How is cyber security insurance managed in financial institutions; is it managed by ERM or CIO- cyber risk team?

Security & GRCApplications & Platforms
2.6k viewscircle icon4 Comments
Sort by:
Senior VP & CISOa year ago

All insurance managed by ERM but CISO team works with them on Cyber insurance 

Lightbulb on1
Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotech2 years ago

What do you mean by "managed!" The CFO in many small to mid size companies deal with the brokers to get the quotes and defend budget concerns. Legal reviews that contract terms. The CISO should be involved in the security and data architecture reviews and questions. I also give strong input to the amounts needed, additional riders e.g. AI, etc. In the end it's an Enterprise Risk Management evaluation case to evaluate what risks to self- insure, etc. Remember that contracts may require certain limits but always check to see if the next higher band is more cost effective. Cyber liability insurance also helps with reputation management, forensics, etc so many departments and leaders need to be part of the process.

Chief Information Security Officer in Healthcare and Biotech2 years ago

It depends on the organisation’s structure but for BFSI co-owned by CIO and CISO 

Director IT in Software2 years ago

Its Managed by ERM

Content you might like

We use Microsoft PowerBI extensively at the company. Over 15,000 reports.
For our "corporate" reports, like financials or HR, we centralize those requests and attend them with my team.
We currently "extract" information from multiple systems (ie. SAP, SuccessFactors, CRM, etc...) and put in into a SQL Analysis Services. For interpreting the data we have a Semantics model in PBI.
The problem I see is we can't scale enough to comply with the reporting demands as the semantic model is "unique" and we end up having only one or two developers that can work at a time. 
Anyone has an idea how to scale their PBI teams without having to redevelop the semantic model per report?

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Read More Comments

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

HashiCorp (Terraform, Vault, Packer, etc.)22%

Cloud infra automation (Ansible, Puppet, Chef, etc.)56%

APM (Datadog, AppD, SignalFX, NewRelic, etc.)10%

Others?10%

View Results

We are dealing with a specific issue in our VDI non-persistent environment, which operates using Omnissa Horizon (formerly VMware). We are employing a hybrid join for authentication that integrates ADFS and Entra ID.   Here are the details of our problem:   1. **Environment**: VDI non-persistent using Omnissa Horizon 2. **Authentication Method**: Hybrid join with ADFS and Entra ID 3. **Issue**: Users are experiencing difficulties authenticating to Microsoft 365 apps within the virtual machine. The authentication process gets stuck in a loop when attempting to access the smartcard. I would appreciate any insights or experiences from others who have encountered similar issues or have a similar environment working successfully.

What is your overall attitude towards Edge Computing?

I am a huge fan of this technology20%

I find this technology very useful, yet have some slight doubts64%

I have quite a few doubts about this technology12%

I am not a fan of this technology at all2%

View Results