4 minutes read

“There has been a “before” and “after” thanks to the CCIS” says CCIS Grad

Maria Demattei, an experienced Cyber Manager at Aon, Spain explains how her completion of the CCIS program helped her to navigate a ransomware attack on an important client. 

Demattei has more than 15 years of experience in the insurance and reinsurance market and recently graduated from the Cyber Insurance Specialist (CCIS) course. 

How did you get into the Cyber Insurance Industry?

I’ve been working within the financial lines industry for more than 15 years, and matters related to fraud have always captured my attention. I got interested in cyber risks after realizing how traditional computer crime sections under BBB and Crime products were insufficient to address all risks a business can face as the dependency on technology grows. After several years dedicated to traditional financial line products, I decided to further my horizon and fully dedicate my time to learning about Cyber Insurance, which I’ve been doing since 2020 in a constant learning process that keeps me passionate and interested in this amazingly specialized product.

How did taking the Certified Cyber Insurance Professional (CCIS) course benefit you in your professional career?

Definitely, there has been a “before” and “after” thanks to the CCIS. The applicability of each lesson in the course has been invaluable in the performance of my work as a broker, both for carrying out negotiations with the market and for having more technical conversations with clients. 

Can you give us an example of a complex cyber insurance case you’ve worked on and how your CCIS training helped you navigate it?

One of our biggest clients suffered a critical ransomware attack just a couple of months prior to the renewal of the cyber insurance program. I was able to push through the renewal, despite the difficulties of having an open claim with all the expectations of becoming a total loss. As the year went by, we had several follow-up calls with the client and the Insurer, and thanks to the CCIS, I was able to have a better understanding of the entire transformation process that the client was going through after having suffered the loss. I also had a better appreciation for the insurer’s key risk management concerns. In the end, the claim did indeed turn out to be a total loss, but at the renewal time, all the follow-up conversations and learnings during the Cyber ​​Insurance Academy helped me build appetite from new markets and also get some great terms for the client after hard negotiations with Insurers.

Can you explain the role of a cyber insurance specialist and how it differs from other insurance roles?

For a cyber insurance specialist, it is necessary to handle adequate technical language and have the ability to hold productive conversations with the main stakeholders: CISO, CIO, DPO, and now, with greater involvement, other C-Suite characters to the extent that cyber risks are now at the top of the board’s priorities. That way, the necessary tools are obtained to take negotiations with the insurance market to a high level and achieve the best benefit for clients. Unlike other lines of business, cyber insurance requires a high level of specialization and constant updating to be at the forefront of technological advances, changes in the regulatory environment, and new threats.

Which cyber trends and risks do you think cyber insurance professionals should be most aware of in 2023?

  1. As cybersecurity reaches the top of the agenda for most companies in the world, investment in this area will increase significantly. While we are likely to see leaps in innovation to address the ever-evolving cybersecurity landscape, the global cybersecurity skills shortage is projected to continue for years to come as cybercriminals employ new tools and techniques to circumvent even the most robust controls and security measures.
  2. Insurance will continue to play an important role in cyber risk management, and for those risks with a high level of maturity, especially those that suffered high increases in their policies in the last two years, the market has begun to become more flexible and offer better conditions than those of last year.
  3. Underwriting scrutiny remains high and proactive risk assessments will continue to be key to engaging constructively with insurers.
  4. The number of cyber claims is constantly increasing, and it is important that all players in the industry move more quickly to claim response and resolution models which reflect the level of complexity of losses. There should be more engagement in a claim advocacy process, and less direct involvement of outside lawyers representing insureds and insurers as litigation costs related to cyber claims continue to rise. Reducing reliance on lawyers in situations other than those where such skills are actually needed is useful and appropriate, and brings resilience and scalability to cyber claims handling.

How do you think the Spanish Cyber Insurance Market will develop over the next few years and why?

The capacity offered by traditional markets will return to significant levels of €15M – €20M in the coming years, but customers will also benefit from greater competition derived from the entry of new players, especially in the excess market. On the other hand, since Spain is a mature market, Insurers will be more prepared to offer innovative solutions and technological tools to clients that will help them manage risk and will result in a greater appetite on the part of the insurance market. Most of the markets are focused on growing in the middle segment, and this will generate a lot of competition and conditions for that market niche that was somewhat relegated during 2021 and 2022 due to not having the appropriate level of maturity.

Want to kick-start your career in cyber insurance? Read about our CCIS course here.

Reach Out to Us

Can’t find what you’re looking for? Leave your details and we’ll get back to you shortly