Newsletter


Pictured: Dan Teclaw, Kim Guerriero, Mike O'Malley, and John O'Neil
14 August 2024news

Understand the true cyber threat before committing to a captive

The risks of cyber-attacks need to be properly considered and understood by companies before they consider covering them via a captive, attendees at the Vermont Captive Insurance Association’s 2024 conference have heard. 

In a panel discussion entitled ‘Is Cyber Coverage Right for Your Captive?’, conference attendees were told that the number of cyber-attacks is increasing, and that careful attention must be paid to this area. 

In addition, a wide range of cyber coverage is now required to cover the impact of cyber-attacks, which include data breach costs, cyber extortion, BI losses, fraud response, data recovery & services, etc. 

The panel was moderated by Dan Teclaw, director at AM Best, and comprised: Kim Guerriero, Principal and Consulting Actuary, Milliman, Mike O'Malley, Managing Director, Strategic Risk Solutions, Vermont, and John O'Neil, Company, Assistant Secretary, MassMutual MCAM Insurance. 

Cyber risk has a stable outlook now, according to AM Best, as Teclaw noted. He said that this outlook was down to greater demand and increasing take up rates, continual improvements in cyber hygiene, expected profitability over the immediate term, improvements in underwriting practices and policy language and supportive reinsurance & ILS markets. 

However, he said that there are also countervailing factors that include increased competition & modest premium growth in US, growing sophistication of attacks using AI, aggregation risks, model risk & divergence among models & a heavy reliance on reinsurance. 

O’Neil stressed that before a company should consider a cyber captive, executives should talk to the IT department, face to face, if possible, to find out what the real risks are from cyber threats. Only then should hey consider if a captive was right for the company. He said that it is important to talk to senior staff about cyber & captives – and find out how much the company is spending on IT issues. 

Some of the examples of recent cyber-attacks that were mentioned included the WannaCry, Robinhood, Ryuk and REvil ransomware incidents that hit many major US businesses. 

It was pointed out that with better cyber hygiene, some ransomware attacks are being mitigated and that ransomware demands are being increasingly ignored, as disruptions are being addressed better. 

However, it was also stressed that companies should not be complacent in any way, as the sophistication of cyber-attacks is constantly increasing. 

Did you get value from this story?  Sign up to our free daily newsletters and get stories like this sent straight to your inbox.



Editor's picks

Vermont enacts captive law updates to strengthen regulations and keep global lead
news
Vermont enacts captive law updates to strengthen regulations and keep global lead
21 May 2025

Editor's picks

news
Vermont enacts captive law updates to strengthen regulations and keep global lead
21 May 2025   Governor signs H.137 into law and stresses importance of maintaining Vermont’s position.
news
Captive Review unveils the 2025 Power 50!
15 May 2025
news
NY Governor boosts state captive market
12 May 2025
news
BMA attempts to calm fears over group supervision
9 May 2025
news
NRRA announces date for 2025 conference
9 May 2025
news
New CEO at Lloyd’s
8 May 2025

Related content

Could South Africa’s cell captive model offer a blueprint for the UK?
GCM launches Outcomes SPC to lower barriers to captive insurance entry
Meet Monty: VCIA’s new AI assistant for the captive insurance community
Vermont enacts captive law updates to strengthen regulations and keep global lead
Georgia’s new captive legislation backed by GCIC
Liberty Mutual Re launches parametric coverage to protect Colombian farmers from climate risks
NCCIA announces leadership transition with new president & CEO
VCIA opens registration for 40th annual conference