Jasmeet Ahuja and Peter Marta, both Partners at Hogan Lovells, along with Brian Lewis, Senior Broker, Cyber Practice Leader at Lockton Re and Robert Redpath, Senior VP, Regulatory & Technical Director at Enstar US, discussed the growing threat and elevated scale of cyber attacks at the July 2024 Membership Meeting. The session focused on the current landscape and trends in cyber insurance and reinsurance.
The discussion began with an overview of the biggest risks of cyber incidents to legacy insurers: ransomware and data breaches. On the topic of ransomware, the Panel addressed the impact of system shutdowns and the factors to consider in deciding whether to pay. On the topic of data breach, the Panel addressed the loss of personally identifiable information, known as PII, and notification requirements at the state, federal and international levels. The Panel provided an overview of U.S. regulations, which generally require notice to data subjects if PII is lost. However, the speakers noted that regulations vary in the type and timing of notice. The Panel explained that PII is generally defined as:
- Social security numbers
- Driver’s license numbers
- Financial information
- Medical information (in certain states)
- Date of birth (in limited states)
The Moderator asked Panelists to provide insight on how the legacy market has reacted to cyber risks and attacks. The Panel agreed that cyber risks represent a relatively new market and increasing concern. The speakers noted that legacy data is often unstructured, making it difficult to identify what has been compromised.
Finally, the Moderator asked whether there is value in a cyber insurance product. The Panelists answered in the affirmative but cautioned that it is incumbent on buyers to do their research, likely with the assistance of an intermediary, to understand the source and nature of the risks.
A video replay of this presentation can be accessed in the AIRROC On Demand Library at https://airroc.memberclicks.net/airroc-on-demand.