Skip to content

Cyber Insurance News

The Leading Source for Cybersecurity Insurance News, Insights and Data

Marsh McLennan and Zurich Call for Public-Private Collaboration to Tackle Cybersecurity Gaps

Posted on September 5, 2024September 5, 2024 By Martin Hinton

Throughout history, governments and private sectors have joined forces to manage threats that surpass the capacity of either to handle alone. From pooling resources to address nuclear risks under the U.S. Price-Anderson Act of 1957, to the establishment of the National Flood Insurance Program in 1968, and the Terrorism Risk Insurance Act following the September 11 attacks, public-private partnerships have proven essential in mitigating high-risk scenarios. In the face of rising cyber threats, Marsh McLennan and Zurich Insurance Group are calling for a similar collaborative approach to bridge the growing cyber protection gap and enhance societal resilience.

A newly released whitepaper from Marsh McLennan, a leader in risk management, and Zurich Insurance Group, a global provider of resilience services, urges governments and the private sector to work together to address the increasing risks posed by cyber threats, particularly for small and medium-sized businesses (SMBs) that often remain uninsured or underinsured. Titled Closing the Cyber Risk Protection Gap, the paper highlights the urgent need for innovative approaches to mitigate these evolving risks.

What follows is our takeaway; you can read the full report here.

Growing Threat of Cyber Attacks

Cyber threats, including ransomware and mass cloud outages, have outpaced traditional insurance and risk management solutions. According to the whitepaper, mass malware and cloud outages are still considered insurable up to a certain level of financial loss. However, critical infrastructure failures, such as power outages or financial market disruptions, are generally deemed uninsurable due to their potential to cause catastrophic damage.

The report highlights alarming statistics: the global cost of cybercrime is expected to surge to nearly $24 trillion by 2027, up from $8.5 trillion in 2022. Furthermore, ransomware payments reached a record $1.1 billion in 2023, driven by increasingly sophisticated attack methods, including generative artificial intelligence (AI). As John Doyle, President and CEO of Marsh McLennan, puts it, “The severe threat presented by cyber risks requires collective action to bridge the protection gap.”

A Call for Innovative Solutions

The whitepaper emphasizes the need for innovative solutions and stronger public-private partnerships to close the cyber risk protection gap. It suggests establishing a common framework for data sharing, fostering greater collaboration between the insurance industry and the public sector, and encouraging the development of innovative insurance products to tackle insurable and uninsurable cyber events.

Mario Greco, CEO of Zurich Insurance Group, reinforces this need for collaboration: “Large-scale, catastrophic cyber events present substantial accumulation risks that cannot be borne by the private sector alone. Therefore, enhancing cyber resilience is vital to addressing this protection gap.”

To achieve this, the report proposes creating robust incentives as an alternative to further regulation. These incentives could include methods to measure and manage both quantifiable and unquantifiable cyber risks through public-private partnerships. The aim is to sustain the broader economy and create capacity for the insurance market to support society against severe financial risks.

The Role of Public-Private Partnerships

The whitepaper identifies several key areas where public-private partnerships could make a significant impact:

Strengthening Cyber Resilience: Raising awareness and educating organizations about cyber risks, offering subsidies for cybersecurity investments, and sharing structured data. Cyber resilience can reduce pressure around catastrophic risk issues, enabling economies to better withstand and recover from cyber incidents.

Addressing Quantifiable Catastrophic Cybersecurity Risk: While some catastrophic cyber risks can be quantified and insured, events surpassing a certain financial threshold may exceed the capacity of the traditional insurance market. The report suggests that a public-private partnership could help manage these scenarios by pooling resources and expertise.

Managing Unquantifiable Cyber Risk: For risks deemed uninsurable due to their unpredictable nature, such as state-sponsored cyberattacks or critical infrastructure failures, the report calls for collaboration between governments and insurers to create new risk management frameworks.

Real-World Examples and International Efforts

The report points to existing models of public-private collaboration, such as the Cybersecurity Insurance and Data Analysis Working Group (CIDAWG) in the United States, which aims to understand effective security controls and improve data sharing between insurers and government entities. In the UK, recent government papers have highlighted the need to prioritize ransomware as a political issue. At the same time, the European Union’s Digital Operational Resilience Act mandates robust ICT risk management processes.

The paper also compares the need for a public-private approach in cyber risk management to other high-risk domains where government intervention has been crucial. For example, the U.S. government’s Price-Anderson Act covers liability claims from nuclear power plant accidents, and the National Flood Insurance Program provides affordable flood insurance by improving insurers’ reinsurance options.

Creating a Framework for Cyber Resilience

The whitepaper proposes a comprehensive cybersecurity framework involving the private sector and governments to address these challenges. This framework would focus on enhancing cyber resilience, ensuring widespread accessibility and affordability, and leveraging insurers’ risk management and distribution expertise. Additionally, it would aim to maintain risk-oriented pricing to avoid misaligned incentives.

The report emphasizes the importance of overcoming existing obstacles to data sharing, including legal constraints and the lack of standardized incident terminology. Effective collaboration between the public and private sectors could help close these gaps, ensuring a more resilient response to future cyber threats.

A Call to Action

Marsh McLennan and Zurich Insurance Group’s whitepaper serves as a wake-up call for policymakers and industry leaders. As cyber threats continue to escalate, it is clear that traditional risk management approaches are no longer sufficient. The hope is that greater collaboration and innovation will only close the cyber risk protection gap and safeguard society against potentially catastrophic cyber events.

Both organizations urge stakeholders to act now, fostering partnerships to enhance cybersecurity maturity and resilience. The whitepaper presents a critical roadmap for addressing the growing cyber threat landscape and ensuring a secure digital future for businesses and economies worldwide.

Source: Closing the cyber risk protection gap.

Other News: Ransomware Crisis Worsens in 2023: Calls for Urgent Action to Ban Payments – Report(Opens in a new browser tab)

Other News: FBI Issues Urgent Ransomware Attack Warning—Do These 3 Things Now.

Cyber Insurance, Cybersecurity Report Tags:cyber insurance, Cybersecurity, Marsh McLennan, public private partnership, Zurich Insurance

Post navigation

Previous Post: A Hurricane of Cyber Insurance – Report
Next Post: Resilience Strengthens Leadership for Today, While NetDiligence Builds Talent Pipeline for Tomorrow

Related Posts

  • The Grand Jury Says: Get Cyber Insurance Cyber Insurance
  • Upfort: The New Face of Cyber Security and Insurance Cyber Insurance
  • SecurityScorecard and Willis Partnership: A New Move in Cyber Risk Strategy Cyber Insurance
  • Investment Companies/Advisors Face New Proposed SEC Rules on Cyber; Likely to Increase Demand for Cyber Insurance Cyber Insurance
  • Some IT Pro’s Confused About Their Cyber Insurance: InformationWeek Survey Cyber Insurance
  • Cohesity Report Highlights Overconfidence in Cyber Resilience Amid Rising Threats Cybersecurity

Get the Cyber Insurance Newsletter

Receive weekly updates on the top news on cyber insurance.

Cyber Insurance News

Cyber Insurance News
In this clip from our latest podcast episode, Dan Candee, CEO of Cork Protection, dives into a critical topic that hits close to home: Cybersecurity for Main Street businesses.

🛡️ With a background in enterprise-level cybersecurity on Wall Street and a personal connection to small business through his family, Dan shares why Cork focuses on protecting small and mid-sized businesses from rising cyber threats.

🚨 "The threat actors are getting better, and they're coming after Main Street more and more."

👉 Discover why Main Street is being underserved in today's digital threat landscape and how Cork is filling that gap with a unique value proposition.

🔗 Learn more about Cork: corkinc.com
🎧 Full Podcast Episode: www.youtube.com/@CyberInsuranceNews/podcasts

📣 Don't forget to LIKE, SUBSCRIBE, and hit the 🔔 notification bell so you never miss a powerful conversation.

#Cybersecurity #SmallBusiness #MainStreet #DanCandee #CorkProtection #TechForGood #SMBs #PodcastClip #CyberThreats #BusinessSecurity
Cybersecurity for Main Street: Dan Candee on Protecting Small Businesses | CEO of Cork Protection
SMB Cyber Threats - In this episode of the Cyber Insurance News Podcast, host Martin Hinton talks with Dan Candee, CEO of Cork Protection, about the rising tide of cyber threats targeting small and mid-sized businesses (SMBs). Dan shares his journey from Main Street entrepreneur to cybersecurity leader, offering real-world insight into the threat landscape, financial vulnerabilities, and how AI and managed service providers (MSPs) can help fortify business resilience.

We explore:
• Why Main Street is more vulnerable than Wall Street
• Common SMB cybersecurity blind spots (like ACH fraud)
• The evolving role of managed service providers
• How Cork Protection blends cybersecurity and cyber insurance
• Real-world attack case studies and practical advice for SMBs

Whether you’re a small business owner, MSP, or cyber pro, this episode unpacks how to prepare, prevent, and protect your organization in today’s digital world.

📌 Topics: cybersecurity, cyber insurance, social engineering, SMB protection, ransomware, AI in security, MSPs

🎙 Guest: Dan Candee, CEO of Cork Protection
📢 Host: Martin Hinton, Executive Editor, Cyber Insurance News

👉 Don’t forget to like, comment, and subscribe for more insights on cyber insurance and digital defense!

#CyberSecurity #CyberInsurance #SMB #AI #CyberPodcast #BusinessResilience #smallbusiness #sme
00:00 Introduction - Dan Candee and Cork Protection
02:27 The Importance of Cybersecurity for Small Businesses
05:29 Understanding Cyber Threats and Their Impact
08:26 The Role of Managed Service Providers in Cybersecurity
11:24 24Financial Protection and Cyber Insurance Solutions
14:01 Leveraging AI in Cybersecurity
16:53 Navigating Cyber Insurance Policies
19:56 Empowering Small Businesses with Knowledge
21:52 The Future of Cybersecurity and Community Resilience
26:05 MSP/ MSSP The Lingo decoded
29:05 Finals Thoughts and a bit of Hope!
SMBs Are Cyber Targets | Dan Candee on Cyber Resilience & AI | Cyber Insurance News Podcast EP#6
Cyberattack on Small Business is on the rise—and AI is making it worse. In this episode of the Cyber Insurance News Podcast, host Martin Hinton sits down with William Altman of CyberCube to unpack how AI is enabling threat actors to more efficiently target and exploit small businesses.

🔐 From credential stuffing to brute force attacks, William explains how cybercriminals use AI to bypass login portals and MFA solutions—putting millions of small business owners at risk.

🎙️ Timestamps:
0:00 - Introduction
6:26 - William Altman on AI and threat actors
6:50 - Credential stuffing, brute force & reused credentials
10:00 - What small businesses can do right now
14:20 - The future of AI in cybercrime

🎧 Don’t miss this crucial update on the cybersecurity landscape for small businesses. Subscribe and stay informed.

#cyberattack #smallbusiness #AI #cybersecurity #CyberCube
Cyberattack on Small Business: How AI Supercharges Cyber Threats | William Altman @CyberCube"
Load More... Subscribe

Categories

  • 8-K
  • AI & Cyber Insurance
  • AI & Cybersecurity
  • Critical Infrastructure cyber insurance and security
  • Cyber Cat Bonds/Cyber Catastrophe Bonds
  • Cyber Insurance
  • Cyber Insurance APAC
  • Cyber Insurance Best Practices
  • Cyber Insurance Captive
  • Cyber Insurance Carriers & Brokers
  • Cyber Insurance Claims
  • Cyber Insurance EU
  • Cyber Insurance Financial Institutions
  • Cyber Insurance for Government
  • Cyber Insurance for Healthcare
  • Cyber Insurance for Schools
  • Cyber Insurance for SMEs/SMBs
  • Cyber Insurance For Startups
  • Cyber Insurance for Utilities
  • Cyber Insurance Geographic Markets
  • Cyber Insurance Industry Groups
  • Cyber Insurance Investments and M&A
  • Cyber Insurance Jobs
  • Cyber Insurance Laws & Regulations
  • Cyber Insurance Litigation
  • Cyber Insurance Market Size
  • Cyber Insurance MENA
  • Cyber Insurance News & Information Podcst
  • Cyber Insurance People
  • Cyber Insurance Policies & Strategies
  • Cyber Insurance Premiums
  • Cyber Insurance Reports
  • Cyber Insurance Settlements
  • Cyber Insurance Sunday – Upload
  • Cyber Insurance Systemic Risks
  • Cyber Insurance Tech
  • Cyber Insurance Threats
  • Cyber Insurance UK
  • Cyber Insurance Underwriting
  • Cyber Insurance Wholesaler
  • Cyber Regulations
  • Cyber War Exclusions
  • Cybersecurity
  • Cybersecurity and Credit Ratings
  • Cybersecurity for SMBs
  • Cybersecurity in Education
  • Cybersecurity Investment
  • cybersecurity jobs
  • cybersecurity M&A
  • Cybersecurity people
  • Cybersecurity Report
  • Cybersecurity Training
  • Department of Homeland Security
  • EU Cybersecurity
  • Insurance Linked Securities/ILS
  • Insurance Loss Warranty contract/ILW
  • Managed Service Providers
  • National Association of Insurance Commissioners' (NAIC) model cybersecurity law
  • Non-criminal Claims/Non-Malicious Claims
  • Opinion/Commentary
  • Personal Cyber Insurance
  • Personal CyberSecurity
  • Ransomware Insurance
  • Reinsurance
  • Risk Modeling
  • SEC Cyber Disclosure Rule
  • Small Business
  • Supply Chain Cybersecurity And Insurance

Send Ideas, Requests & Comments




    Tags

    AI AI in Cybersecurity Artificial Intelligence At-Bay Beazley CFC Chubb Cloud Security Coalition Corvus Cowbell Cowbell Cyber crowdstrike cyber attack Cybercrime CyberCube cyber insurace cyber insurance cyberinsurance cyber insurance for small businesses Cyber Insurance Market Cyber liability Insruance cyber liability insurance cyberliabilityinsurance Cyber Resilience Cyber Risk Cyber Risk Management cyber security Cybersecurity cybersecurity insurance Cyber threats Data Breach Data Breaches Howden Lloyds Marsh Microsoft personal cyber insurance phishing Ransomware Ransomware Insurance Resilience Risk Management SecurityScorecard small business
    • Cyber Insurance Books
    • Cyber Insurance Reports & Documents
    • Cyber Insurance Acronyms/Terms
    • Cyber Insurance Companies: Carriers, Brokers & Vendors
    • Industry Response: Potential Federal Insurance Response to Catastrophic Cyber Incidents
    • Ransomware Insurance
    • How Much Is Cyber Insurance?
    • Considerations for Buying Cyber Insurance
    • Cyber Liability Insurance Near Me
    • Cyber Insurance Quote
    • Newsletter
    • Legal Analysis & Full Text of 2023 SEC Rule: Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure
    • Glossary
    • About Cyber Insurance News
    • Privacy Policy

    • Cybersecurity Jobs 2025: EC-Council’s $100M Bet on Innovation Amid Workforce Burnout Cyber Insurance Jobs
    • NordVPN Adds Insurance To Its Arsenal And Yours Cyber Insurance
    • NetDiligence Cyber Claims Study – The Rising Tide of Cyber Risks Cyber Insurance
    • The “Ransomware Business Model”  Cyber Insurance Carriers & Brokers
    • Arctic Wolf Unveils Cyber Resilience Assessment Tool to Enhance Business Insurability and Security Cybersecurity
    • Converge Cyber Insurance Expands – New Underwriting Capacity from Obsidian Cyber Insurance
    • Tech + Cyber Insurance: Password Manager NordPass Partners With Cowbell Cyber Insurance Best Practices
    • AXIS Capital Bolsters Cyber Insurance Leadership with Appointment of Simon Dejung as Chief Underwriting Officer Cyber Insurance

    Related Cybersecurity Sites

    http://www.whatiscyberliability.com

    https://www.whatiscyberinsurance.com

    http://www.ddosattacktutorial.com

    http://www.ransomwareremovaltool.com

    Our Privacy Policy: https://cyberinsurancenews.org/privacy-policy/

    Copyright © 2024 Cyber Insurance News.

    Powered by PressBook Premium theme