24 April 2019

Cyber Risks vs. Insurance: Where do they intersect?

Risks themselves can be hard to understand and therefore hard to map to insurance exposure.

Some commercial insurance categories map intuitively to the vulnerabilities that could trigger them. Not having a sprinkler system increases the risk of catastrophic fire, and such a fire in a factory will clearly cause loss of property and interruption to business operations. It’s easy to draw the line from sprinklers to property and BI risk.

Other times, risks themselves can be hard to understand, and therefore hard to map to insurance exposure. Even if you know something about a company’s IT vulnerabilities, it can be hard to know exactly how, for an example, a poor software patching regimen impacts the threat of ransomware and therefore potential losses resulting from dealing with a ransom situation. What is software patching, anyway?

Risk Exposures: Explained

Making matters worse, many IT security exposure categories map to multiple possible insurance risks. To make sense of these complicated interactions, we put together a document that provides a basic overview of how common IT exposure categories map to insurance risks. See the first page our infographic here, and download the full PDF to see the second page with deeper explanations.

The Corvus Scan identifies eight primary categories of risk exposure: Software Patching, Web Encryption, Email Security, Web Applications, Threat Intelligence, Defensibility, System Hosting, and DNS Security.

Our infographic explains how all of these eight categories may potentially relate to an insurance policy. For instance, poor email security can lead to a bad actor gaining access to an organization’s sensitive information. Poor system hosting might allow a hacker to shut down an organization’s website, leading to an interruption of business. It’s all connected, and it all goes back to your risk exposure. Click to see more.

Click here to access the document and learn all about how the Corvus Scan can help you mitigate your risk exposure!

Mike Karbassi

Mike Karbassi is Vice President and Head of Cyber Underwriting at Corvus. He specializes in Network Security, Privacy Liability, Technology E&O, Media Liability, and Miscellaneous Professional Liability. Karbassi has over a decade of experience in insurance and is a graduate of the Boston University Questrom School of Business.

Gerritt Graham

Gerritt is the Chief Commercial Officer at Corvus. He has over 20 years of sales and marketing experience, primarily focused on technology and data solutions for the financial services industry.

James McElhiney

James co-founded Corvus and is the company’s Chief Technology Officer. A 30+ year technology veteran, Jaimie most recently served as CTO of Iora Health and previously co-founded Gazelle.

Mike Lloyd

Mike Lloyd is the Co-Founder and Chief Product Officer of Corvus Insurance. Previously, Mike co-founded Poncho, a personal lines agency InsurTech startup, and was a venture investor at FJ Labs. Mike has an MBA from Harvard Business School and engineering degrees from Virginia Military Institute and MIT.

Phil Edmundson

Phil is the founder and CEO of Corvus. A 30+ year insurance veteran, Phil co-founded broker William Gallagher Associates (acquired by Arthur J Gallagher in 2015) and was an active leader in both the Worldwide Broker Network and Council of Insurance Agents and Brokers. Phil is the Managing Partner of Edmus Ventures where he invests in InsurTech companies including Verifly, Wellthie, Agentero, and Cover Wallet, and serves on the board of Cover Wallet.

Play Video