Cyber Insurance and
Risk Controls

11 - 15 May 2020 Songwe Mbeya - Tanzania

Next Workshop
21 – 24 July 2020 Johannesburg South Africa


Register Now! Limited Seats Available!

Tshs 800,000 for Local Delegates
$ 1,100.00 International Delegates

Course Overview

Insurance companies are facing new challenges with the increasing demand for policies to cover cyber incidents such as data breaches and business interruption. Traditional risk assessments are no longer enough to understand the business impact of a cyber-attack.

Cyber Value-at-Risk (CVaR) models have been proposed to quantify security incidents, but they are still quite limited in understanding the specifics of each company and quantifying the risk for a large number of feasible scenarios. A more holistic approach should be considered, but the lack of data and understanding of risks, makes it a challenging problem. In this workshop we will focus latest advances in the topic of cyber insurance, as well as case analyses that examine the effectiveness of current security controls.

Main Objectives

To discuss the state-of-the-art of the cyber security market and identify future trends and challenges in the cyber security insurance market, with a special focus on compliance with the new regulations and best practices to implement

Topics to be covered include, but are not limited to the following:

  • Cyber Insurance
  • Cyber Risk Assessment
  • Cyber Risk Propagation
  • Security Controls and Standards
  • Cybersecurity Metrics and their Measurements
  • Maturity Models and Frameworks
  • Cyber Value-at-Risk (CVaR)
  • Cyber Economics
  • Economics Approaches for Cybersecurity
  • Cyber Harm

At the end of the workshop the participants will be able to;

  • Understand Shifts & trends in the current cyber insurance market 
  • Learn how you can Perform effective Risk Assessment and Impact Analysis for your Prospects/Clients
  • Recognizing the Shared Responsibility Between the Cloud vendor and Cloud Consumer in times of a Security Failure and Liability and their implications for you as a Cyber Insurance Provider
  • Understanding how the Cyber Liability Insurance and Can Benefit the Different Client Categories – Explaining the Differences in First Party and Third-Party Coverage   
  • Developing an effective Risk Modelling Framework to Map the Cause of Losses to the Unique Coverage Frameworks
  • From the Clients’ Perspective – Understanding the Key Considerations When Purchasing a Cyber Insurance, What Seals the Deal?
  • Overcoming the lack of historical data on cyber incidents
  • Delivering reliable cyber claims & incident management services
  • Implementing effective incident response

Targeted Audience

  • Insurers/reinsurers
  • Underwriters
  • Brokers
  • Actuaries
  • Loss adjusters & claims managers
  • Risk managers
  • Cyber/IT lawyers
  • Insurance purchasers
  • CIO’s, CISO’s & CRO’s

Course Outline

The Cyber insurance in the Cyber Security Landscape: An Overview

Why every organisation needs cyber-risk assessments

  • What is a cyber risk assessment?
  • Why do we need to perform a cyber risk assessment?
  • Who should perform a cyber risk assessment?
  • How to perform a cyber risk assessment

Steps actually need to be taken in order to complete this cyber risk analysis.

  • Identify threat sources
  • Identify threat events
  • Identify vulnerabilities and the conditions needed to exploit them
  • Identify the likelihood such attacks would succeed
  • Identify the potential impact
  • Determine the risk posed

Cyber Risk Propagation

  • Risk Assessment
  • Infectious Disease Model
  • Information Security Risk Propagation Method for a Smart Grid
  • SEIR Infectious Disease Model

Cybersecurity Metrics and their Measurements

  • How Do You Measure Your Company’s Cybersecurity
  • What Metrics Should a Company Choose?
  • How is the Company Comparing to Peer Performance
  • What Steps Can a Company Take to Address Gaps in Performance?

Calls for an appropriate framework for cyber risk assessment, resilience and coverage.

The insurance sector has an important role to play in establishing good risk management practices and the associated coverage.

  • To raise awareness of businesses to the risks and losses that can result from cyber-attacks
  • To share knowledge of good cyber risk management practices
  • To encourage risk reduction investment – by establishing risk-based premiums
  • To facilitate responses to and recovery from cyber-attacks

Quantifying cyber risks and Covering cyber risks.

  1. Quantifying cyber risks

 A number of factors hinder the development of sound actuarial risk and cost assessment techniques, and consequently have a negative impact on the supply of insurance coverage for cyber risk:

  • The limited availability of data on past cyber incidents
  • The rapid pace of change in the nature of cyber risk
  • The uncertainty about the effectiveness of different security technologies in terms of risk reduction
  • The potential for accumulated losses
  1. Covering cyber risks

The coverage of cyber risks by the insurance industry is developing at a fast pace. Nevertheless, more work needs to be done in terms of products, services and risk transfer mechanisms

  • Is coverage responding to all of the needs of prospective policyholders?
  • Is there a consensus in the markets towards either providing coverage in standalone or traditional policies?
  • How can we provide greater clarity on coverage for purchasers

Shifts & trends in the current cyber insurance market

  • Explaining the shift in sectors that are newly purchasing cyber insurance
  • Meeting the markets coverage needs
  • How insurers can position themselves for future market growth

Overcoming the lack of historical data on cyber incidents

  • What strategies can we use to quantify cyber losses in the absence of data
  • How can we improve the availability of data to underwrite cyber risk
  • How do we respond when data becomes out-of-date as a result of the fast-evolving nature of cyber risk

Delivering reliable cyber claims & incident management services

  • Unpacking each stage of the cyber claims process
  • Determining the impact of the cyber incident on the business
  • Delivering ‘calm’ amidst the ‘angst’ engaging multiple stakeholders and panel of expert

Implementing effective incident response

  • How do we manage and measure business interruption and losses following a breach
  • What are the legal risks and how can we mitigate against them
  • Managing brand reputation and communication challenges

From the Clients’ Perspective – Understanding the Key Considerations When Purchasing a Cyber Insurance, What Seals the Deal?

Incident Response Scenario Session

Conducting hands-on cyber exercises can improve your incident response plans by building the capacity to successfully respond to, and recover from a significant cyber event. In this interactive session, work with our incident response experts to manage an incident from initial breach to conclusion.

Whilst BMK Training has core courses which we offer on an international basis to both companies and individuals, we also recognise that from time to time, your company may have specific training requirements that cannot be satisfied in a public training environment.

We can bring our Training/workshops directly to your workplace or we will customize training to meet your specific needs ensuring effectiveness in achieving real performance improvement.
If you have 8 or more delegates then, in house training can be of a greater advantage for your organization.

Advantages of in-house training include:

  • Cost savings up to 50% of the training expenses with more effective group training.
  • Training is confidential, allowing teams to discuss and work on real issues as trainers will usually sign confidentiality agreements.
  • In-house training encourages team building and better understanding of one another
  • Training is fully-customized for any team, department, or organization

For Registration and other Training arrangements
contact us on the detail below
SA Tel: +27 11 057 6001    /   TZ Cell: +255 688 032 910
WhatsApp +27 79 574 0389 /  Fax: +27 862 637 253