Financial R&R: Cyber Trends and Strategies - Takeaways from the ABA Conference
Ron Borys and Ryan Farnsworth are joined by CJ Dietzman and John Loftus, Alliant Cyber, to review key takeaways from the recent ABA Conference. The team discusses client issues related to cyber risk management and the need for a broader approach that includes security controls and cyber insurance. Many clients have invested heavily in cybersecurity and control and are ready for "cyber insurability 2.0."
More episodes of Financial R&R:
Welcome to Financial R&R, a show dedicated to financial insurance and risk management solutions and trends shaping the market today. Here are your hosts, Ron Borys and Ryan Farnsworth.
Ron Borys (00:14):
Well, welcome back everyone. This is Ron Borys and I'm here with Ryan Farnsworth, and this is the Financial R&R. We just came back a couple of weeks ago from the 2023 ABA Insurance Risk Management Forum, and Ryan and I were thinking, what better way to kind of provide some thoughts and feedback and some takeaways from probably one of the most important risk management events for the financial institutions' industry sector? The first time the event came back since Covid, I think people were really excited. Participation was high, certainly couldn't have chosen a better venue. The Omni in Nashville was awesome. The hotel was great for business meeting purposes.
Ryan Farnsworth (00:58):
Well, whether these conferences are in person or virtual, it kind of runs with the theme of what we're talking about today, which is cyber risk and what it means for financial institutions. Whether we are back in person for these types of events or not. Cyber risk continues to be prevalent and an area that Alliant continues to invest in. And we've brought two of our experts within our cyber vertical with us today, John Loftus and CJ Dietzman, welcome.
CJ Dietzman (01:25):
Thank you so much. Glad to be here, and an amazing conference it was. I think John would agree, a lot of great collaboration. Some of the topics that were discussed were really well aligned with the new Alliant Cyber vertical. Some cool stuff. John, what do you think?
John Loftus (01:40):
Yeah, without a doubt, it was just a great opportunity to hear directly from a lot of clients and prospects, a lot of the large investment banks, regional banks, alternative asset managers. It's definitely an exposure that's still top of mind for all of the risk managers and insurance buyers that we met with.
Ryan Farnsworth (01:59):
Well, John and CJ, you represent two of the areas where Alliant is investing. John, really from your perspective and expertise, more on the brokerage side of the discussions from the conference and CJ from the consulting services side. Maybe we break those down by going to CJ first and talk about some of the client issues that were raised from a cyber consulting perspective. And as we think about helping clients find the more rewarding way to manage cyber risk, in this case, what are some of the things that were discussed and things that were takeaways for you following the conference?
CJ Dietzman (02:35):
Sure, Ryan, it's an important question. You know, I think first things first, one of the most exciting takeaways for me was the willingness and openness from clients, from risk managers, that we met with who were really ready for the "what's next?" So, the conversation pivoted solely from a focus on cyber insurability, which is critical and it's so core to what we bring to bear every day with our clients from a cyber brokerage and risk transference standpoint. But really taking the conversation up a level and talking about the broader cyber risk management, the integration of security, controls, cyber insurability, cyber insurance, different carrier expectations, different cyber insurance products and models. When we bring all of that together, some exciting things can happen. And I think the message that resonated with clients was one of depth and weight around all the things that we're bringing to our clients above and beyond.
So, certainly, world-class brokerage services aligned with carrier expectations, aligned with the market, mastery level understanding with the market, but then coupling that with a perspective on cybersecurity, sort of what we're calling "cyber insurability 2.0," not only calling out challenges and issues that we see on the horizon but saying, listen, we're here with you, hand-in-hand, jumping in with our clients, focusing on remediation, optimization and enhancement. You know, and the last thing I'll say, I really want to hear from John, but in the dialogues that we had, clients, while there's still some uncertainty and dealing and managing with this hardened cyber insurance market, many clients have invested heavily in cyber recently, cybersecurity, cyber control. So, they're saying, "listen, we are ready for the, what's next, and what does that look like?" It's not just a question of, "hey, where does it hurt and where do we have control gaps?" We've kind of been talking about that for a few years. Many of our clients have remediated some of those burning platform areas. And in fact, there's an expectation of, how do we leverage all this investment for a better cyber insurability outcome, which I think is really cool and where Alliant can have the greatest impact. John, what do you think?
John Loftus (04:46):
Yeah, I think based upon our discussions with a lot of these risk managers, I think we did get a sense that we really are aligned with what they're trying to achieve in some of their frustrations with how integrated we are in terms of the broking team and our security consulting team, right? Where, I think the comments from some of our competitors were when cyber risk consulting people even participated in any of their meetings in the past, with regard to risk and insurance, they were really there to think about, okay, how can we cross-sell some security service here? Where, conversely, what we're doing is a much more integrated approach to help them with their renewals. Because I think one of the common messages and themes, in terms of the frustrations for many of the risk managers at these banks, was the lack of uniformity in the underwriting process, the application process.
They're questioning whether or not they're really getting any value from these conference calls that they're customarily conducting with the insurance marketplace. And they don't really feel that they're getting premium credit that's commensurate with the maturity of their information security program or the investments that they're making. That was a common feedback and frustration that we heard in terms of this hard market cycle. And I think where we're aligned, is our approach to that underwriting process and bringing in the security practitioners to make that underwriting process more efficient, to have that direct line of communication with the chief information security officers and helping them craft their narrative and make sure that the insurance marketplace understands, clearly, why their program is mature, what investments they're making, why their risk profile is differentiated and why they should be getting credit for that. What we're trying to achieve was really aligned to address some of the frustrations that we consistently heard from people at the conference.
Ron Borys (06:43):
Yeah, listen, I would say, having had the fortunate opportunity to spend a couple of days with both of you, John and CJ, in a variety of meetings, both with our existing clients, who attended the event and, certainly clients who are not with us right now, but interested in what we're doing better and differently to help our folks, our clients, find the more rewarding way to manage risk. From my perspective, one of the things that was abundantly clear, you were a pretty popular guy, John, people had a lot of great things to say about you, from working with you previously and in recent times. So, CJ maybe we could just, for folks that didn't get an opportunity to meet with you at the ABA Conference, maybe you can just talk a little bit about what's different. What are we doing here? We're not looking to be incident response professionals, right? We're not necessarily looking to do the work that, certainly there's a lot of very sophisticated and highly credentialed and experienced firms out there and able to do, can you just spend a few minutes talking about that?
CJ Dietzman (07:40):
Sure, absolutely. I sort of see it as, bringing together the best of Alliant's cyber capabilities into one vertical. But, what I'll say is we're talking about a force multiplier here. The concept that, at our core, what Alliant is perhaps best known for is in the insurance brokerage and specifically cyber insurance brokerage, the risk transfer services. Alliant has had, for a long time, some incredible talent around cyber brokerage and risk transference. Really, what we're doing is bolstering that and enhancing it, if you will, with other complimentary capabilities in the vertical. For example, risk analytics and quantification, and this new Alliant cyber risk management platform that I was mentioning, cloud-based technology, non-intrusive, lightweight, which our brokers and our client engagement teams can bring to bear for clients and enable them to take a closer look at sort of that balance sheet risk, the dollars and cents of cyber risk versus the qualitative assessment of just focusing on controls.
Are they in place? Are they not in place? Still super important. However, we're enabling our clients and underwriters and certainly, our cyber brokers, to pivot the discussion to more focus on risk, probability, magnitude, potential loss, expressed in a balance sheet manner around cyber risk, leveraging that new platform. So more to come on that, but also bolstering that with consulting and advisory. We're not looking to be a digital forensics and incident response firm. We are here to help our clients navigate and identify an optimal digital forensics and incident response firm that's well aligned, not only with their carrier panel expectations but also the clients' industry sector and expectations. Specifically, in consulting and advisory, we can help our clients with risk assessment, incident response readiness, governance and compliance, security architecture and controls, data protection, offering them things like CSO on-demand, cyber diligence, incident response planning, tabletop exercises, that we are uniquely positioned to help our clients there with an incredible team that we're building.
The last thing I'll have, and I kind of alluded to this when we were talking about digital forensics and incident response, Ron, is the fact that, as sort of an extension of our role as a cyber broker, as we help our clients navigate, we can do the same and help them navigate the cyber security market, looking at the right solutions for our clients, whether it's a privileged access management solution, multi-factor authentication, an incident response firm, consultative, collaborative, in partnership with the cyber brokerage team, helping them not only address control related policy procedures, but also technology gaps that they may have or technical control gaps, not leveraging us as integrator, that's not who we are, or reseller, that's also not who we are. But again, an extension of our role as a broker, helping our clients navigate cybersecurity solutions. So, when you look at those four capabilities, risk transfer services, analytics and quantification, consulting and advisory, and then risk and security solutions, our Alliant Cyber ecosystem is pretty cool.
Ryan Farnsworth (10:58):
And CJ, it's working, since Alliant Cyber has been implemented over the last several months, we're now having clients go through the process of going through the consulting and risk identification process, identifying solutions in ways that they can be more ready, not only to protect their firm but more ready for an insurance renewal cycle when and if they have insurance in place already. And John, I want to make the pivot to what the cyber insurance market looks like right now because this particular client that I'm referring to that went through the risk identification process, the risk assessment process, we are going through the options where we are able to procure several more options than we had in the past. And the option that eventually is going to be included has a reduction in the retention from $150,000 to $25,000, per claim, and the overall premium is going down by over 50%. Those are phenomenal outcomes, that are a combination of the work on the consulting services side together with the softening market. So maybe John, provide your perspective on where the market is now from an insurance perspective, how these services can be instrumental in the application process and then where you foresee the market going in 2023.
John Loftus (12:15):
Yeah, I think that's exactly right, in terms of our integrated approach, right? And getting our security practitioners involved in the crafting of our submission and our negotiations with these underwriters. It's really been a win-win, and while we feel that we're best positioning our clients at all times, I mean, we've also gotten good feedback candidly from the insurance marketplace. We're also helping them get the information they need and spending the time to really walk them through the information security program and making sure nothing's misrepresented or mischaracterized, which we've often found with clients that we've recently started working with. There were many clients who were not getting credit for the maturity of their information security program, the investments that they'd made. We had underwriters that were confused about where things stood and we've eradicated all that and best positioned our clients but given the underwriters the ability to properly document their files and give us premium credit, where it is due, based upon how mature a lot of these financial institutions are that we're working with and our newer clients.
So, we're definitely seeing that. We feel that all of our negotiations are empowered because of our integrated approach, because of the security practitioners that are working with our placement brokers. We don't view what we do, as a commodity, right? We're not here just to drive, we're not just solely focused one-dimensionally on price. We're here to share actionable guidance on what we're seeing in terms of claims, how they can continue to be better protected, how they prioritize their security investment. But, I think what we're also focused on, right now, is coverage, and there's a lot going on there. That's such a moving target and we're starting to see some of the carriers introduce a new exclusionary language, but there's a lot of challenges with that in terms of some of the ambiguity, some of the more onerous exclusionary language, that's hitting the marketplace. Some of the more onerous exclusionary language associated with infrastructure, where they're starting to add in security exchanges, things like that, that are very problematic for our clients and that some of the banks that we spoke with weren't even really cognizant of some of these changes hitting the marketplace yet.
Ron Borys (14:30):
Yeah, I think, it felt like we were one of the only firms represented at the ABA, that brought our senior claims person. What I thought was really interesting, and clients continue to be really frustrated with the claims process and the services they're getting. From my perspective and from what I picked up or took away from the ABA, the really big clients are getting a lot of great resources, right? We all know that for those of us who've spent time in other organizations, right? But, what I thought was really interesting was with some of the mid-size businesses and even who some might categorize as smaller businesses, that seems to be where the drop-off is. I think at one point I even heard somebody suggest this trend in the market where people are going to start charging customers for claim services.
I mean, that's something that we have always offered as a courtesy to our customers and certainly something that we have no plans at all of charging extra fees for claims resources because we want to make sure that we get the coverage right on the front end. We want to make sure we're providing the right advice and consultative risk services to help best present your risk to the marketplace. But, then at the end of the day, we want to make sure we help our clients recover and work with the insurance carriers to get that policy proceed, that they feel like they've rightfully purchased through this risk transfer product. So, it's really amazing to me, communication process, lack of specialty resources. As we know, we've had lawyers on our team that specialize in both cyber policy wording and cyber claims response and advocacy.
We also have a policy wording attorney who works very closely with our brokers, in looking at policy language and making sure that we're really pushing the market for what we would consider, terms and conditions that exceed the general market standards. But, I think just those continued investments that we continue to make to me, was really sort of eye-opening and really stuck out when we were looking at and talking to these folks compared to conversations they were having with other participants. So, with that, we'll wrap up this session. Thanks again, CJ and John for joining us. For all those folks who are listening in, who took the time to meet with us while we're at the ABA, we really appreciate that. And for those of you that we didn't get a chance to spend some time with us, we'd be happy to do so at any time in the near future, whether it's in your offices or ours. Thank you all for listening. If you're interested in learning more about Alliant, you can visit our website www.alliant.com. That's it for now. We'll talk again soon.
Thanks for your message.
We’ll be in touch shortly.
Silicon Valley Bank (SVB) - Rebuilding Confidence in the Banking Industry
Ron Borys and Ryan Farnsworth are joined by guests, Steve Shappell and David Finz, to continue the discussion around the turmoil which has hit the banking industry over the past two weeks.
Financial R&R: Silicon Valley Bank Collapse - Immediate Takeaways and Next Steps
In light of the recent collapse of Silicon Valley Bank, Ron Borys and Ryan Farnsworth, Alliant Financial Institutions, sit down with Steve Shappell, Alliant Claims & Legal, to examine the implications of the second-largest bank failure in U.S. history.
Financial R&R: New York State Sharpens its Focus on Cybersecurity for Financial Institutions
New York’s cybersecurity regulation for financial institutions has become a role model for regulators nationwide. Earlier this month, the state’s Department of Financial Services proposed another round of amendments to these regulations.