Seriously, there are some cutting-edge industry leaders coming together for this conference and it promises to be a great exchange of ideas on managing cyber risk.