Exploring the complexities of cyber insurance with Harpreet Mann

Executive Summary: Delve into the intricacies of cyber insurance with expert Harpreet Mann, as she sheds light on the challenges of risk assessment and the necessity of aligning cybersecurity practices with insurance policies.​

This article:

  • Features insights from Harpreet Mann on the evolving landscape of cyber insurance.
  • ​Discusses challenges in risk assessment and policy coverage.​
  • Highlights the importance of aligning cybersecurity measures with insurance requirements.

Introduction

In the fourth episode of Resilience Rising, Sean Costigan, Managing Director of Resilience Strategy at Red Sift, delves into the intricacies of cyber insurance with Harpreet Mann, President of Amynta Trade Credit and Political Risk Solutions. Drawing on her extensive experience in insurance and risk management, Harpreet sheds light on the challenges and transformative potential of cyber insurance in today’s rapidly evolving threat landscape.

Navigating the challenges of cyber insurance

Cyber insurance has become a critical method for managing risk in this era of increasing cyberattacks. However, as Harpreet explains, the industry is grappling with a unique combination of high-frequency and high-severity events, including spectacular ransomware attacks, that challenge traditional insurance models. Unlike other insurance lines, which tend to balance low-frequency, high-severity risks or high-frequency, low-severity risks, cyber insurance struggles to maintain profitability under the strain of both. 

Additionally, Harpreet addresses the concept of “silent cyber”—policies that fail to explicitly include or exclude cyber risks. This ambiguity has pushed regulators and insurers alike to clarify coverage terms, a move championed by organizations like Lloyd’s of London. Clear policy language is critical for managing expectations and ensuring alignment between insurers and policyholders.

Incentivizing better cybersecurity practices

One of the transformative opportunities in cyber insurance lies in its ability to drive improved cybersecurity practices. Harpreet explains how insurers reward businesses with robust cybersecurity measures by offering more favorable premiums. This creates a symbiotic relationship where insurers incentivize stronger defenses, ultimately reducing risk exposure for all parties.

However, she notes the challenges faced by smaller and medium-sized enterprises (SMEs), which often struggle to meet the stringent requirements for cyber insurance. Harpreet underscores the potential role of public-private partnerships, including reinsurance backstops, to make cyber insurance more accessible while fostering a culture of shared responsibility. After all, just over a year ago the head of Zurich, Mario Greco, told the Financial Times that cyber was shaping up to be “uninsurable.”

Geopolitical risks and cybersecurity

Our conversation also explores the intersection of geopolitical instability and cybersecurity. Harpreet cites the NotPetya attack on Merck as a stark example of how state-sponsored cyber warfare can destabilize businesses and nations alike. The growing use of cyberattacks as geopolitical tools underscores the need for comprehensive risk management strategies that address both the private and public sectors.

“What’s interesting here is establishing. ‘Okay, what does war mean?’ and if war is between two states, can they draw the line that cyber attack was truly a war act by a state actor.”

Harpeet Mann

President of Amynta Trade Credit and Political Risk Solutions

A path forward for cyber insurance

Looking ahead, Harpreet emphasizes the importance of adaptability in the cyber insurance industry. She envisions a future where insurers, regulators, and businesses collaborate to create more sustainable and precise policies. By addressing challenges such as ransomware coverage and clarifying war exclusions in policies, the industry can better serve its clients while maintaining stability.

“I do think cyber will get there. The question for the industry is, is it a good practice to cover ransomware?”

Harpreet Mann

President of Amynta Trade Credit and Political Risk Solutions

Listen to the full episode

Gain deeper insights from Harpreet Mann on how cyber insurance can evolve to meet today’s challenges by listening to the full episode of Resilience Rising. The discussion offers valuable perspectives for cyber and insurance industry professionals, policymakers, and anyone interested in the future of cybersecurity and risk management.

For more updates and insights, follow:

Stay tuned for more episodes of Resilience Rising as we explore critical topics shaping the cybersecurity landscape.

PUBLISHED BY

Sean Costigan

14 Jan. 2025

SHARE ARTICLE:

Recent Posts

VIEW ALL
News

Microsoft announces new email requirements for bulk senders

Red Sift

Microsoft has officially announced new authentication requirements for bulk email senders, aligning with the policies rolled out in 2024 by Google and Yahoo. These changes aim to improve email security and deliverability for Outlook.com users, covering domains like outlook.com, hotmail.com, and live.com. The update marks a significant shift as Microsoft moves to require SPF,…

Read more
DMARC

From concept to market leader: Reflecting on the development of Red Sift…

Rahul Powar

Following Red Sift OnDMARC being featured in 18 reports in G2’s Spring 2025 Report, CEO Rahul Powar shares his thoughts on the innovation behind the product—and what’s driving its continued momentum in the fight against phishing and Business Email Compromise (BEC). When I founded Red Sift, my goal was to make proactive cybersecurity accessible…

Read more
DMARC

Keep your Microsoft Online Email Routing Address secure with Red Sift OnDMARC

Faisal Misle

Every Microsoft 365 tenant includes a default domain in the format tenantname.onmicrosoft.com. This is known as the Microsoft Online Email Routing Address (MOERA). What many don’t realize is that attackers have started using these domains to impersonate organizations in phishing attacks. If left unmonitored, MOERA domains can become a blind spot in your email…

Read more
News

Red Sift OnDMARC ranked #1 in EMEA and Europe for DMARC in…

Francesca Rünger-Field

G2’s Spring 2025 Report is here, and we’ve got some exciting news to share! Red Sift OnDMARC has been named the #1-rated DMARC solution in both EMEA and Europe, and that’s just the start. We also took the #1 spot in the Mid-Market Results Index and Mid-Market Usability Index, and were featured in 18…

Read more