The risk function's role in preparing for a cyber-attack

24 November 2021

Scenario testing is a key tool in an insurer’s risk management armoury to prepare against a cyber-attack, according to Michael Hosking, chief risk officer for Gen Re International P&C.

Hosking will join a panel discussion on cyber risk and the role of risk management at InsuranceERM’s Insurance Risk & Capital EMEA virtual conference, which will take place on the 1st and 2nd of December.

Speaking to InsuranceERM ahead of the virtual event, Hosking said: “What we have done more recently is to try and enhance the depth to which that scenario testing is done by utilising tabletop exercises including the IT team, [and] working through the likely timeframes and decisions required during cyber events.

“The risk team can support the facilitation of that type of workshop approach and that is a really important role for us to play.”

He added: “We have been clear about what we think a realistic and plausible scenario is around a malicious cyber event, and then we test whether or not our expectations of process recovery times are within the business leader’s expectations.”

Hosking said there has been an increase in scale and sophistication of cyber-attacks since Covid-19 began and that trend looks set to continue.

“We have to collectively be more pro-active and agile in relation to security defences to mitigate that heightened risk.”

Metrics for identifying the source and scale of threat indicators are therefore very important, said Hosking.

“As part of our IT security group, we look at metrics around penetration testing, both internally and externally, and a metrics associated with attempted ransomware attacks and threat actors.”

Third-party risk and its vulnerability to a potential cyber-attack is an area Hosking’s team also closely monitors.

He comments: “Increasing the depth of due diligence and direct assessment of third parties should be an area of consideration. Utilising third parties in order to do some of that work may be a solution, where varying depths of penetration testing can be applied.”

To register for InsuranceERM’s Insurance Risk & Capital EMEA virtual conference click here. The agenda and full list of speakers can be found here.