Cyber risk transfer is fragmented across overlapping policies, exclusions and emerging protections.
getty
Cyber risk transfer used to be relatively straightforward: purchase insurance, review the limits and assume the organization had shifted a meaningful portion of its exposure. That assumption no longer holds. Today, cyber risk transfer is fragmented across overlapping policies, exclusions and emerging protections – many of which only apply if organizations can demonstrate how they responded during an incident.
For boards, that shift is significant. Cyber risk transfer is no longer just about coverage. It is about whether that coverage will hold up under testing, and whether the organization can prove it acted appropriately under pressure.
Cyber Risk Transfer Is No Longer a Single Policy
Steven Schwartz, co-founder & general partner, FireTower Risk Solutions
Steven Schwartz
A decade ago, cyber insurance was often treated as a comprehensive solution. Steven Schwartz, co-founder and general partner at FireTower Risk Solutions, explained how the market has shifted away from a single, all-encompassing policy. “Carriers priced for losses that they can model – extortion, business…
