It is increasingly apparent that the cyber risk exposure of private sector entities is rapidly mounting, while mechanisms for assessing this exposure, managing it, and channeling some of the risk have yet to catch up. Moreover, some of the existing arrangements to underwrite cyber risks may not even be sustainable. A robust cyber insurance market could be both the beneficiary and the stimulant for far better cyber risk management.
Our four organizations are coming together to convene a high-level workshop in an effort to identify the key obstacles standing in the way of building a more mature cyber insurance market and to devise a strategy for addressing these obstacles. We aim to bring together under one roof for a day and a half diverse stakeholders from industry, government, and the NGO community to help develop a compass for moving ahead constructively on this front. Toward this end various stakeholders in the Israeli government are willing to explore how Israel could responsibly develop a beta site for testing the solutions identified by the workshop participants.
This workshop will convene key players – state regulators and cyber agencies, insurers and re-insurers, cyber risk quantification and modelling start-ups – in one place along with global big-thinkers from the relevant research and innovation fields. The aim will be to develop a compass for a true cyber insurance market progression. A genuine public-private partnership to jointly brainstorm in an intimate, closed-door workshop will allow key stakeholders to set holistic policy solutions for the challenges at hand.
The agenda of the workshop will cover the following issues:
- War exclusions, or what risks would cyber risks exceed insurers appetite for underwriting
- Backstopping mechanisms – what should be the threshold for state intervention and the modalities for doing so
- Risk assessments and monetization of cyber risk exposure
- Risk aggregation and the regulation for insurance carriers' solvency
- Models for information sharing and cooperation between states and insurers
- Cyber risk credit rating as complementary incentive for better cyber risk management.
Agenda (Day I)
December 3, 2019: Jerusalem Dan Hotel
17:00-17:10 – Welcome and Introductions
- Ariel E. Levite, Carnegie Endowment for International Peace
- Yuval Shany, The Federmann Cyber Security Center, The Hebrew University
- Shani Sharvit, Israeli National Cyber Directorate
- Eli Sugarman, Hewlett Foundation
17:10-19:00 – Session I: Between Wars and Cyber Wars (and other cyber offensives)
How does confrontation in cyberspace differ from classical wars? Where does insurance fit into the overall strategy for confronting cyber risk? How can coverage for warlike cyber risks be excluded and still leave insurance as a meaningful risk channeling mechanism for cyber risks?
- Security Policy Considerations: Igal Unna, Israeli National Cyber Directorate
- Thinking About the War Exclusion in Cyberspace: Jurgen Reinhart, Munich Re
- Open Issues and Dilemmas: Itai Benartzi, Israeli National Cyber Directorate
19:00 – Transportation to the Reception and Dinner
20:00 – Reception and Dinner at Modern – Israel Museum Jerusalem
22:00 – Transportation Back to the Hotel
Amit Ashkenazi, Israel National Cyber Directorate (INCD)
Asaf Lubin, Harvard Law School and The Hebrew University of Jerusalem
David Levi Faur, The Hebrew University of Jerusalem
Eli Touboul, Capital Markets, Insurance and Savings Authority
Gil Cohen, Tel Aviv University
Michal Shlomo, Menora Mivtachim Insurance Company
Monica Ruiz, Hewlett Foundation
Nick Beecroft, CyberCube
Noa Vider, Finance Division, Accountant General Office
Refael Franco, Israel National Cyber Directorate (INCD)
Robert Morgus, Cyberspace Solarium Commission, US Government
Udi Nisan, The Hebrew University of Jerusalem
Yael Goren Hezkiya, Israel National Cyber Directorate (INCD)
Yogev Gardos, Israel Ministry of Finance
See Also: Day II.