Cyber Security and Insurance


Briefing Notes

Talis Capital had it's first Cyber Security and Insurance Event hosted at Bloomberg and we wanted to share a few key take away from the speakers we had.

An opening speech from Adrian Leppard, the City of London Police Commissioner, set the scene well by outlining the need for corporate and government to take greater responsibility in defending the advancing cyber threats that the majority of the time come from within organisations.

The scary bit was that Cyber fraud and online crime is growing exponentially. 70% of all fraud in the UK is Cyber-enabled, half of which police believes originates from overseas. The figures are significant with some five million frauds and two and half million Cybercrimes being recorded against only seven million of all other crimes. For the first time this shows that Cyber-related offences are the common form of criminality in the UK. The challenge they face as the police is that only 300,000 are actually being formally reported.

“If you ask a room full of people who has been a victim of some sort of fraud or financial crime, half of them will put their hand up. You would have difficulty finding any other area of crime with similar statistics,” he explained.

“But we estimate that as much as 80 per cent of this sort of crime is not reported, so while we know there is a big problem, we can’t put a scale on it and that is one of our biggest challenges,” he added

Mr Leppard said cybercrime appealed to organised criminals because it was a “low-risk, high yield” offence.

Mr Leppard believes that the Insurance and Technology sectors are essential 2 cyber improvements and commented: "the problem of cyber is clearly getting worse and the government need to do a lot more. America is not that much better".

After the opening we had our first panel on the stage: presented their products and

  • PANASEER - CEO/Founder - Nik Whitfield: discussed that they have a GREAT product called DATALAKE. Created a platform that helps CISOs to answer the question asked by the board "How Secure Are We?"
  • DARKTRACE - Director of Technology - Dave Palmer : highlighted how important their AI and SELF LEARNING can improve devices cyber devices. Darktrace has created a new niche in Cyber called -  Enterprise Immune System that is getting a great moment and company is already selling it in 19 countries where it opening offices in the last 12 months.
  • CENSORNET- CEO - Ed Macnair: believes that Cloud Application Control Security is redefining the Secure Web Gateway as by 2016, 25% of enterprises will have secure access to cloud-based services using a CASB platform, up from 1% in 2012 and CensorNet is well positioned to play a big part in that process.
  • STATUS TODAY - CEO/Founder Ankur Modi: believes that early stage investing in heavy data, deep learning cyber security start ups is still very low. Status Today explains that Human Centric Technology is the future of Cyber Security.
  • DIGITAL SHADOWS - VP Operations - James Merrick: use the Digital Shadows Searchlight portal to help solve corporations problems on security. The UK market is catching up with US

Some key facts from Panel 1 below:

Panel 2  -  was focusing on Customer and Forensics Perspective.

 

The panellists were:

  • Dave Daly - Head of Consultancy @  Dionach
  • Oliver Church - Head of Cyber Threat Intelligence @ Control Risks
  • Ollie Whitehouse - Associate Director @  NCC NCC Group

Key take away points:

  • Information security budgets went up by 24% in 2015
  • Attacks are on the rise - 38% increase in detected information security incidents and with increasing digitisation of business this will only increase. Also consider potential nation-state use of capital to fund cyber-attacks
  • About 16 million mobile devices are estimated to be infected by malware. There is an increasing focus of attacks too with an increase of infections of 25% in 2014.

Panel 3 - was focusing on Cyber Insurance: UK vs US

The panellists were:

  • Christian Stanley - Casualty Executive  @  Lloyds of London
  • Mark Camillo - Head of Professional Indemnity & Cyber @ AIG
  • Shannan Fort - Assistant VP & Cyber Expert @ AON
  • Matthew Webb - Head of technology @ HISCOX
     

Topics discussed at this panel were:

  • How transferable is the US model into the UK? And does the UK have the correct infrastructure and measurements in place for this?
  • How important is the role of Regulation and Government in driving the Cyber Insurance market – UK and US?
  • Where will the policy innovation come from?
  • How do you price cyber insurance cover?
  • What are the main challenges for the cyber insurance market?
  • How do you assess and quantify the losses to businesses?

Great discussion about Cyber insurance market in UK.

Christian Stanley started the panel with a great overview of the market and trends and gave Lloyds view on the market.

2015 Global gross premiums widely estimated to be appr. $2.5bn with predictions to grow to $7.5bn by 2020

Cyber Insurance is getting a strong momentum in US due to more litigious nature as well due to stricter regulation and we see that 78% of mid and large corporate have cyber cover versus 2% in UK.

Panel 4 - Cyber Market - what next?

A panel discussions on where the Cyber Security market, both within the UK and globally, is heading and the opportunities and strategies that could be used going forward.

This panel was a mix of venture capitalists, cyber security specialists and ethical hackers.  

Topics discussed:

  • Is developing more products helping or complicating thing? Do we go back to basics?
  • What is the next growth area within cyber?
  • How do we identify the key assets to protect? How to protect them? And how can we value these assets?
  • What will the role of automation of cyber products play – now and in the future?
  • Is there a consolidation play to happen between cyber security products, forensics, analysis and otherwise?
  • Nature vs nurture – where is the best cyber security coming from and how is it being developed?
  • How do we address the distinct shortage of cyber professionals, and what could be the total impact if the demand continue to out-strip supply?

Take away points from this panel:

  • Focus on cloud computing – 69% use cloud based cybersecurity and 59% use big data analysis. Strong synergy exists as the cloud allows huge amounts of data to be processed whilst data analysis can monitor data, predict problems, etc. E.g. employees are the main source of compromise at 34%.
  • Increasing technological modernisation by businesses – 54% of firms surveyed have a CISO, 48% use active monitoring and 58% have an overall information security strategy.
  • Market research firm Gartner says global spending on IT security is set to increase 8.2 percent in 2015 to $77 billion, and the world will spend $101 billion on information security in 2018.
  • According to IDC, the hot areas for growth are security analytics / SIEM (10%); threat intelligence (10%+); mobile security (18%); and cloud security (50%). According to a report from Markets and Markets, the cloud security market is expected to be worth $8.7 billion by 2019.
  • IDC predicts that by the end of 2015, 20 percent of proprietary data in the cloud will be encrypted – and by 2018, that will quickly rise to 80 percent. The encryption software market is forecasted to be worth $4.82 Billion by 2019, according to Markets and Markets.
     

It was a short event but quite intense as covered many areas and all in just 3 hours.

Again many thanks to Bloomberg and Chris Lowe in particular for hosting this event and we hope to make it an annual one.