Asaf has started his cyber career as a soldier in the intelligence corps of the Israeli Defense Forces. For most of his military service, Asaf took charge as a commander of a Security Operation Center (SOC) which was responsible for the monitoring of cyber attacks against the internet infrastructure of the IDF. For his work as a commander, Asaf has received a certificate of excellence on behalf of the head of the Intelligent Corps. Asaf is now the Co-founder and a CTO for the Cyber Insurance Academy.
1. What is the Cyber Insurance Academy?
The Cyber Insurance Academy is a 24/7 online academy designed for
insurance companies who are looking to expand their employees cyber knowledge in the field of cyber insurance.
Cyber Insurance is the fastest growing product in the insurance industry, and despite the fact that it is still a “young” and developing product, it is regarded by many in the insurance industry as the leading risk any business is facing today.
Insurance companies and brokers ,all over the world, fully understand the importance of cyber policy as part of a company’s robust security posture. Unfortunately, the companies themselves don’t fully understand it, and this is where the insurance industry needs to step in.
The biggest hurdle to the development and implementation of cyber insurance is the leak of education among insurance professionals; the insurance industry should be well acquainted with the “cyber language”, and the cyber products it is offering to clients.
This educational gap eventually affects the ability of insurance personnel to sell policies. Nonetheless, it affects the ability to properly underwrite and price cyber policies.
The Cyber Insurance Academy will transform insurance professionals to become cyber champions. Upon graduation they will know the “cyber language”, and will acquire the confidence and ability to talk to technical leaders such as CIOs and CISOs.
2. Can you please elaborate about the cyber insurance product and the industry?
In a nutshell, cyber insurance is a risk transfer mechanism for cyber related risks.
Companies will never be completely protected; Even top tier companies, which invest millions of dollars in their cyber security, are still left exposed. For example, in July 2020, Twitter had experienced a cyber incident which came from an unexpected path – two of the attackers claimed that they bribed a Twitter employee in order to access the internal system. Thus, every company has their own unavoided residual cyber risk, which should be transferred to the insurance company.
Unlike traditional insurance policies, which usually compensate the insured only financially, cyber policies usually provide a unique offering; not only that it compensate financially, it also includes the service of an active Incident Response Team (IRT).
The IRT, which is made of technical, legal and PR experts, will be there, by the client’s side, to support and assist in managing a cyber incident.
The cyber insurance industry is growing rapidly. The market size was valued at $4,852.19 million in 2018 and is projected to reach $28,602.10 million by 2026, growing at a CAGR of 24.9% from 2019 to 2026.
3. Why is cyber insurance different from traditional insurance?
While this product presents a huge opportunity for the insurance market, the cyber policy is still considered quite challenging.
One of the most prominent challenges is the distinctive terminology; most traditional insurance products are addressing well known topics which are part of our daily lives andinsurance professionals are well acquainted with those matters.
Nevertheless, when it comes to cyber insurance, most insurance professionals do not have the required fundamental technical terminology and understanding of those new emerging risks, and as a result they shy away from dealing with them.
Moreover, most of the discussion in other insurance products is conducted in front of CEOs, COO, CFO or risk managers. However, in cyber insurance the professional discussion is conducted in front of a CISO/CIO or other IT professionals, and the discussion naturally becomes quite technical. A cyber insurance person who is not familiar with the “cyber language”, won’t be able to conduct a productive meeting with these technical leaders.
In addition, the lack of statistical data and actuary makes the cyber underwriting process more difficult than usual, the nature of the risk is constantly changing, and there is a potential for it to become a global accumulated catastrophe.
4. What is the future of the Cyber Insurance Academy
Cyber incidents ranks as the most important business risk globally in the ninth Allianz Risk Barometer of 2020. This item of data, combined with the fact that cyber insurance is the fastest growing product in the insurance industry, clearly indicates that this is the future, and we will be the ones educating the industry.
The cyber insurance academy’s objective is to bridge the gap by delivering cyber knowledge to insurance professionals, and by that, help improve the cyber insurance market as a whole.
Another key mission of ours, is to help spread the product, and demonstrate its importance as part of a robust cyber security posture.
In the context of the future, it is important to understand that the cyber risk is an ever changing one, therefore, insurance professionals must stay up to date, both on cyber developments and insurance developments.
We plan on helping them do that through robust educational activities that include: webinars, podcasts, weekly newsletter, insurance case studies, cyber incidents updating, and many more.
5. What is the startup scene in Israel and how has that helped your company?
Israel is the “startup nation”, and it is not a cliche. There is an israeli startup ecosystem that is being expressed by the following facts; One startup for every 1800 Israelis, #2 in absolute number of startups (US is #1) and VC investment per capita is 2.5 times over the US and 30 times Europe. Naturally, we were inspired by the israeli entrepreneurial spirit.
Regarding the insurance startup community – there are dozens of israeli startups that I truly believe will significantly change the world of insurance. There are solidarity relations between industry’s startups, and we often support each other.
We would like to thank Asaf for speaking with us.