Privacy vs. Security: Navigating the Challenges of Cyber Risk with Ben Goodman

Summary

In this episode of Chattinn Cyber, Marc Schein is chattin’ with Ben Goodman, the founder and CEO of CyRisk, about the evolution of cybersecurity and the growing concern of privacy in the industry. Ben shares his background in technology and his experience working with companies to improve their security and compliance.

They discuss the increasing importance of privacy in the cyber risk landscape, with privacy settlements surpassing security settlements in recent years. Ben emphasizes the need for organizations to focus on pre-incident planning, training, and preparation to mitigate privacy risks effectively.

When discussing how carriers are handling privacy risks, he notes that carriers are still figuring out how to underwrite the risk in a soft market. He highlights the challenge of carriers not having access to comprehensive data and organizations themselves often being unaware of their own exposures. He suggests that carriers should focus on differentiating themselves and finding ways to underwrite privacy risks effectively.

They also touch on the different industries and technologies that are more susceptible to privacy exposures. Regulated industries, such as healthcare, are under scrutiny and face regulatory actions and fines. Advertising and marketing technologies also pose significant risks, and organizations should take steps to mitigate these risks.

Ben explains how CyRisk helps policyholders with privacy issues through their platform. They offer real-time detection of exposures, analysis of policyholders’ active policies for compliance, and provide detailed reports with recommendations. CyRisk’s privacy attorneys contribute to building out the platform and offering solid advice to policyholders.

Looking ahead, Ben predicts that privacy risks will continue to be a significant issue. He mentions the increasing use of micro-targeting AI and the potential challenges it poses in terms of privacy and bias. Governments and regulators will need to keep up with these developments to protect individuals’ privacy.

Overall, the interview covers various aspects of privacy risks in the cyber risk landscape and provides insights into how organizations and carriers can address these challenges.

Key Takeaways

  1. Privacy is becoming a major concern in the cyber risk landscape, with privacy settlements surpassing security settlements. Organizations need to prioritize pre-incident planning, training, and preparation to effectively mitigate privacy risks.
  2. Carriers are still grappling with how to underwrite privacy risks in a soft market. Differentiation is challenging, and the lack of comprehensive data and organizations’ limited awareness of their own exposures pose difficulties.
  3. Certain industries, such as healthcare, are under scrutiny and face regulatory actions and fines due to privacy breaches. Advertising and marketing technologies also present significant risks that organizations should address.
  4. CyRisk offers a platform that helps policyholders with privacy issues. It provides real-time detection of exposures, compliance analysis of active policies, and detailed reports with recommendations. Privacy attorneys contribute to the platform, offering solid advice to policyholders.
  5. The use of micro-targeting AI poses challenges in terms of privacy and bias. Governments and regulators will need to keep up with these developments to protect individuals’ privacy. Privacy risks are expected to remain a significant issue in the future.

Key Quotes

“The confluence of privacy risk in cyber insurance and the associated cyber risk… there’s the data leakage part of it, there’s real data breach exposure with this privacy risk.”

“Last year, 2022 privacy settlements actually exceeded security settlements by about 180 million.”

“The more that organizations could do from a pre-incident perspective, from a planning and training and preparation, I think the better off they are.”

“A lot of carriers don’t really see the data. They don’t know how to get that data… relying on questionnaires only goes so far.”

“Regulated industries are clearly under a microscope… they’ve already shown that they’re taking action not just with investigations, but with fines and penalties, millions and millions of dollars.”

About Our Guest

Ben Goodman is the Founder and CEO of CyRisk Inc., a leading cybersecurity and risk management company. Prior to founding CyRisk Inc. in July 2018, Ben also founded and served as Chairman of 4A Security & Compliance, a company focused on helping organizations achieve security and compliance.

In addition to his entrepreneurial ventures, Ben is also a faculty member at Drexel University’s LeBow College of Business, where he shares his expertise and knowledge with aspiring professionals in the field of cybersecurity. With a passion for solving complex technology problems and managing security and compliance components, Ben has dedicated his career to helping organizations navigate the ever-changing landscape of cyber risk.

Ben’s extensive experience and deep understanding of the industry have made him a sought-after expert in the field. He has been featured in various podcasts, conferences, and industry events, where he shares his insights on topics such as privacy, data breaches, and the future of cybersecurity. Through his work at CyRisk Inc. and his contributions to academia, Ben continues to make significant contributions to the field of cyber risk management.

Follow Our Guest:

LinkedIn

About Our Host

National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums.

Follow Our Host:

Website | LinkedIn