Cyber Insurance News & Information Podcast

Cyber Insurance News & Information
  • 5.0 (3)
  • News
  • Updated Semimonthly

The leading pure-play source for cybersecurity insurance news, insights and data, Cyber Insurance News (CIN) is produced by a team of award-winning journalists with decades of reporting experience, along with deep cyber and financial expertise and networks. Martin Hinton is your host and the Executive Editor of Cyber Insurance News. He is an award-winning journalist and storyteller with broad experience and a proven ability to distill complex ideas into compelling and impactful narratives across video, print, and digital media

  1. Jun 17

    Same Tricks, Bigger Targets: Nation-State Cyber Threats

    A medical device maker gets hit. Surgery schedules slip. The attacker was a nation-state, and they knew exactly what they were looking for. Michael Crean, Senior Vice President at SonicWall, joins Cyber Insurance News to explain why the threats targeting power grids and pipelines are the same ones that compromise small businesses every day. The difference is patience, not technique. We cover the March 2026 Stryker attack, attacker dwell time, the Colonial Pipeline failure, and why cyber insurers are moving from self-attested questionnaires to continuous audit. Plus the two unglamorous controls Crean says cut compromise risk by roughly 70 percent. A former US Army soldier turned cybersecurity leader, Crean also makes the case for why military veterans are a natural fit for the industry. Michael Crean SonicWall Stryker Colonial Pipeline CHAPTERS 00:00 Introduction and Background of Michael Crean 03:15 Military Influence on Leadership and Cybersecurity 08:07 Transitioning Veterans into Cybersecurity Careers 10:22 SonicWall's Evolution and Cybersecurity Landscape 12:19 Iran's Cyber Warfare Capabilities 16:07 Impact of Cyber Attacks on Critical Infrastructure 21:44 The Psychological Effects of Cyber Threats 27:50 The Need for Friction in Digital Security 30:48 Critical Infrastructure Vulnerabilities and Iran's Strategy 33:27 The Inconvenience of Digital Dependency 34:17 Legacy Technology and Cybersecurity Risks 34:57 Fundamentals of Cyber Hygiene 37:52 The Mundane Yet Crucial Practices 39:22 Personal Responsibility in Cybersecurity 40:59 The Economic Impact of Cybercrime 43:58 The Invisible Threat of Cyber Attacks 50:05 The Evolution of Cyber Insurance 54:04 The Importance of Cybersecurity Fundamentals 01:00:41 Empowering Personal Responsibility for Cybersecurity

    1h 4m

  2. Jun 10

    AI-Powered Cyber Attacks: Why Compliance Is Not Security | Mitchell Amador, Immunefi CEO

    Most corporate security leaders are doing compliance, not security. That is the blunt opening from Mitchell Amador, CEO of Immunefi, the leading crowdsourced security platform for blockchain, and the argument that drives this entire conversation. AI has ended the era of crime-scale cyber risk. The number of hacking groups capable of causing serious harm has jumped tenfold. Attack capability that once required a nation-state program now fits in a laptop. Most CISO budgets were built for a world that no longer exists. Amador explains what crypto security has already figured out and why the rest of the internet is about to be forced to catch up. We cover bug bounties, coopetition, smart contract insurance pricing, and the quantum encryption threat that simultaneously puts every bank, government, and blockchain at risk. Billy Mitchell North Korea and cyber warfare Chapters 00:00 Mitchell Amador's path to crypto security 02:13 What is Immunefi? 03:49 Web3 as a dark forest 06:48 Nation-state actors and North Korea 08:00 The response to constant threat 09:36 Why crypto security stakes are global 12:35 Move fast and break nothing 14:39 What is a bug bounty program? 16:31 Why crowdsourced security beats internal teams 21:32 The culture of coopetition 29:45 AI and the economics of attack 32:51 Force multiplication and AI offense 36:32 The human element in security 40:27 Where crypto fits in cyber insurance 47:18 Smart contract insurance and loss rates 49:14 Quantum computing and encryption risk 52:40 Y2K vs quantum, scale of the problem 52:55 What should CEOs and boards do now? 58:31 Five years from now — what seems obvious www.cyberinsurancenews.org

    1 hr

  3. Jun 1

    The Authorization Gap: Cyber Insurance in the Age of Agentic AIThe Authorization Gap: Cyber Insurance in the Age of Agentic AI

    Agentic AI can act on its own. So who controls what it does, and who pays when it goes wrong? Recorded live at the Scout InsurTech Conference in Columbus, Ohio, this episode brings together four experts to unpack the authorization gap in agentic AI cyber insurance. The conversation digs into blame, liability, responsibility, controls, and implementation. You'll hear how underwriters classify AI risk, why most cyber policies already cover AI breaches, where carriers split on affirmative coverage, and what businesses should do first. Guests Julia Garcia-Trombley, US & Canada, CertX Jeremy Epstein, CEO, Mayflower Specialty Rich Gatz, Head of Cyber Claims, Arch Insurance Tristan Morris, CEO, SplitSecure Chapters 00:00 Introduction to Cyber Insurance and AI 02:57 Understanding Agentic AI and Its Implications 06:04 The Classification Problem in AI Risk 08:51 The Role of Controls in Cyber Insurance 12:02 AI Risk vs Cyber Risk: A New Perspective 14:59 Certification and Governance of AI Controls 17:48 The Future of AI in Cyber Insurance 19:55 The Human Element in AI Risk Management 22:03 Understanding Acceptable Risk in AI 24:03 The Evolving Threat Landscape of AI 27:19 Cyber Insurance and AI: A Complex Relationship 30:24 Defining AI Risk and Insurance Coverage 33:15 The Importance of Risk Assessment in AI 36:44 Navigating Regulatory Frameworks for AI 39:05 Industry Consensus on AI Risk Management

    43 min

  4. May 25

    Cybersecurity Workforce Gap: Human Error, Ransomware & Shadow AI Risk

    Human error drives most cyber breaches. But the deeper problem is a workforce gap that leaves organizations exposed before the first attack arrives. Yaniv Kapluto, Chief Revenue Officer at nuKudo, joins Cyber Insurance News Executive Editor Martin Hinton to discuss the human realities behind every breach, the true cost of stolen data, and what AI and quantum computing mean for the future of data security. Kapluto breaks down nuKudo's rigorous talent pipeline, why shadow AI is an immediate threat most organizations have not mapped, and what underwriters should be asking before they quote a risk. This episode covers: Why people remain the most exploitable entry point in any organization.How cybercrime operates as a structured, funded business.The long-lasting value of stolen data and the ransomware cost curve.What good cybersecurity culture looks like from the inside.Shadow AI risk and the quantum computing threat to encryption.What underwriters should look for when assessing cyber preparedness. Yaniv Kapluto is CRO at nuKudo, a global cybersecurity workforce company placing trained security professionals across government and private sector clients. Chapters   00:00 Introduction to Cybersecurity and Human Error. 01:14 nuKudo's Mission and Origin Story. 04:35 Assessing Cybersecurity Needs and Roles. 09:38 The Human Element in Cyber Breaches. 13:36 Understanding the Scale of Cyber Threats. 18:09 The Asymmetry of Cybersecurity Resources. 20:32 The Value and Monetization of Stolen Data. 23:34 Cyber Insurance and the Cost of Breaches. 28:19 The Future of Data Security and Quantum Computing. 33:09 Cybersecurity in Healthcare Environments. 35:01 Understanding Hospital Cybersecurity Risks. 38:44 Bridging the Gap: IT and Cybersecurity. 43:55 Indicators of Cybersecurity Preparedness. 50:25 Addressing the Talent Crisis in Cybersecurity.55:49 The Future of Cybersecurity: EmbracingChange

    1h 4m

  5. May 14

    Minimum Viable Business Is The Real Cyber Insurance Question

    Every business leader assumes a cyberattack is coming. Far fewer have asked the question that actually matters: how fast can we get back to trading? Lee Nolan, General Manager UK and Ireland for Hitachi Vantara, joins Martin Hinton to introduce one of the most practical frameworks in cyber risk planning, the minimum viable business. It is not a technical concept. It is a board-level decision about which systems, processes, and data your organization cannot survive without. In this episode, Lee explains why recovery costs run 20 to 24 times the ransom demand, why the average organization takes 21 to 24 days to restore basic operations, and why full recovery takes around seven months. He walks through the castle and moat model for protecting critical data, explains immutable backups and clean rooms in plain English, and describes what a credible incident response plan actually looks like. He also makes the case that cyber insurance is most valuable as a partnership not a policy you read after the breach. One question closes the episode. When did you last ask your CISO how long recovery takes? Cyber Insurance News Podcast is published by cyberinsurancenews.org and covers the global cyber insurance market for underwriters, brokers, CFOs, and General Counsel. Chapters 00:00 Introduction to Cyber Insurance and Data Management 04:42 Understanding Cyber Risk and Recovery 09:43 The Role of Cyber Insurance in Business Continuity 14:27 Communication and Transparency in Cyber Incidents 19:38 The Impact of Supply Chain Vulnerabilities 24:49 Data Management and Recovery Challenges 31:31 The Importance of Preparation in Cybersecurity 36:39 C-Suite Conversations: Engaging with the CISO 41:06 Cybersecurity as a Health and Safety Standard 44:42 Incident Response Planning: The Basics 50:46 Understanding Immutable Backups and Clean Rooms 57:20 Hitachi Vantara: A Global Technology Leader 01:00:07 Paying It Forward: The Importance of Mentorship Lee Nolan Hitachi VantaraOfficial Website CyberResilience Act (UK) Commvault DataProtection Solutions

    1h 3m

  6. Apr 30

    Your Cyber Incident Response Plan Won't Save You - Practice Will

    99% of organizations have a cyber incident response plan. 73% admit it wouldn't hold up under real pressure. So what's the gap, and how do you close it? Martin Hinton speaks with Matt Mosley, Incident Response Manager at Sygnia, about what actually happens when ransomware hits on a Friday night, why legal delays cost companies millions, and why AI in incident response needs a human hand on the wheel. For cyber insurers and underwriters, this episode is essential. A weak cyber incident response plan is not just an operational problem; it is a claims problem. Backup gaps, undefined decision authority, and untested IR playbooks all drive longer recovery timelines and higher loss ratios. Mosley identifies exactly what underwriters should ask at renewal and which answers should raise flags. RESOURCES Sygnia Find Matt on LinkedIn Most CISOs Admit They Are Not Ready For The Next Big Cyberattack State CISOs Sound The Alarm: What The 2026 NASCIO-Deloitte Study Means For Government Cyber Risk Insurance Alibaba's AI Agent Mined Crypto Without Permission. Now What? (Forbes) There's a New Phishing Scam: Fake Invitations (New York Times) CHAPTERS 00:00 Understanding Incident Response Preparedness 02:53 The Role of Sygnia in Incident Response 04:13 The Dynamics of Incident Response 08:26 The Human Element in Incident Response 11:54 The Disconnect in Perceived Readiness 14:50 Practicing Incident Response Plans 16:58 Identifying Gaps in Incident Response 18:04 The Cost of Delayed Decision-Making 19:16 Dealing with Hubris in Leadership 21:24 The Complexity of Incident Response Plans 23:29 First Steps in Incident Response 25:24 Involving Key Stakeholders 28:00 Preparing for the Unimaginable 31:38 The Mainstreaming of Cybersecurity Awareness 34:46 The Evolving Landscape of Cyber Insurance 35:22 Visibility Gaps in Hybrid Environments 38:16 The Role of the CISO in Crisis Management 41:45 Communicating Cybersecurity Needs to the Board 45:28 The Impact of AI on Cybersecurity 52:34 Best Practices for Incident Response 56:38 Final Thoughts on Cybersecurity Preparedness ABOUT CYBER INSURANCE NEWS Cyber Insurance News and Information is the go-to source for underwriters, brokers, CISOs, and senior executives navigating the cyber insurance market. Published and hosted by Martin Hinton, a journalist with 30 years of experience covering just about everything. Website: https://cyberinsurancenews.org

    59 min

  7. Apr 23

    Cyber Insurance Blind Spots: Why 85% Of Attacks Never Go Public

    Most companies think they understand their cyber risk. They filled out the questionnaire. They renewed the policy. They checked the box. According to cyber insurance experts Ralph Pasquariello and Craig Sekowski of CYBERRISKIQ, that confidence is one of the most dangerous blind spots in corporate America today. In this episode of the Cyber Insurance News and Information Podcast, Ralph and Craig return as guests to discuss the cyber insurance gaps that leave organizations exposed precisely when they think they are protected. WHAT WE COVER: - Why less than 15% of successful cyber attacks ever become public and what that means for how companies assess their own risk. - The 200-day average dwell time attackers spend inside corporate networks before detection. - How AI is being used on both sides of the cyber fight and why your current policy may not cover an AI-enabled attack. - Why renewing your cyber insurance policy annually without review is leaving companies dangerously exposed. - Third party damages, class action exposure, and why sublimits matter more than most CFOs realize. - CYBERRISKIQ's induction into the Society of Risk Management Consultants and what it signals about cyber's growing role in enterprise risk management. - Why the current flat pricing market is an ideal window to add coverage layers without doubling premiums. ABOUT THE GUESTS: Ralph Pasquariello and Craig Sekowski are the founders of CYBERRISKIQ, a cyber insurance and cybersecurity advisory firm. They work with corporations, brokers, and risk managers to identify coverage gaps, assess cyber posture, and align insurance limits with real world exposure. They are members of the Society of Risk Management Consultants. ABOUT THE HOST: Martin Hinton is the Executive Editor and Publisher of Cyber Insurance News. With over 30 years of journalism experience across six continents, he covers the cyber insurance market for underwriters, brokers, CISOs, and risk managers. READ THE FULL ARTICLE: cyberinsurancenews.org/cyber-insurance-blind-spots-cyber-risk-iq The Society of Risk Management Consultants (SRMC) CYBERRISKIQ Craig Sekowski Ralph Pasquariello, CLCS Chapters   00:00 Introduction to Cyber Insurance Awareness. 01:10 The Impact of AI on Cybersecurity. 02:44 The Growing Importance of Cyber Insurance. 06:13 Understanding the Hidden Cyber Threats. 07:56 The Role of Risk Management Consultants. 10:06 Bridging the Gap Between IT and Insurance. 11:58 The Importance of Reading Cyber Insurance Policies. 14:05 The Real Costs of Cyber Breaches. 18:12 The Long-Term Implications of Cyber Incidents. 20:49 Understanding Cyber Insurance and Its Importance. 21:55 The Value of Data in Cybersecurity. 23:24 Identifying Vulnerabilities in Data Management. 24:49 The Evolution of Data Breach Insurance. 27:38 The Reality of Cyber Attacks. 30:02 Raising Awareness in Cybersecurity. 31:55 Current Trends in Cyber Insurance Pricing. 35:06 Improving Insurability Through Cybersecurity Practices. 38:32 The Human Element in Cybersecurity Challenges SUBSCRIBE for weekly coverage of the cyber insurance market from the source professionals trust.

    41 min
  8. Cyber Insurance Policy: Why Proof Now Beats Questionnaires

    Apr 19

    Cyber Insurance Policy: Why Proof Now Beats Questionnaires

    Is your cyber insurance policy built on what your company says it does, or what it can prove? In this episode, I speak with Tristan Morris, CEO and co-founder of SplitSecure, and Dylan Hamilton, business development lead, about why the shift from static questionnaires to verifiable controls is reshaping cyber underwriting in 2025 and beyond. We cover credential theft, privileged access, vendor risk, and why 91% of cyber insurance payouts in 2025 were ransomware-related, even though ransomware represents less than 10% of claims by volume. If you are an underwriter, broker, CISO, CFO, or general counsel, this episode has direct implications for how you buy, write, and manage cyber risk. In this episode: Why questionnaires capture a snapshot, not the truth. How attackers exploit MFA exceptions. The three ways MFA gets bypassed in practice. What verifiable proof of credential discipline looks like. Why privileged access is the single biggest underwriting differentiator. The vendor access question every underwriter should be asking. Resources mentioned: SplitSecure Verizon Data Breach Report 2025 IBM Data Breach Report 2025 Delinea Cybersecurity Report 2025 Connect with the guests: Tristan Morris on LinkedIn Dylan Hamilton on LinkedIn Chapters 00:00 The Evolving Landscape of Cyber Insurance 09:22 Understanding the Role of MFA and PAM 14:59 The Financial Impact of Cyber Attacks 21:41 Navigating Credential Management Challenges 25:08 The Future of Cybersecurity Practices 35:29 The Evolution of Cyber Insurance Regulations 38:00 Challenges in Rewarding Best Practices 40:28 The Gray Area of Negligence in Cyber Insurance 44:53 Vendor Risks and Third-Party Access 50:34 The Human Element in Cybersecurity 54:31 Future Trends in Cyber Insurance 59:33 Final Thoughts and Quickfire Questions

    1h 13m
See All (44)

Trailers

Ratings & Reviews

5
out of 5
3 Ratings

About

The leading pure-play source for cybersecurity insurance news, insights and data, Cyber Insurance News (CIN) is produced by a team of award-winning journalists with decades of reporting experience, along with deep cyber and financial expertise and networks. Martin Hinton is your host and the Executive Editor of Cyber Insurance News. He is an award-winning journalist and storyteller with broad experience and a proven ability to distill complex ideas into compelling and impactful narratives across video, print, and digital media

Information

You Might Also Like