Cyber Risks and Their Threat to Finance With Omar Refaqat

In this episode of CHATTINN CYBER, Marc Schein interviews Omar Refaqat, Senior Manager of Crowe’s Cyber & Risk Consulting Practice. Omar has extensive experience working as a #Telecom and Networks Engineer at several successful companies before venturing into cybersecurity.

Omar’s chats about his engineering background which gave him a solid foundation to understand today’s threats, technologies, and opportunities.

Credit card fraud, email fraud, hybrid attacks, and sim spoofing are the different types of attacks increasing every passing day. Omar explains  simspoofing is the technique used to defeat MFA multi-factor authentication. In this type of #fraud, attackers redirect the messages or #data from your phone’s sim to their phone so that the authentication code you’re supposed to receive in your phone goes directly to them.

Cryptocurrency and blockchain adoption has exploded.  We chat about why there’s so much trust around the two technologies and why people are increasingly drawn to them.

Highlights:

“What we’ve seen over the last decade or so is really a convergence between that and cyber threats and cybercrime.”

“It’s interesting that it’s really a push-pull effect. The banks, central and insurance and credit unions are moving in this direction, but the cloud providers are finally also waking up to the fact that they have this huge industry out there that really wasn’t that excited about their products and services.”

“And that’s the basic technology underlying cryptos. Think of this as a distributed ledger where you don’t need an intermediary to provide that trust. And it’s really that everybody has access to it, you can see what everyone else is doing. And that’s where the trust comes from.”

“What we have seen from our perspective as an accounting firm, we have a risk practice, we have a consulting practice, we have a fairly large audit practice as well. All these things tying together security can no longer be treated as siloed service or applicant application.”

“The way we work with our clients is, as we said, we start with really helping them from the advisory perspective, from a consulting perspective in doing risk assessments, understanding where the technology risks lie in helping them put together those in various programs to help build controls mitigate the risk to the extent that they want to and they need to, and then come in as retirement as an audit practice and make sure that, that ethical framework is is compliant and effective.”

Time-Stamps:

[01:17] – Omar shares his life’s story with us

[03:44] – Omar shares about his time in the finance industry and the convergence of finance and cyber crimes

[06:43] – What is sim spoofing?

[15:15] – What technologies can financial services industries make use of?

[25:38] – Why technology can no longer be seen as a siloed type of service

Connect with Omar:

LinkedIn: https://www.linkedin.com/in/omarrefaqat/

 

 

 

 

 

 

 

 

 

 

 

Brian Warszona’s journey through the cyber insurance industry

In this episode of CHATTINN CYBER, Marc Schein interviews Brian Warszona, UK Cyber Deputy Practice Leader at Marsh McLennan. Brian has over a decade’s worth of experience in the cyber insurance space and has, over the years, shifted from the carrier side to the broker side of the industry.

Brian started his career working with Marsh in Chicago for six years. He then worked as an underwriter at Chubb for two years. Later, Brian helped create the Chicago office for another brokerage firm, before landing his current job at Marsh McLennan.

Brian discusses why shifting from the carrier side to the broker side gave him a whole different perspective on the industry. He could talk about risk in a way that would make it more efficient for both the company and the client. He was creating solutions and bespoke policies for the clients.

Brian explains in detail the terms underwriter and syndicate and how they function in cyber insurance. He also distinguishes an underwriter’s role at Lloyds and in the States and explains his preferences across the geographies. According to Brian, a syndicate has to report back into Lloyds about what they’re doing from a financial stability side of things.

We also discuss the impact of COVID in the industry. Brian shares that from a coverage standpoint, nothing has changed in the pandemic. But there have been revolutionary changes elsewhere. COVID has not only affected Lloyds but also changed the way clients deal with businesses. They don’t have in-person underwriting meetings with syndicates and underwriters from the syndicates so frequently today.

Towards the close of the episode, we talk about Brian’s article on human-capital management regarding cyber risk and discuss the points to keep in mind while identifying suitable vendors.

Highlights:

“I think it’s [the pandemic] allowing us to be a little bit more connected. In some cases, we probably have too many zoom meetings because of it. But on the flip side, we actually have a lot of communication going back and forth, whether it be through zoom teams, or instant messages or wherever it might be.”

“From an analytic standpoint, to the corporate side of things, I really wanted to be in that room with the client talking about, here’s what we can do here. And here’s all the different solutions.”

“I don’t think we can go through a cyber conversation around the market if we didn’t talk about ransomware.

Time-Stamps:

[00:58] – Brian discusses his journey in the cyber insurance industry

[02:21] – Brian shares why he decided to shift from the carrier side to the broker side of the business

[03:35] – Discussing the London insurance mentality

[05:30] – Explaining the terms syndicate and underwriting

[06:39] – The influence of the pandemic in revolutionizing work practices

[08:54] – Talking new requirements in London based carriers

[10:18] – Human Capital Management with regards to cyber risk

[14:59] – Identifying suitable vendors

 

Connect with Brian:

 

LinkedIn: https://www.linkedin.com/in/brian-warszona-36891b12/?originalSubdomain=uk

 

 

 

Cyber Insurance And The Pivots In Underwriting – An interview With Meredith Schnur

In this episode of CHATTINN CYBER, Marc Schein interviews Meredith Schnur, Managing Director and US Cyber Brokerage Leader at Marsh USA, Inc. Meredith offers actionable insights.

Meredith talks about progression in the cyber insurance space. Underwriting and brokerage today look a lot different from how it was in the past. In terms of negotiating arrangements with your clients, bigger always means better. Hence, you cannot survive without developing personal relationships with your clients.

We also learn the challenges that the cyber insurance industry faces – the most substantial challenge being underwriting. It’s not the strategies but the implementation of the strategy that is turning to be demanding. Also, the amount of information that clients have to supply to the underwriting community has undergone a dramatic shift. Hence, the challenge lies everywhere, from allocating resources, getting the right people to the table, answering their questions, understanding the cyber risk profile of an organization, and communicating that to the underwriting community.

Meredith also talks about the common misconceptions around cyber insurance. Clients are still unaware of the amount of underwriting and required information that needs to be supplied at any time. Hence, price hikes are not as welcome to them as we might require.

Speaking about where the future of cyber insurance is, Meredith, says it is undoubtedly in a sustainable and healthy market. For that to take place, stabilization is needed. In the next-generation training program organized by Marsh, building networks and coming out of your comfort zone is vital. Programs like the Track program and Cyber mentorship program help young minds receive adequate mentorship and support.

To part with, Meredith provides advice and guidance to the next generation of insurance professionals who are hoping to get into this field. If risk management truly thrills you, then it is highly recommended that you choose this field!

Quotes:

“From the late 90s to mid-2000s, we called it Network Security and Privacy because that was what it was. We were protecting the network and the overall adoption of this term cyber.”

“If you can’t truly understand the purpose of the policy and the intent of that policy, make sure we understand what the words really mean and what they say.”

“However, if you don’t have the ladder, the second part of being able to truly understand the art of relationship building, technical nature, and how to actually work with all different shapes, sizes, and each deal specifically, you can’t have it.”

“I think the largest challenge that we’re having, even with our largest clients, is the very sharp pivot in underwriting.”

“Sustainable healthy market is what I foresee in five years time. A sharp pitch pivot is needed and required in order to do that, along with stabilization.”

“It is completely underestimated how important having mentors in the business is. It is completely underestimated how to build a network and what building a network can do for your career and for your comfort level. It actually teaches you how to be comfortable in the uncomfortable.”

Time-Stamps:

[03:56] – While negotiating with clients, does bigger mean better in terms of leverage?

[06:07] – Challenges in today’s marketplace.

[08:32] – Misconceptions clients have about cyber insurance.

[13:02] – Next-gen training at Marsh to create future leaders in insurance.

[16:14] – Advice to young folks hoping to get into cyber insurance.

Connect with Meredith

LinkedIn: https://www.linkedin.com/in/meredithschnur