The first cyber insurance policies covered violations of privacy, such as theft of personal identifiable information. Then, policies expanded to include sensitive corporate information. They are designed with information technology, not operational technology, in mind, and they don’t cover property damage or physical injury.
“Insurance is a tool,” said Libby Benet, the global chief underwriting officer for AXA XL – a division of AXA. “When you buy an insurance policy, you are buying a network of professional crisis managers” who can be your “bench strength” to get your company back up and running after a ransomware attack.
In this episode of CyberEd.io‘s podcast series “Cybersecurity Insights,” Benet discussed:
- The reasons for the rise in ransomware attacks from 2019 through 2021 and the decline in the number of breaches in the last 12 to 18 months;
- Why CISOs should to be educated about cyber insurance;
- The need for the government to require firms to provide insurers with auditable records of their internal security processes.
Benet is a licensed attorney and an insurance industry expert who specializes in emerging issues such as cybersecurity. She has over 25 years of experience in the cyber insurance space.