Cyberterrorism insurance

Hosted by SWIFT

June 30 2015


  • Michael Mainelli (Z/Yen & Long Finance)

  • Julian Enoizi (Pool Re)

  • Russell Kennedy (Brit Insurance)

  • Mike St. John Green (Information Security Forum)


Often, the work that the indefatigable Michael Mainelli is doing with his Long Finance initiative (designed to press the City to take a longer-term view of the finance business) leaves me cold. But sometimes I figure he has struck gold – identifying a major problem way ahead of the pack, and turning it into a business opportunity.

A splendid example of this is the research project Long Finance has been doing into the possibility of developing a cyber-terrorism reinsurance market to help mitigate the risk of large-scale (potentially state-sponsored) attacks. We at the CSFI are about to publish our fifth Insurance Banana Skins survey (supported by PwC), and it will come as no surprise that the fastest-rising risk facing the industry is the cyber threat.

What Michael and his chums have focused on is that “cyber” insurance is an ill-defined and therefore weak market where it is hard to get significant risks written – and almost impossible above £100 million (which is roughly where cyber-terrorism would likely impact). Long Finance’s proposal is government support along the lines of Pool Re, an industry led solution which was set up in 1993 in the wake of the IRA bombing campaign. The proposed new institution, Cyber Re, would be structured to act as a conduit, enabling the insurance market to cover the cyber risks facing the nation without exposing their balance sheets to the unknown. Equally, however, Pool Re’s own mandate could be extended.

It is a difficult issue – a potentially existential threat to many City firms, but a massive business opportunity for others. We are, therefore, delighted that Michael has agreed to take time off from his day job running Z/Yen to explain his ideas. We are equally delighted to have put together a panel that may (or may not) back up his ideas:

  • Julian Enoizi is CEO of Pool Re, an existing public/private partnership, which he joined from ProSight, a specialist underwriting Syndicate at Lloyd’s. Prior to that, he was President and CEO of Argo International, and before that of CNA Europe. He is a lawyer by background, having practiced in London, Milan and Brussels.
  • Russell Kennedy is a Divisional Director for Global Property, War, Terrorism and Political and Credit Risk at Brit Insurance. He has recently partnered with Coalfire to provide a comprehensive first-party cyber security insurance and risk mitigation product.
  • Mike St. John Green is an independent cyber security specialist and co-author of a recent book on Cyber Resilience. He works with the Information Security Forum, and is an honorary fellow at the University of Warwick. Prior to retiring in 2013, he spent 39 years in the UK Government, mostly at GCHQ and, more recently, at the Office of Cyber Security in the Cabinet Office.