Success in the cyber insurance space requires bridging the gap between security experts and insurance experts.
The complex industry will only thrive if serviced by people who’ve mastered both disciplines, according to Rotem Iram, CEO of stealth cyber insurance startup at-bay.
Iram has a background in cyber security and most recently held the position of COO of cyber insurance practice at K2 Intelligence. For the past 17 months, Iram has been developing at-bay, which is set to launch later this month.
Insurance Business caught up with Iram to find out more about the man on a cyber mission.
How did you get started in the industry?
While working on building K2 Intelligence’s cyber security practice, my firm received a strategic investment from
AIG, in large parts, to collaborate with their growing cyber insurance practice – on both the underwriting side, and responding to incidents of
AIG’s insureds. It gave me a unique opportunity, being a cyber security guy, to see the full lifecycle of a cyber insurance policy and how a mature insurance company meets the challenges this unique risk creates. I decided there was a big opportunity to innovate in this space, but only by taking on the role of underwriter and redesigning the models, products, risk selection and pricing.
Celebrate excellence in insurance. Join us for the Insurance Business Awards in Chicago.
What is the most exciting thing about working in cyber insurance and risk management?
Cyber insurance is a new problem that keeps evolving. It requires new models and approaches to risk as well as redesigning the insurance organization to optimize around learning. Bridging the gap between security experts and insurance experts, and creating one team that drives innovation in an insurance product that provides coverage against incredibly technical cyber triggers, is a big challenge and one that I am very excited to solve.
What are the most challenging aspects of the work?
The existing insurance regulations, products and practices do not necessarily fit the needs of cyber risk, and the strong competitive pressures challenge the viability of some innovations. Examples are year-long policies for rapidly changing risk and missed opportunities in technical inspections of prospects.
How can you see the cyber insurance market moving forwards?
Cyber insurance is in its second horizon. The origin was around a new data privacy regulation that created a need for a data privacy policy. In recent years, cyber triggers have been excluded from thinly priced commercial policies and added to the privacy policy, creating a cyber policy that is, effectively, a conglomerate of insurance agreements carved out of other policies. As organizations continue to digitize their business processes, damage from cyber triggers will increase to a point where these triggers will need to be reintroduced to the commercial policies. We have already seen the beginnings of this trend with E&O policies bundling back cyber triggers. The key to unlock a competitive advantage in pricing commercial policies in the next
decade will be in the ability to understand cyber triggers and how they impact business – well beyond data privacy risk.
Can we have a short introduction to at-bay and your aims with the company?
Technology and interconnectivity has brought with it a need to solve new and complex problems that have a profound impact on society. At at-bay, we aim to help companies continue to embrace technology, fearlessly.
We are a cyber underwriter built by security experts. We introduce fundamental innovations to how risk is selected and priced, and we build insurance products and services to meet the needs of sophisticated risks.
We put a strong emphasis on supporting our portfolio companies throughout the lifetime of the policy to actively help them control risk, and are bringing our expertise in incident response to help customers fix issues faster and with lower costs. We partner with brokers to provide customers with meaningful risk insights and a modern, quick and painless way to submit, quote and bind policies.
What advice would you give to someone hoping to get into the cyber insurance / cybersecurity / risk management space?
If you come from either discipline – insurance or security – breaking into the other may seem intimidating and too complex to grasp. I would encourage you to apply yourself and become an expert in both. It is not a simple task, but by mastering both disciplines you will be in a unique and invaluable position to provide value and drive meaningful innovation.
If you weren’t working in insurance, what would you be doing?
Having a cyber security background, I’d most likely be working on technology innovations in that industry.
What are your favorite hobbies?
My biggest passion is basketball, but in recent years I mainly enjoy being outdoors with my family and friends.
Related stories:
Cyber insurance is like “the Wild West”
Time for insurance to reassess its approach to cyber?