Exploring Cyber Insurance Innovations: Addressing CISO Liability and Legal Defense By Jim Routh, Micheal W. Reese, Matthew Rosenquist and Pritha Aash

The discussion explores the potential impact of cybersecurity incidents, such as the SolarWinds case, on the insurance industry. There's speculation about whether insurers will adapt their offerings to accommodate the demand for specialized coverage, particularly for CISOs





Here is the verbatim discussion:

Spot on there absolutely spot on so that kind of brings us back you know when we talk about this dno and Eno and uh coverage do you think this may perhaps change the insurance industry do you think the insures are going to start offering something special something unique for cesos because of this demand because of this case uh and they see an opportunity to to expand their Market what are your guys' thoughts M Michael I'll start with you I think Jim will probably have to type his answer um I I think it's absolutely possible I mean look at what happened with cyber Insurance there was not a market all of a sudden there's a huge market for cyber Insurance um it's gonna be a tough one because we I don't think we have enough data to be able to Michael what would you say I I'm gonna say potentially also because it it depends I'm going to say and it's another way of saying potentially but I'm going to say if even half of what's in the SEC complaint is true I'm gonna say yes if it isn't true or forthright then I'm gonna say ah no you know uh absolutely thank you so much for this wonderful session uh thank you to all the speakers for you know this beautiful beauti session I know we're over time and we were all you know really involved in the session so thank you so much I'm so sorry Matthew we couldn't see you on the what happens with this case as we see more and more of them absolutely there'll be a market for it I mean anytime they can drum up a market they're going to uh I think Jim still typing here oh so he says the evolution of indemn indemnification coverage originates from Delaware law based on three levels but again from a business perspective I would say generally speaking if insurance agencies and Industry you know smell blood in the water and think that they makeing Pro they can make a profit I think they would probably explore that o opportunity to um increase their overall.




Potential Changes in Insurance Industry:

  • The participants speculate on the possibility of the insurance industry introducing specialized coverage for CISOs due to increasing demand and notable cybersecurity incidents like SolarWinds.
  • The analogy is drawn to the emergence of cyber insurance as a market in response to growing cyber threats.

Uncertainty and Need for Data:

  • While the potential for specialized coverage exists, there's a recognition that sufficient data on cybersecurity incidents and their financial impact is needed to inform insurance offerings effectively.
  • The participants acknowledge that the evolving nature of cybersecurity incidents and regulations may influence insurers' decisions.

Business Perspective:

  • The discussion also touches upon the business perspective, emphasizing that insurers may be motivated by the opportunity for profit and market expansion.


The session concludes with an acknowledgment of the evolving landscape of cybersecurity and insurance. While the potential for specialized coverage for CISOs exists, the actualization of such offerings may depend on factors like regulatory changes, market demand, and insurers' profitability considerations. Overall, the discussion highlights the importance of adapting insurance products to meet the evolving needs of organizations facing cybersecurity risks.



Jim Routh a board member, advisor and investor with specific expertise as a transformational security leader focused on applying risk management discipline to a converged security function for global enterprises to achieve enterprise resilience. Demonstrated track record of designing security control using innovation and data science to align senior executives to deliver world-class level security capabilities to drive positive business results in a digital world.



Micheal W. Reese Over 30 years’ experience in Information Technology serving in senior executive positions encompassing security, general operations management, project management, process change and development, business development as well as service and product management functions. A Cybersecurity Specialist, licensed as a Computer Forensics Investigator, Certified Information Systems Security Professional, Hacking Forensic Investigator and Fire and Explosion Investigator . Assisted both the DOJ and FBI on several matters, worked with High Tech Crime Units in Portland and Sacramento. Given expert witness testimony in hearings, depositions and at trial.




Matthew Rosenquist is a seasoned cybersecurity strategist and Chief Information Security Officer (CISO) with over three decades of experience. With a remarkable career at Intel Corporation spanning 24 years, he spearheaded key security initiatives, including establishing Intel's first Security Operations Center and leading cyber crisis response teams. As an influential figure in the industry, he currently serves as the CISO for Eclipz and advises numerous organizations worldwide on cybersecurity, emerging threats, privacy, and regulatory compliance. With a unique ability to bridge technical expertise with business acumen, Matthew is renowned for developing effective security strategies and enabling organizations to navigate complex cyber risks while optimizing security, privacy, and governance.




Pritha Aash managing parts of content strategy and marketing in a startup called FireCompass. The team has built things first time in the world and i'm overexcited to be part of it. I decided to share some of it and more. I'm an Information Technology Engineer. Prior to that I did my schooling from Sri Aurobindo, Loreto House, Loreto Convent Entally, Kolkata. I like to volunteer in interest groups, communities to help the world we live in be a better place. Currently volunteer at WWF, Khan Academy, SaveTrees.




E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)



CISO Breakfast at BlackHat Las Vegas 2024!

  • Description:

    We are thrilled to invite you to the CISO Breakfast at BlackHat 2024. 

    CISOPlatform is a community partner for the event which is co-hosted by Silicon Valley Bank, Stage One, First Rays Venture Partners, Latham & Watkins.


    Event Details: 

    • Date: Thursday, August 8th,…
  • Created by: pritha
  • Tags: blackhat usa, las vegas, ciso breakfast, usa