November 01
One thing a risk manager with cyber in their captive can’t ignore: supplier risk.
Supply chain as an attack vector is a well-established priority for corporate security teams. It has been on the radar of C-suites as far back as the 2013 Target breach that resulted in the theft of over 70 million customer records. That breach was attributed to a vulnerability hackers exploited in the computer systems of Fazio Mechanical Services, an HVAC contractor Target used, which was using a free antimalware service that had limited security protocols in place. The event cost Target was somewhere between $300-$400 million (even with a reported $90 million insurance recovery).
October 30
Surge in data-theft incidents highlights dynamic nature of the threat
Data privacy breaches represent the largest shift in criminal behavior over the past year. It’s indicative of the human behavioral nature of cyber risk: as controls are put in place to protect one area, attackers find avenues for monetary gain in another. Understanding this can help risk and security teams avoid becoming the next Cencora or ADT.
October 16
As attacker strategies and tactics evolve, risk officers with enterprise risk management mandates should as well
The number of cyber attacks continue to soar. CISOs and Risk Officers should focus more closely on understanding the intensity of the peril, not just measuring defensive posture, in order to make better risk-informed decisions. Cyber is fundamentally a human behavioral risk that requires a forward-looking approach that can adjust for realtime changes an organization’s risk intensity.
October 10
CrowdStrike event could push more cyber risk into captives
Although having a limited direct impact on captives, the recent CrowdStrike incident will likely lead to more companies assessing the possibility of utilising their captives to write cyber risk.
October 08
When looking at what makes cyber risk ‘dynamic’, the need for a different approach is clear
Trillions of dollars spent every year on digital transformation has resulted in large corporate IT networks becoming ever more complex. Meanwhile, attackers in pursuit of financial gain are constantly evolving tactics, techniques, and procedures to get around security controls to gain access to these networks and steal data. Cyber is a human behavioral risk and as a result, it’s dynamic. Controls that worked on attackers yesterday may not work today. Despite increased risks, digital transformation will remain a business imperative. But companies are losing visibility of their own IT environments and conventional approaches to managing the risk are proving insufficient.
September 26
Intangic appoints Joshua Cryer as Director of Client Solutions
Intangic, a US-domiciled technology risk platform, has appointed Joshua Cryer as Director of Client Solutions.
September 24
Cyber coverage gap won’t be fixed with more of the same
In last week’s CyFi™ note, we covered an overlooked issue in cyber: economic losses. What’s the point in taking stock of these events and the actual and potential losses? It’s important to understand the nature of this gap to then focus on creating better solutions to address it. This is a central topic in the forthcoming October edition of our monthly research note, The Intangibles.
September 23
RVS Monte Carlo #27 – Ryan Dodd: Redefining Cyber Risk for Large Enterprises
Ryan Dodd, CEO and founder of Intangic, shares how his company is transforming the way cyber risk is assessed and managed. With a dynamic, market-based approach, Intangic provides large enterprises with real-time insights into cyber threats and risk, helping them protect themselves more effectively than traditional methods allow.
September 10
One overlooked issue in cyber: growing economic losses
Two recent business interruption (BI) breaches involving US-listed Microchip Technology and US oil and gas services firm Halliburton are not generating the same headlines as the CrowdStrike-related disruptions or even the large-scale breach involving Change Healthcare. But BI incidents like this are causing economic losses for shareholders, and it’s becoming so common that the press barely picks up on it.
September 10
Cyber market faces demand problem, needs pre-emptive approach – Intangic founder and CEO
MGA Intangic is in its second year, backed by AXA XL, and provides a pre-emptive approach to underwriting cyber risks.
August 21
Focus on insured loss from CrowdStrike outage overlooks one key issue
Though the response and resilience of the cyber market is important, what is more critical is how risk teams proactively deploy resources to avoid large BI losses in future.
August 09
Similarities between property and cyber markets present an opportunity
At first glance, the property and cyber markets don’t have much in common, with the property’s scale of losses in the last year of $123 million far exceeding those of cyber. But there are some parallels that can help risk officers present a cohesive risk management strategy to the C-suite and board across both risks with the common objectives of more efficient risk financing and avoiding losses.
August 06
Need to look beyond security controls to avoid large costly breaches
Security controls alone, even when well managed, are not enough to protect a company from cyber criminals. Seeing the threat from the cyber attacker’s point of view is key to bolstering risk prevention efforts before the large breach. It’s no different than how we approach sports matches.
July 29
Slowing US cyber insurance market prompts need to further invest in risk prevention
In 2023, direct written premium in the US rose by only 0.1% according to recent numbers reported by AM Best. Intangic explores how a deceleration in the speed of cyber market expansion points to the need for a new approach.
July 22
Companies can better manage supply chain risk when the CRO and CISO work together
Recent supply chain-related breaches highlight need for a more proactive approach to managing the risk
February 29
Answering the Saturday Morning Question
The questions we hear from risk managers at large companies with captives are: “Do we have enough of the right cover? Are the captive premiums too high? How can we consistently validate our risk posture? What are the best metrics to report to CEO and Board?”
February 20
Intangic’s Dodd: Customisation is “next phase” of cyber market as prices stabilise
Changing demands and expectations among large corporate buyers of cyber insurance are driving carriers to compete for market share at a macro level while also addressing concerns around aggregate risk, according to Intangic MGA CEO Ryan Dodd.
June 23
View cyber as high frequency, low severity, suitable for captives
The sheer volume of cyber-attacks taking place without corporations knowing lends itself to understanding cyber as a high frequency, low severity risk, thus opening the door for more captive involvement, according to Ryan Dodd, CEO and founder of Intangic.