The insurance industry, like other businesses, has come to realize it needs to do more to protect its companies, customers, employees and portfolios from cyber threats. Cyber-savvy professionals are in high-demand and are being scooped up by companies needing to protect their important information and business systems.
“Historically, the cybersecurity approach has been to build a big wall and put a moat around the castle to keep the bad guys out. I think what you are seeing is an increased recognition that nothing can be 100 percent secure and cyber resiliency and risk transfer are concepts increasingly accepted,” says David Kimmel, CEO of CyberRiskPartners, a company that provides decision-support cyber risk data analytics and risk transfer options to the insurance, risk management and cloud computing industries.
Kimmel says one of the biggest challenges with cyber risk for the insurance industry is that it is not a static risk – there can be dramatic fluctuations in response to technology and such issues complicate underwriting methodologies for insurers.
“A lot of underwriters are concerned about a ‘cyber hurricane.’ With ever-changing threat actors and vectors the difference between this and a weather hurricane that occurs in Florida is that a cyber hurricane can create problems around the world, not just in Florida,” he says. “There needs to be greater and greater cybersecurity and cyber event data to get the insurance industry more comfortable.”
In the Southeast, several colleges are at the forefront of recruiting and training students in their cybersecurity degree programs to bring more of these professionals to industries like insurance. Georgia Tech, Clark University in Atlanta, the University of South Florida and the University of South Alabama are among those providing cybersecurity education to hundreds every year.
Leaders of these programs say they see plenty of opportunities for their graduates to work with or for the industry in the development of cybersecurity products.
“The [insurance] industry is completely about risk and if they are going to venture into this new market they will need a better way to assess these risks and get the broad surface of what could happen and what the losses could be and how to assess the asset value,” says Dr. Randy Borum, professor and academic coordinator for Cybersecurity at the University of South Florida (USF) in Tampa.
USF’s cybersecurity master’s program is part of the statewide Florida Center for Cybersecurity – a statewide coordinated entity housed at USF that consists of several Florida colleges. The FCC was created and funded by the Florida legislature in 2014 to help Florida become a leader in recruiting, educating, training and employing cybersecurity professionals.
“If we can cultivate those people and create innovative solutions it will create more jobs and more companies will come to Florida,” says Borum.
In Mobile, Ala., the University of South Alabama (USA) recently became a National Security Administration designated National Center of Academic Excellence in Information Assurance/ Cyber Defense. The accolade is a prestigious honor that will help the University attract students who may not have otherwise come to the school or chosen another degree, says Dr. Alec Yasinsac, dean of the USA school of computing.