US and EU cybersecurity risk management regulation, its effects on risk transfer, and opportunities to improve actuarial decision making

Wed 26 Jun 2024 -
14:00 - 15:00
Times are given in British Summer Time (GMT+1)

Cybersecurity is a top-3 risk for boards. It is a risk to national, economic, and societal security. Cyber attacks directly and indiscriminately target critical nation infrastructure providers, defence contractors, and financial institutions.

In response, cybersecurity is being regulated by several nation states and their industry regulators. Cyber regulation transfers cyber risk ‘left of bang’ into the board rooms of covered entities, which includes insurers. It requires boards to demonstrate reasonable and adequate management compliance over cybersecurity risk and the introduction of civil and criminal penalties to boards for non-compliance. And it creates legal and compliance risk for covered boards and their organisations.

Regulatory compliance creates opportunities and challenges for the insurance industry. Demonstrating regulatory compliance requires proactive oversight, assurance, and attestation of cyber risk. Regulatory oversight, assurance, and attestation necessitates board governance and provenance. The posture of corporate cybersecurity maturity will be difficult to hide.

Join us as we discuss cybersecurity risk management regulation and the opportunities and implications for cyber and D&O underwriting.

 

Speakers

Clark Boyd

Bryan Foss

Andy Watkin-Child

Chair: Lawrence Habahbeh