Cyber University and More: PLUS’s Virtual Education

Successful Turnout at PLUS 2020 Cyber University

Last week, over 100 PLUS members attended PLUS’s virtual Cyber University. While this event has been held in-person in previous years, this year’s Cyber University was part of PLUS’s 2020 plan to provide virtual education to broader audience. Attendance for Cyber U doubled this year, and the staff at PLUS is proud to provide quality education in virtual space, especially in light of current circumstances.

This is the third year of PLUS Cyber University and registrants attended six live sessions over three days.  “The program content is incredibly strong, so the focus was on how to take an in-person event and continue to make it meaningful as a virtual one,” said Megan Moore, Director of Education and Professional Development at PLUS. Topics included: legal foundations, evolution of cyber coverage, interplay among lines, underwriting, breach responses, 1st and 3rd party claims, risk management, and breach scenarios. Moore added, “As we transfer this program to virtual, we made sure to include opportunities for attendees to reflect on what they’ve learned and apply it to their own experience as well as connect with each other outside of the session.”

Continuing to Provide Remote Education

PLUS is continuing to expand its virtual education offerings for all members. In May alone there are three top-notch webinars on a variety of professional liability topics, from the Sciabacucchi court case decision, to resolving D&O disputes virtually, to social distancing and telehealth.  Additionally, on-demand presentations from the virtual Healthcare and Medical Professional Liability Symposium are available to view, as well as Online eLearning modules for the RPLU program available to purchase. You can work through module content at your own pace, and even complete the exam entirely online!

“Over the last few years, we have been ramping up our ability to provide online and virtual education,” said Robbie Thompson, CEO of PLUS. “While PLUS will always offer outstanding in-person networking and education events, we knew that focusing on other ways members can also get professional development was critical to PLUS continuing to serve the professional liability industry.” From webinars, to the RPLU online eLearning modules, to webinar, to in-person events moved to virtual like Cyber University, PLUS is working to make education accessible no matter the circumstances.

PLUS Membership for the Win

Membership is an important aspect of PLUS, and PLUS staff has been working tirelessly (and remotely!) to provide new ways to engage members virtually.  If you are a PLUS member, you can register for any or all of the May webinars for free! If you aren’t a member yet, become one now to register for webinars, gain access to an archive of PLUS virtual education, and more. Check out previous posts on this blog to listen to PLUS’s PL Perspectives on Coronavirus podcast, and stay tuned for even more distance education offerings in the future.

Cyber Perspectives on Coronavirus

The next installment of our PL Perspectives on Coronavirus tackles the world of cyber. Gail Arkin, James Giszczak, and Jason D. Krauss discuss possible effects of COVID-19 on cyber security and cyber insurance in this recording. Stay tuned to the PLUS Blog for more recordings on how coronavirus is impacting different PL lines.

Listen here to Cyber Perspectives on Coronavirus:

Gail ArkinGail Arkin, SVP, General Counsel at Berkley Cyber Risk Solutions

Gail Arkin is the General Counsel of Berkley Cyber Risk Solutions, located in  Morristown, NJ.  Her responsibilities include the development of cyber insurance products and managing all regulatory, compliance, distribution and corporate legal matters. Gail has over 20 years of insurance experience, including over 15 years developing cyber products, and previously held the positions of senior vice president & general counsel for a financial lines division, general counsel for a wholesale and retail division, and a claims officer for professional and management liability lines of insurance.

James-J-GiszczakJames Giszczak, Member at McDonald Hopkins

James is a member at the law McDonald Hopkins. He is chair of the litigation department and  co-chair of the data privacy and cybersecurity practice group. He advises clients regarding data security measures and responding to security breaches involving sensitive personal information and protected health information. He works with clients in a myriad of industries to assess and implement appropriate data security safeguards. Jim also litigates matters involving data security and data privacy, including defending single plaintiff and class action lawsuits.

Jason_Krauss_HiRez_IMG_8898Jason D. Krauss, Cyber/ E&O Thought & Product Leader, FINEX North America at Willis Towers Watson

Jason joined Willis Towers Watson in 2016 as a Cyber/E&O Thought and Product Leader.  Jason is a resource on the FINEX North America Cyber/Tech E&O brokerage team, providing dedicated analytical support to the brokers on specific national accounts coupled with thought leadership and developing improved capabilities for the entire team.

Prior to joining WTW, Jason was with Arch Insurance Group for 12 years, where he served as an Assistant Vice President in Enterprise Product Development within the Corporate Underwriting Department and worked closely with underwriters in drafting policies and endorsements. While at Arch, Jason focused on a number of products including Cyber, D&O, EPL and Professional Liability including lawyers, real estate professionals, accountants, captive agents, broker dealers, and architects and engineers.  Before joining Product Development at Arch, Jason managed a claims team in adjusting professional liability claims.

From Stephanie Lynch: Summary of New Cyber Insurance Study

In this post, Stephanie Lynch provides an excellent summary of the recent Guy Carpenter and CyberCube study “Looking Beyond the Clouds,” which looks at potential U.S. cyber insurance industry catastrophes and their financial fallout. You can download the study itself at here the Guy Carpenter website.

It is crucial that we, as the cyber insurance market, put in the work to understand the characteristics of catastrophic cyber events and the financial impact they could have on our industry. Guy Carpenter and CyberCube Analytics have collaborated on a study to quantify cyber risk, specifically looking at potential U.S. cyber industry catastrophic and systemic loss events.

The study is done on a synthetic cyber portfolio representing the U.S. standalone cyber market, informed by Guy Carpenter’s view of the market. GC started with a base portfolio of just over 6k policies with a combined premium of $285m, estimated to represent about 10% of the U.S. cyber market. It was tested and extrapolated out using a proportion of risk sizes seen in underlying exposure dataset, to create a total market view of $2.6b and about 55k policies. It’s important to note that this study does not contemplate endorsements, package policies or non-affirmative cyber within other lines of business, but exclusively looks at standalone cyber policies.

CyberCube had developed 23 catastrophic loss scenarios on their platform, ranging from attacks on critical infrastructure, to large scale cloud ransomware at a leading cloud service provider, to widespread theft from a major email service provider.  The unique characteristic about CyberCube is that they have access to data from both inside and outside the firewall, which builds a more unique and complete view of the risk, due to their exclusive access to information from Symantec, the world’s largest cybersecurity firm.

All modeled results are based on 10k simulations run on the synthetic portfolio through these 23 loss scenarios in the CyberCube platform. The analysis and results can be found in much more detail within the study itself, but a few key takeaways:

  • The costliest cyber catastrophe scenario modeled was widespread data loss due to zero-day vulnerabilities within a leading operating system, which caused a $23.8b insured loss to the market. The likelihood of this event is also the lowest (beyond the 1:300 year return period), but it is similar to what occurred with the NotPetya attack that was mostly uninsured.
  • The most likely loss scenario was widespread data theft from a major email service provider.
  • The second most likely was large-scale ransomware at a leading cloud services provider.
  • Companies with revenues greater than $1b, regardless of industry, represent about 75% of the insured loss.
  • Financial firms were most impacted by these systemic events, accounting for ~20% of the insured loss. This isn’t all too surprising due to the larger insurance takeup rate in the cyber market by these firms.
  • While the loss drivers of each of these scenarios are different, it is important to note that Business Interruption costs, caused often by supply chain delays, are a big part of these catastrophic loss costs. The BI component of cyber insurance has evolved rapidly over the last few years, and we have seen waiting periods and sublimits erode considerable over this time as well.

Rebecca Bole of CyberCube Analytics says, “Insurers and the organizations they insure need to be aware of these major scenarios, and understand the response plans necessary and the potential financial losses in each of these scenarios. The industry must invest in effectively assessing and managing aggregations, educating the business community to drive product adoption and quantifying cyber risk to promote the purchase of adequate insurance limits.”

Hopefully this study has got the conversation started within the businesses with these exposures, insurance carriers covering them, and reinsurers backing them. Since there hasn’t quite been a U.S. insured catastrophic, systemic cyber loss yet, it is a challenge for (re)insurers to estimate the size and scope of what such a loss would look like on their balance sheets. It is encouraged to read through the article and the details of the top 5 catastrophic loss drivers. It is important for us all to analyze our portfolios with these catastrophic scenarios in mind, and this study is a great place to start.

SLynch_HeadshotStephanie Lynch is a treaty reinsurance underwriter and account executive with 5+ years of full time industry experience. She is responsible for developing, growing, and managing treaty reinsurance broker and client relationships and underwriting proportional and non-proportional professional liability programs.

Her treaty reinsurance background began on the actuarial side of the business, working on the reserving team at Arch Reinsurance. After a few years, she made the transition to underwriting, working with the professional liability treaty reinsurance group. Stephanie joined the professional liability underwriting team at Safety National Re in September of 2017 working on both medical and non-medical professional liability.

Stephanie is a graduate of The College of New Jersey with a Bachelor’s degree in Mathematics and a minor in actuarial science. She has achieved the CPCU, RPLU, CYB, ARe, AINS designations and is a licensed NJ producer in property, casualty and surplus lines.