Connect with us

Business

Rethinking cyber insurance and what to consider beforehand

Source: Finance Derivative

By Niall McConachie, regional director UK & Ireland at Yubico

To mitigate the potential reputational and financial implications of a cyberattack, CISOs should always be aware of emerging trends across the cyber threat landscape. With cyberattacks becoming increasingly powerful and complex, more and more organisations are considering cyber insurance – either for the very first time or for expanded coverage.

However, cyber insurance premiums are also becoming more costly, by 150-300 per cent in some instances. When approaching an insurer, applicants must do their due diligence before entering negotiations for better premiums on policies that will pay out in dire circumstances.

Considerations before opting for cyber insurance

Most cyber insurers operate by assuming that data breaches are rare events, and only pay out in the most critical cases. However, reports reveal that over 81 per cent of UK businesses were targeted by at least one cyberattack within the last year. With the increased volatility and frequency demonstrated by today’s cyberattacks, insurance providers have also increased the costs of their premiums, needing to offset surges in customer policy pay-outs. Cyber insurance pricing in the UK has consequently increased by 20 per cent thus far, and is only expected to rise.

The value of cyber insurance should not be underestimated, as policies can be a determining factor in ensuring the continuity of a business. However, insurance policies only help to recuperate financial losses following a cyberattack and do not offer cybersecurity preventative measures. Therefore, it’s the customer’s responsibility to implement the measures needed to thwart an emerging attack from the start.

Niall McConachie

Insurance applicants with proof of robust protections already in place will be offered a lower premium than other applicants, as they are less likely to make a claim soon after. Therefore, organisations looking to take out cyber insurance coverage should first consider these six factors to successfully prevent a cyberattack from occurring.

  1.       Protect the remote workforce

There are more employees working from home than ever before, on either a hybrid or fully remote basis. Subsequently, the decentralised security which resulted from these work models has caused the number of emerging attack vectors to soar. This has not been ignored by cyber insurers. Cybercriminals are not shy to prove just how advanced their attack capabilities truly are, with hackers no longer breaking in, but simply logging on via stolen login credentials. In fact, weak and stolen login details contribute to over 80 per cent of successful cyberattacks. Thus, CISOs must think beyond firewalls, web proxies, and data protection. Instead, robust multi-factor authentication (MFA) should be the way forward to ensure the protection of remote workers.

  1.       Be aware of policy changes

With customer policies, cyber insurers will avoid paying out large sums – or at all, if possible. To prevent this, it’s important to document the downtime and all losses from the first instance of a cyberattack or security-related event. Insurance providers will also want to reduce losses of their own. In doing so, insurers may allocate items of a protection policy into specific categories such as identity protection, hardware and system replacements, ransomware pay-outs, and losses due to downtime. Before, these categories would have been offered as one customer package. However, nowadays, it is customary for these items to be separated. This prompts insurance agencies to spread the risk through reinsurers, making cyber insurance policies even more difficult to navigate as a result.

  1.       Last-minute security initiatives

If an organisation needs cyber insurance quickly, there may not be enough time to go through a full round of security updates. Alternatively, organisations in these circumstances can implement quick cybersecurity initiatives to include in their applicant profiles. These last-minute initiatives can include improved cybersecurity measures, implementing MFA solutions, or enforcing business-wide cyber training.’

  1.       Execute a business-wide review

According to the US’s National Institute of Standards and Technology (NIST) Risk Management Framework, cyber risk evaluations must be scheduled regularly to review any internal and external threats. This process should incorporate a thorough assessment of all user permissions, including IT administrators and critical staff. It’s also important to decide what the most valuable data is and focus cybersecurity efforts on security breach cases that are most likely to occur.

Implementing business-wide MFA should be the minimum objective when performing a cybersecurity review. Following a thorough review, applicant organisations should share the detailed results with the insurer, as this will position the organisation more favourably to negotiate their coverage premiums.

  1.       Passing the insurer’s requirements

Most often, cyber insurers will require a cyber vulnerability evaluation by applicants to assess any existing security gaps and other possible concerns. As global governments continue to implement additional cybersecurity regulations, the use of usernames and passwords will no longer be enough to pass minimum cyber insurer requirements or new de facto industry standards. Previously, the minimum applicant requirement was met with just a CISO’s signature to verify that standards were being followed. This is no longer the case as insurance companies now require more exhaustive processes – especially when it comes to higher-risk or higher-liability policies.

  1.       Ensuring a policy pay out

It is important for applicants to follow best practices to ensure they have a complete understanding of what the insurance policy will involve and that their most critical assets are insured appropriately. Therefore, organisations should review all proposed insurance policies with the same amount of scrutiny as the insurer may have when assessing new customers.

Additionally, applicants should be wary of generic cyber insurance policies, as the insurer may have their own set of specific cyberattack scenarios, how they may occur, and what attack vectors they should be aware of. Here, enlisting the help of a qualified legal consultant familiar with cyber insurance policies can greatly benefit applicant organisations. With a consultant’s help, stakeholders can set their own specific cybersecurity vulnerabilities to be covered by insurance.

Organisations should only sign an insurance agreement with full confidence in their decision. Only once the specifics of the policy are understood and accounted for can the applicant organisation make an informed decision about which cyber insurance policy is truly right for them.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

Building thriving innovation hubs & startup ecosystems

By Gianna Pinasco

Building thriving innovation hubs and startup ecosystems matters because they serve as catalysts for economic growth, fostering collaboration, entrepreneurship, and the development of transformative solutions to societal challenges.

For the last 6 years, I have studied and worked with government, corporate, and academia partners to create and nurture innovation hubs and startup ecosystems — also known as entrepreneurial ecosystems. In this article, we will define these concepts and zero in on the key components for building thriving ecosystems that drive innovation and entrepreneurship.

What are innovation hubs and startup ecosystems?

Before we begin, we should clarify what is a) an innovation hub and b) a startup ecosystem. Sometimes, these terms are used interchangeably. Whilst they may be related, they are very different things.

Firstly, an innovation hub is a physical or virtual place designed to foster creativity, collaboration, and technological advancement, offering access to resources like mentorship, funding, and workspace.

In contrast, a startup ecosystem (also known as an entrepreneurial ecosystem) is an interconnected network that works together to nurture entrepreneurial development and societal growth. An innovation hub, for example, is only a small component of an entrepreneurial ecosystem.

The Building Blocks of an Entrepreneurial Ecosystem

At a basic level, most entrepreneurial ecosystems share six key interconnected elements that work independently and with one another to support entrepreneurs and drive innovation. These include:

Human Capital

Human capital is crucial for the success of an entrepreneurial ecosystem. Talented individuals bring expertise, creativity, and experience – essential for developing new ideas, solving complex problems, and scaling businesses. These drive skilled workforce, innovative entrepreneurs, and knowledgeable investors needed to drive growth and innovation.

By investing in and collaborating with universities, educational institutions, and training programmes that nurture desirable skills, you can develop skilled entrepreneurs and employees to secure a continuous pipeline of capable professionals to sustain the ecosystem’s dynamism and competitiveness.

For example, our team recently visited Kuwait to help launch the Kuwait Digital Startup Campus project. The project results from a public-private partnership aiming to nurture local talent to support the development of the Kuwaiti ecosystem. The project partners understood that Kuwait would need to invest in its human capital to achieve its vision of becoming a leader in finance and trade. This project will help to support the overall ecosystem by supporting the development of skilled entrepreneurs and employees.

Policy

Thriving entrepreneurial ecosystems require the implementation of policies that create a conducive regulatory environment for innovation. This necessitates the intervention of policymakers, regulators, and experts to formulate and implement suitable policies. Effective policies are typically designed to promote entrepreneurship, remove bureaucratic barriers, and provide incentives and support for startups (Stam & Spigel, 2016).

One can look to the UAE as an example of how progressive policies have helped it become a leader in developing and adopting innovative vertical take-off and landing (VTOL) technology. Last year, the UAE General Civil Aviation Authority published the world’s first national regulation covering vertiports’ design and operational requirements and the efficient and safe operation of VTOL aircraft. Looking ahead, the UAE can expect to roll out the world’s first air taxi services.

Finance

Access to financial resources and funding is critical for an entrepreneurial ecosystem as it fuels business growth and innovation. Startups need funding to develop products and services, hire talent, and scale operations. Adequate financial resources enable entrepreneurs to access critical capital streams to drive growth and navigate early-stage challenges.

Diverse funding options, including venture capital, angel investors, and grants, attract and retain startups. A major part of London’s success is due to its strength as a leading financial hub, providing access to venture capital (VC) firms, angel investors, banks, and other financial institutions. According to the Startup Genome, available VC funding for startups in London alone was $101 billion (2019-2023) compared to the global average of $4.6 billion. Additionally, the government’s startup loans scheme offers new businesses up to $31,500 per co-founder at a 6% interest rate.

Access to finance ensures that promising ideas can be transformed into viable businesses, driving economic growth, job creation, and technological advancements within the ecosystem.

Markets

Market access is vital for thriving startup ecosystems. It enables startups to connect with potential customers, suppliers, and partners. A healthy ecosystem facilitates these connections, providing opportunities for startups to gain traction and scale. For example, large corporations within the ecosystem can become key customers, suppliers, or partners, offering valuable resources and market reach.

Further, access to local and international markets ensures startups can grow, innovate, and compete globally, driving economic growth and sustainability within the ecosystem. London does this well, offering access to potential customers, suppliers, partners and other resources and connections needed to grow and succeed. This market access ultimately fosters a vibrant environment where startups and entrepreneurs can thrive and succeed.

Culture

Culture is another vital component in building a thriving entrepreneurial ecosystem as it shapes societal attitudes towards entrepreneurship. A supportive culture values innovation, risk-taking, and learning from failure, encouraging individuals to pursue entrepreneurial ventures. It fosters an environment where role models and success stories inspire aspiring entrepreneurs.

A strong network of experienced entrepreneurs also provides mentorship and guidance, helping new startups navigate challenges. This positive cultural foundation attracts talent, investment, and collaboration, creating a dynamic and resilient ecosystem where startups can flourish and contribute to economic growth and innovation.

Ecosystems like Silicon Valley in the USA, London in the UK, and Dubai in the UAE owe a great deal of their success to having cultivated cultures conducive to entrepreneurship, providing support and incentives for entrepreneurs and innovators, encouraging risk-taking and the ability to learn from failure, making them leaders in the development and adoption of several groundbreaking technologies.

Support Systems

Support systems within an entrepreneurial ecosystem encompass a wide range of resources and services that facilitate the growth and success of startups. Key supports include access to innovation hubs such as incubators, accelerators, and coworking spaces, which provide essential infrastructure, mentorship, and networking opportunities.

It also refers to university availability and professional services like legal, accounting, and marketing which are crucial for startup development and growth. Likewise, educational and training programs on entrepreneurship offer valuable knowledge and skill development, empowering entrepreneurs to innovate and scale their ventures. Together, these supports create a robust foundation that nurtures startup potential and drives sustainable economic growth.

Remember: context is king.

Whilst the elements outlined above are essential for building a thriving entrepreneurial ecosystem, potentially the most crucial element of all has yet to be mentioned: context.

When setting out to create a thriving entrepreneurial ecosystem, it is important to understand the unique social, economic, and environmental context within which it will exist and operate. Each local or virtual community has its own needs, strengths and weaknesses. Depending on where and when you are operating, you will have differing levels of access to resources, talent, and market opportunities. This is why you can take lessons from other thriving entrepreneurial ecosystems, but you cannot expect to replicate the results. You will need to tailor your support systems, policies, and initiatives to fit your unique context to allow for success.

Lastly, all ecosystems are vulnerable to disruption, affecting overall stability and success. By prioritising development based on your strengths and actively working to manage your weaknesses, you can build a more resilient ecosystem. At the end of the day, a context-aware approach creates a more sustainable and impactful ecosystem that will resonate with and benefit the community it serves.

Continue Reading

Business

Why fintech is the catalyst for a new and bold generation of investors

Source: Finance Derivative

By Jeremy Baber, CEO of Lanistar

Investing has evolved since the days of safe blue-chip stocks and government bonds. There’s a new wave of bold investors who have been inspired by the accessibility and ease-of-use offered by fintech innovation. According to Charles Schwab UK’s Investment Forces report, this new generation of investors is taking a bolder approach. Dubbed ‘Gen T’, this generation is taking a pass on the slow game, and the influence of fintech has helped them gain the confidence to do so.

A new way to invest

Investing in stocks has been a route to growing cash for hundreds of years. Since the opening of the Amsterdam Stock Exchange in 1602, the fundamental principles of investment have essentially stayed the same. Investors balance risk and reward to maximise their return on investment. What has changed, particularly in the last decade, is that the ability to invest has become a much more democratised process, with many more people able to educate themselves on investment strategies and access a wide array of online investment platforms. Fintech has been a crucial component of this change.

What fintech offers consumers is an intuitive, tech-fuelled approach to finance with a focus on simplicity. At its core, fintech is consumer-centric, placing the user at the heart of all its products. It has also brought on a new wave of technological innovation to the financial world, producing the next generation of apps and platforms. Consumers today not only have access to a wide array of investment platforms that are simple and easy to use, but they also have greater access to financial education resources. A strong example of the broader range of investment options available today is micro-investing platforms, which allow their users to invest small sums into a diversified portfolio of assets that might include stocks, exchange-traded funds (ETFs), or even cryptocurrencies. This market continues to grow year on year, valued at $19 billion in 2023.

From the fintech wave has emerged a new way to invest. Investment platforms make use of the latest innovative technologies, like real-time data and analytics and automation, to deliver a hyper personalised customer experience that makes investing simpler and easier than ever before. In simple terms, these platforms are built using the fintech model.

Staying financially literate in a chaotic world

Whilst ‘Gen T’ are demonstrating behaviours closer to professional traders, according to Charles Schwarb UK’s report, they also harbour strong concerns over whether investment strategies will lead to heavy losses. Where 50% of boomers said they were unsure of how to adapt their investment strategies to avoid losses, 74% of millennials and 73% of Gen Z said the same. In this way, whilst investing has become easier and more accessible, younger and more inexperienced investors are feeling the heat of today’s turbulent financial markets.

Just as fintech helped to democratise access to investing, it also needs to ensure that all investors – from teenagers to old-age pensioners – are financially literate enough to know what they are investing in. The Organisation for Economic Co-Operation found that just 67% of UK adults were financially literate. This places the UK 15th out of 29 OECD countries for financial literacy. At a time where living costs are sky high and many people are struggling with their finances, it is crucial that financial services providers help to educate their customers and increase the UK’s financial literacy rates. In its customer-centric and highly personalised approach, fintech can lead the way with helping the UK to become more financially literate.

Some fintechs have already started to turn the wheel on financial literacy, providing educational resources within their apps and products. Data and analytics are also key to financial literacy, helping consumers to understand their specific spending habits and support them in making extra savings. When it comes to investing, there have been examples of apps that allow customers to set aside their savings to create portfolios, promoting a sustainable method of investing. Ultimately, where fintechs will deliver the most value to consumers is in providing a truly personalised and simple way to understand their finances.

Fintech’s enduring role

Times have changed, and with a new era of investing being ushered in by an array of new apps and products, the financial services industry must take steps to protect its customers. Whilst it’s a good thing that investing has become easier and more accessible, those who are signing away their savings must be protected. Regulation will play a key role, and the FCA has already enacted some encouraging work in its Consumer Duty regulation brought on in July 2023.

How we as an industry choose to enact this protection will be crucially important in the next decade. I am confident that just as it played a large role in democratizing investing, fintech will be a significant player in the continuing to shape the investing market in the future.

Continue Reading

Business

The Future of Financial Services: Personalised experiences powered by AI, secured by privacy

Source: Finance Derivative

By Erin Nicholson, Global Head of Data Protection and Privacy at Thoughtworks

Over half (51%) of European consumers want more personalised financial services, but a
significant minority (22%) are less comfortable sharing data for this purpose compared to last
year, according to a report by Twilio. This highlights the core tension in today’s financial
landscape: personalisation and privacy.

Consumers crave tailored financial advice and products. They want their banks and financial
advisors to understand their unique needs and goals. Yet, data privacy regulations like GDPR and CCPA make leveraging personal data for such purposes a challenge. These regulations restrict how financial institutions can collect, store, and use customer data.

As a data protection and privacy specialist, I am fascinated by bridging this gap. I question how we can achieve personalisation for clients while remaining compliant with these regulations?

The answer lies in a three-pronged approach utilising Artificial Intelligence (AI): leveraging both predictive AI and generative AI (GenAI) and also leveraging Privacy Enhancing Technologies. This approach empowers financial institutions to personalise the client experience while safeguarding sensitive data.

AI-driven lead generation with privacy at its core

Traditional prospecting methods often rely on incomplete data or outdated strategies. Sifting
through vast datasets to identify potential clients can be a time-consuming and inefficient
process. Here’s how AI can help:

Predictive AI can analyse anonymised or aggregated data sets to uncover patterns and trends. This data can be used to create a “probability-weighted list” of potential clients, highlighting those with a higher likelihood of being receptive to specific financial products or services. This approach provides valuable insights without requiring access to sensitive personal information.

Cross-selling reimagined: connecting the dots without data sharing

Cross-selling within a financial institution can be a powerful strategy to deepen client
relationships and drive revenue. However, identifying potential connections between existing
clients and those who might benefit from products offered by different divisions has always been a challenge due to data silos and privacy concerns.

Here’s where GenAI comes in.

GenAI, Federated Learning, and Homomorphic Encryption unlocks the power of graph-based
algorithms. These algorithms can analyse connections between data points without actually
sharing the underlying sensitive data itself. Imagine a system that can identify potential
cross-selling opportunities between different client segments, allowing banks to recommend
relevant products or services while maintaining strict data privacy boundaries.

The power of combining personalisation and privacy

This two-pronged AI approach offers significant benefits for financial institutions:
Increased efficiency: AI streamlines prospecting efforts, allowing institutions to focus
resources on qualified leads.
Enhanced customer experience: Personalised recommendations based on anonymised
data insights foster stronger client relationships.
Reduced regulatory risk: Minimising reliance on sensitive data minimises regulatory risks
associated with data privacy violations.

The broader potential of genAI

GenAI’s potential extends beyond initial client acquisition and cross-selling. Imagine, for example, using genAI to create educational content tailored to each client’s needs and financial literacy level. This empowers investors to make informed decisions based on clear and relevant information, ultimately strengthening the client-advisor relationship.

Responsible AI adoption: a critical priority

While genAI offers exciting possibilities, responsible adoption is crucial to ensure the protection of the public’s data. Here are some key considerations:
Focus on high-value use cases: Identify genAI applications that deliver significant value
while minimising complexity and cost.
Ensure data security: Implement robust security measures to safeguard sensitive
customer data from potential risks associated with genAI models.
Combat bias and factual errors: Be mindful of potential biases in training data and
incorporate human oversight to prevent biased or inaccurate outputs.
Leverage Privacy Enhancing Technologies: PETs such as Federated Learning and
Homomorphic Encryption will enhance the utility of your data without infringing on
privacy.

By embracing AI in a responsible manner, the financial services industry can achieve its
personalisation goals while ensuring customer data remains protected. This paves the way for a future where personalisation and privacy go hand-in-hand, fostering a more secure and
empowering financial landscape for all.

Continue Reading

Copyright © 2021 Futures Parity.