27 June 2018

Smart Cyber Insurance™ and The Evolution of Cyber Risk

The self-contained enterprise is a thing of the past, as more companies rely on third party vendors for services related to data storage, web hosting, IT security management, logistics and more. While these providers have allowed companies to operate more efficiently, cyber exposures have increased as a result.

Massive retail data breaches, state-sponsored malware attacks, and the mishandling of sensitive information by the world’s largest companies have kept cyber risk in the headlines for the greater part of the last decade. Digitization has forced even smaller organizations to consider a wide variety of both internal and external threats to data security. The self-contained enterprise is a thing of the past, as more companies rely on third party vendors for services related to data storage, web hosting, IT security management, logistics and more. While these providers have allowed companies to operate more efficiently, cyber exposures have increased as a result. It’s no wonder cyber liability coverage has received much of the recent attention in the commercial insurance world.

Nearly 15 years ago, the earliest versions of stand-alone cyber policies would only cover third-party liability arising from the wrongful release of confidential information. Expenses related to first-party breach notification costs, digital forensics, data destruction, and contingent business interruption were not typically addressed. Not only was the coverage limited, but the underwriting process was arduous as insureds were forced to complete lengthy applications, supplemental questionnaires, and teleconferences to discuss the details of their IT security. Carriers offered few proactive risk management services, forcing insureds to incur additional expenses if they needed guidance on IT security best practices.

While insurers have made progress broadening the scope of cyber coverage, unfortunately many of the outdated methods of underwriting remain commonplace and carrier loss prevention advice is often inadequate.

At Corvus, we take a vastly different approach to underwriting and risk management. We believe in leveraging the best technology to assist our policyholders proactively address cyber risk. Rather than relying on prolonged applications with limited value, we use non-invasive web scans as part of the underwriting process and we provide our customers with meaningful insight into their IT security performance. At the time of quoting and throughout the policy period, we deliver a detailed analysis of the insured’s security operations with concise, risk-prioritized recommendations to resolve critical vulnerabilities. We red-flag IT supply chain issues and we offer meaningful business intelligence reports to insureds that are serious about confronting cyber risk head-on. Policyholders have access to a number of resources to help strengthen their IT security posture, including sample IT security policies, online privacy training, and a directory of pre and post breach experts. We call this process as Dynamic Loss Prevention™.

More precise underwriting means improved coverage and competitive premiums as well. Insureds with the strongest IT security controls are eligible for broad-form first and third party coverage, including extensions for blanket contingent business interruption triggered by cyber perils, system failure, reputational loss, social engineering, ransomware, and much more.

Our mission at Corvus is to arm commercial insurance brokers and our policyholders with the best available tools to tackle cyber risk from all angles. A modern and dynamic solution is required to address a constantly evolving risk landscape. This tech-enabled, holistic approach to risk management is what we call Smart Cyber Insurance™.

Mike Karbassi

Mike Karbassi is Vice President and Head of Cyber Underwriting at Corvus. He specializes in Network Security, Privacy Liability, Technology E&O, Media Liability, and Miscellaneous Professional Liability. Karbassi has over a decade of experience in insurance and is a graduate of the Boston University Questrom School of Business.

Gerritt Graham

Gerritt is the Chief Commercial Officer at Corvus. He has over 20 years of sales and marketing experience, primarily focused on technology and data solutions for the financial services industry.

James McElhiney

James co-founded Corvus and is the company’s Chief Technology Officer. A 30+ year technology veteran, Jaimie most recently served as CTO of Iora Health and previously co-founded Gazelle.

Mike Lloyd

Mike Lloyd is the Co-Founder and Chief Product Officer of Corvus Insurance. Previously, Mike co-founded Poncho, a personal lines agency InsurTech startup, and was a venture investor at FJ Labs. Mike has an MBA from Harvard Business School and engineering degrees from Virginia Military Institute and MIT.

Phil Edmundson

Phil is the founder and CEO of Corvus. A 30+ year insurance veteran, Phil co-founded broker William Gallagher Associates (acquired by Arthur J Gallagher in 2015) and was an active leader in both the Worldwide Broker Network and Council of Insurance Agents and Brokers. Phil is the Managing Partner of Edmus Ventures where he invests in InsurTech companies including Verifly, Wellthie, Agentero, and Cover Wallet, and serves on the board of Cover Wallet.

Play Video