Black Hat , Cyber Insurance , Events

The Shifting Dynamics of Cyber Insurance

Erik Decker of Intermountain Healthcare on Cyber Insurance Renewal Strategies
Erik Decker, vice president and CISO, Intermountain Healthcare

The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the market has shifted dramatically. Cyber insurance renewals now involve more extensive assessments and increased costs due to the heightened risks.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

Erik Decker, vice president and CISO of Intermountain Healthcare, outlined five critical controls that cyber insurance providers look for when assessing an organization's eligibility for coverage: endpoint detection and response capabilities, multifactor authentication, tested backup maintenance, privileged account management, and email and web filtering protection.

Decker emphasized the value of presenting a strong case for cyber insurance renewal to underwriters. "If you're a good risk, they might want to compete for the primary role, or they might want to go lower, so they get a better price per million cost on that. They might want to take extra capacity," he said. "For larger organizations, it's common to see $5 million, but maybe you get it down to $1 million or somewhere around there, and that helps you reduce your deductible."

In this video interview with Information Security Media Group at Black Hat USA 2023, Decker also discussed:

  • Understanding your security program;
  • Extracting extra value from insurers by having a well-established cybersecurity program;
  • Questions security leaders need to ask themselves before renewal time.

Decker has expertise in security governance and policy, risk assessment and mitigation, security leadership, and incident response. Prior to Intermountain Health, he served as assistant director of information security at Columbia University Medical Center.


About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.