Matt McCabe
Senior Vice President, Network Security and Privacy Practice
Marsh

Catherine Mulligan
Senior Vice President of the Management Solutions Group, Specialty Products
Zurich Insurance

Moderated by
Greg Rattray
Senior Fellow, Cyber Statecraft Initiative, Brent Scowcroft Center on International Security
Atlantic Council

Facing ever-expanding cyber threats, businesses are assessing various strategies to mitigate cyber risks. Insurance is positioned at the forefront of solutions emerging in information security and cyber risk management. The next Cyber Risk Wednesday will feature cyber insurance experts presenting on demand for insurance in responding to cyber risks, existing cyber insurance products and models, and costs and benefits of using insurance to tackle cyber threats. Following the presentations, a moderated discussion and Q&A session will further debate solutions to an evolving cyber threat landscape.

Cyber Risk Wednesdays brings experts from government and industry together with policymakers to examine topics at the core of the Cyber Statecraft Initiative’s study of interrelated cyber hazards and underlying concentrations of risks. The series is designed to expose stakeholders from the technology, policy, and risk management communities to vibrant new cyber topics and provide a venue for the exchange of ideas.

Unable to attend in person?
Follow the discussion live via webcast on the Atlantic Council website. Be part of the conversation and interact with the experts by submitting questions via Twitter at #CyberWednesdays.

Missed last Cyber Risk Wednesday?
The launch event addressed systemic cyber risks and their implications on the future of the internet. The video and summary are available here.

About the Project
Even as more companies and governments are increasingly critically exposed to cyber risks, there has been little thinking on systemic cyber risks.  In some ways, this is strikingly similar to how the financial sector handled risks preceding  the 2008 crisis.  Prior to then, financial risks were assessed one organization at a time, not recognizing how a shock to one sector, US sub-prime mortgages, might cascade to take down everyone else, even those who didn’t own at-risk mortgages. Similarly, cybersecurity professionals follow the same method today, looking at cyber vulnerabilities one organization or one nation at a time, without looking at the systemic risks to the overall system. Strong security may not shield even the best-protected companies from cascading cyber shocks.