Skip Ribbon Commands
Skip to main content

Cyber Digitial Survival in the 21st Century

ACT News Meeting Edition - June 2019

ACT Meeting June 2019 ACT News.pngPresenter: Kevin Baker, Westfield


Ransomware is multibillion-dollar business. Same old crimes. Different methods. Unfortunately, you cant really count on law enforcement for cyber crime. Prevention is, therefore, crucial.


If you call yourself a risk manager, can you really not do well at cyber risk? It requires investment in people and will not be easy to prove ROI because you are trying to answer the question, What didnt happen?


Building a solid cyber-security program requires a series of steps. First, we have to know what we are threatened by. Then we need to ascertain what we can do to shut out or shut down those threats. Most cyber security starts with moats or firewalls that stop intruders from incursions in the first place. More-sophisticated programs increase protection through a layered method that blocks intrusion but responds if something harmful gets through.


Now, many larger companies can react very fast and shut an incursion down before serious harm is done. As a carrier, we dont trust any single control. It is the aggregation of many solutions that provides true security. We use artificial intelligence, automation and big data analysis to secure our systems and track hackers.


Attributes of a good information security program:

  • Is deliberate
  • Doesnt depend on a single defense
  • Assumes intrusion will occur
  • Automates detection and reaction
  • Moves away from signature-based technology toward behavior-based tech and then to AI
  • Doesnt allow security vendors to drive program strategy
  • Isnt a battle you can win by yourself


The NAIC Model Law for cyber security is gaining adoption by statesknow it and know your vendors. You are responsible. Remember, compliance doesnt produce security; rather, security will make you compliant.


We are going to have to share our experiences to beat cyber crime. The bad guys are sharing methods. Why arent we? Banks are, which makes them smarter. We need to also.


Technology is only part of the answer - Changing behavior is the major part.


Some carriers are taking steps to enforce cyber security. For example, Westfield is rolling out multifactor authentication for our new agency partners beginning this summer.

 From the Editor: Learn about InsuraShield here. Also, access more highlights from the May 2019 ACT Meeting here!  

​127 South Peyton Street
Alexandria VA 22314
​phone: 800.221.7917
fax: 703.683.7556

Follow Us!

Empowering Trusted Choice®
Independent Insurance Agents.​