Future of Threat Intelligence

Marsh's Sjaak Schouteren on the Golden Rule of Risk Assessment

Listen Later

Cyber insurance has transformed from a liability-focused niche product into a comprehensive business continuity tool, but widespread misconceptions continue to prevent organizations from maximizing its strategic value. Sjaak Schouteren, Cyber Growth Leader - Europe at Marsh, offers David how they combine risk quantification with business-focused communication strategies that give security leaders the tools to speak board language about cyber threats.

Rather than the complex audit processes, modern cyber insurance acquisition can be remarkably streamlined. Sjaak's experience managing real-world incident response highlights how proper coverage creates strategic advantages beyond simple risk transfer, including immediate access to specialized negotiation teams and forensics experts who can extend decision timeframes during crisis situations.

Topics discussed:

  • How the 2020-2022 ransomware surge taught insurers that mid-cap companies were primary targets requiring comprehensive coverage.
  • The three-pillar structure of modern cyber insurance covering first-party losses, third-party liability, and immediate incident response services without deductibles for initial crisis management.
  • Why risk quantification through scenario analysis and financial impact modeling provides CISOs with the business language needed to communicate effectively with boards and C-suite executives.
  • How risk engineers from security backgrounds have eliminated technical translation barriers between IT teams and underwriters.
  • The strategic advantage of immediate incident response coverage that provides access to specialized forensics, legal, and negotiation teams within 48-72 hours of an incident.
  • Why organizations with cyber insurance actually pay ransomware demands less frequently due to professional negotiation teams and comprehensive recovery support.
  • The evolution from narrow data breach coverage to comprehensive business protection across all organization sizes.
  • The distinction between risk mitigation through security controls and risk transfer through insurance as complementary rather than competing strategies.

    • Key Takeaways: 

    • Conduct cross-functional scenario planning to identify business-critical cyber risks before evaluating insurance coverage options.
    • Map potential cyber incidents on a risk heat map measuring probability and impact to distinguish between minor inconveniences and threats that could damage business operations.
    • Quantify average and maximum financial losses for each business-critical scenario to make data-driven decisions about risk.
    • Leverage specialized risk engineers from security backgrounds during the underwriting process to eliminate technical translation barriers.
    • Engage professional ransomware negotiators rather than attempting internal negotiations.
    • Position cyber insurance as business enablement rather than just risk transfer by demonstrating how coverage strengthens overall cyber resilience.

      • Listen to more episodes: 

      Apple 

      Spotify 

      YouTube

      Website

      ...more
      View all episodesView all episodes
      Download on the App Store
      Future of Threat IntelligenceBy Team Cymru
      • 4.5
      • 4.5
      • 4.5
      • 4.5
      • 4.5

      4.5

      11 ratings

      More shows like Future of Threat Intelligence

      View all
      Global News Podcast by BBC World Service

      Global News Podcast

      7,709 Listeners

      WSJ What’s News by The Wall Street Journal

      WSJ What’s News

      4,353 Listeners

      WSJ Tech News Briefing by The Wall Street Journal

      WSJ Tech News Briefing

      1,637 Listeners

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

      638 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,023 Listeners

      The Daily by The New York Times

      The Daily

      112,342 Listeners

      Click Here by Recorded Future News

      Click Here

      415 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      8,010 Listeners

      Talkin' About [Infosec] News, Powered by Black Hills Information Security by Black Hills Information Security

      Talkin' About [Infosec] News, Powered by Black Hills Information Security

      94 Listeners

      True Spies: Espionage | Investigation | Crime | Murder | Detective | Politics by SPYSCAPE

      True Spies: Espionage | Investigation | Crime | Murder | Detective | Politics

      1,960 Listeners

      Cyber Security Headlines by CISO Series

      Cyber Security Headlines

      134 Listeners

      Security Matters by CyberArk

      Security Matters

      22 Listeners

      Bloomberg Tech by Bloomberg

      Bloomberg Tech

      60 Listeners

      Microsoft Threat Intelligence Podcast by Microsoft

      Microsoft Threat Intelligence Podcast

      22 Listeners

      Better Offline by Cool Zone Media and iHeartPodcasts

      Better Offline

      548 Listeners