February 6, 2025 • 30 mins
Learn more about navigating cyber threats and insurance with insights from Hunter Maskell, a Director with the CRC / INSUREtrust Cyber Practice Group and Professional Lines Broker Chris Zepeda. Ransomware attacks are making a sophisticated resurgence, matching the concerning levels of 2020 and 2021. Despite strides in incident response, the financial strain from business interruptions and legal battles lingers. While current market conditions may seem buyer-friendly, the looming specter of increasing claims warns of impending premium adjustments. Listen as we dissect the delicate balance between competitive pricing and sustainable risk management, ensuring you're prepared for the challenges ahead. The landscape of cyber insurance is ever-shifting, and understanding coverage nuances with the help of specialists is crucial. This episode is your guide to staying ahead in an era where cyber risks and solutions constantly evolve.
Visit REDYIndex.com for critical pricing analysis and a snapshot of the marketplace.
Do you want to take your career to the next level? Join #TeamCRC to get access to best-in-class tools, data, exclusive programs, and more! Send your resume to resumes@crcgroup.com today!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Amanda Knight (00:00):
Welcome back to the Placing you First podcast.
Today we're tackling theevolving ransomware threat and
the critical role that cyberinsurance plays.
We're joined by Hunter Maskell,a director with the CRC
InsureTrust Cyber Practice Group, as well as CRC Professional
Lines broker, chris Zepeda.
This is the Placing you Firstpodcast from CRC Group.
Scott Gordon (00:21):
This podcast features news and insights from
a vast knowledge base of over5,100 associates who write more
than $35 billion in premiumannually.
Amanda Knight (00:30):
Plus, we give you the latest information on
what's happening at CRC thisthis.
Hunter Maskill (00:35):
this is the Placing you First podcast, and
now the hosts of the podcastAmanda Knight and Scott Gordon.
Amanda Knight (00:42):
Thanks for joining us, guys, Thanks for
having us.
Scott Gordon (00:45):
Yeah well, let's get right to it, fellas.
Ransomware attacks areobviously increasingly
sophisticated we're hearing thisevery day With double and
triple extortion tacticsbecoming very commonplace.
So what trends are we seeing aswe head into 2025?
Now?
Hunter Maskill (01:03):
Yeah, thanks, scott.
I appreciate that.
You know we're hearing from avast majority of the carrier
partners we speak with is thatransomware continues to be up.
So if you go back a couple ofyears, into 2022, there was a
very significant drop off thatwas mostly attributed to the war
in Russia and Ukraine, and thenwe've kind of seen it tick back
up consistently over the lastcouple of years.
(01:26):
As we enter 25, I think that'scertainly on the forefront of
all of our carriers' minds andjust in the market in general is
that claims continue toincrease.
We're trending back very closeto the levels of 20 and 21,
where we saw those all-timehighs.
And it's not just theindividual attack, right, we're
concerned with any sort of likesystemic or industry impacting
(01:48):
attacks.
So we saw, you know, changehealthcare in the healthcare
industry and CDK, and both in2024, that were major systemic
events across a certain industryand we even saw the CrowdStrike
outage across all industriesfor anybody that used that
platform as a systemic event in2024.
(02:09):
That's the really keep you upat night.
Most carriers are financiallypositioned to be able to pay a
claim for any one customer.
What concerns them is ifthere's a single event that hits
75% of their book.
Chris Zepeda (02:23):
Chris, you got anything you want to add yeah,
no, I would say, like Huntermentioned, claims are on the
rise, but it's not like 20 and21, which was like the highest
the cyber market had ever seen.
Amanda Knight (02:36):
In regards to some widespread, like systematic
events, to the point where theaverage person saw the effects.
So, with that in mind, what canwe say about the real world
impacts that are hittingbusinesses?
Hunter Maskill (02:52):
Yeah, I think there's a couple of things that
we think about in the way thatbreaks down across our clients.
There are specific aspects of aclaim, whether that's breach
recovery, whether that's a classaction lawsuit that comes on
the back of it, whether that's abusiness interruption claim,
right, lost revenue that comesas a result of an outage.
(03:12):
You know we've gotten reallygood at the very first part of
that incident response rightthat how to hire a breach coach,
how to hire a forensic vendorthose costs continue to be
refined, managed, when managedproperly, can actually be, you
know, quite reasonable for thework that's being done.
I think the real world impactthat we're most concerned with
from a cost perspective is therising cost of what business
(03:37):
interruption claims are causingright.
So when clients are down or outor unable to conduct their
business operations because ofthe time that their networks are
offline, those are certainlyrising, those are certainly more
complex.
It's the most difficult portionof a claim to adjust.
And then, when we get intoclass actions, we're seeing a
significant rise in the amountof litigation or regulatory
(04:00):
investigations that happen onthe back end of a ransomware
attack, or even not a ransomwareattack in instances where it's
just data theft.
Quite often, if you have tonotice any reasonable size of
population that their data couldhave been compromised, you're
seeing a class action filedwithin a week or two weeks after
(04:22):
that and quite often several ofthose that are going to end up
being consolidated into a singlematter.
So we're seeing all of thosethings fit together for our
clients to say we're gettingbetter at the incident response,
but the longer the tailexposure that starts to exist,
which is business interruptionclaims and the actual litigation
(04:43):
that follows on the back end ofthis or the regulatory
investigation on the back end ofthis, those things are driving
costs up in the cost of a claimfor our clients and are really
becoming a little bit moretricky in terms of, okay, what's
the proper amount of limit tobuy?
How do we ensure that we areprotecting ourselves and not
leaving any risk uninsured?
(05:04):
I think the last thing to thinkabout is the okay, we talked
about that increase in the sizeof the claim.
What does that mean for me interms of real world impact on my
premium?
Despite all of that, the marketremains relatively soft, which
means it's a buyer's market.
There's favorable terms andconditions for our clients out
(05:24):
there to be had.
There's a lot of competitionfor our business.
So while we're having a rise inclaim and have continued over
the last couple of years to seethat we're not seeing a
corresponding change in pricingand a great restriction in
coverage but you don't have tobe a real market expert or real
(05:46):
market savant to see that thosetwo things can't continue in
perpetuity, forever, can't havea rise in claims and a decrease
in pricing forever.
So there will be an inflectionpoint and that will be a very
real world impact.
I think what we are all mostconcerned with is not going back
to the pricing experience of2020 and 2021, which was here's
(06:08):
your 50% increase and it doesn'tmatter what you're doing, or
here's your 100% increase and itdoesn't matter what you're
doing.
I think this time around we'vegotten a lot better at risk
analysis, risk selection as anindustry, which will allow us to
be a little bit more targeted.
We've already seen the firstcouple of those maybe an
insurance company stepping outand saying we need a little bit
(06:28):
of rate in this portion of ourbook, but the rest of it still
performing well and we're stillhealthy and we're still open for
competition there.
So there's just different waysthat this whenever the next
firming of the market cyclehappens.
Chris Zepeda (06:42):
There's a lot of reasons to think it won't look
like the last one For businesses, a way that a claim could
affect them beyond what they maythink that being obvious would
be.
I think forensic investigationscan be a bit more expensive,
especially for a slightly morecomplex insurer, than maybe they
realize, especially if theydon't have a tool like EDR share
(07:05):
.
Then maybe they realize,especially if they don't have a
tool like EDR, where they canpinpoint a lot more data of how
a bad actor accessed theirnetwork.
It may be a land fee to try tofind out if the bad actor is
still involved or not, and themore complex and the larger the
network, the more time and moneyit may take.
For a smaller business maybe itwould be any kind of business
(07:25):
interruption concern, especiallywhen margins are very thin.
Or is there a large onlinepresence where customers are
unable to use the services orbuy their inventory?
It can be quite sizable if theydon't have a fast-acting
solution either through acarrier or through a vendor.
(07:47):
It can add up pretty fast inways that they wouldn't have
imagined.
Scott Gordon (07:51):
Clearly, ransomware can deal a
devastating blow to any business, big or small, and I know that
we've touched on this a littlebit previously.
But what proactive steps canbusinesses take to strengthen
their defenses?
Hunter Maskill (08:04):
proactive steps can businesses take to
strengthen their defenses?
There's a ton of differentthings that exist in the
industry to help an insuredbecome a more valuable risk in
terms of insurance premiumscoming down, which is something
we're all very partial to, butalso just what makes them more
secure.
I think what we've gotten againbetter at in this cycle of the
market is saying not everythingapplies to every client.
(08:29):
So our clients that sit in thatSME segment of the portfolio
we're going to focus on reallythe core essentials.
Multi-factor authentication hasbecome kind of the seminal
one-stop.
If you're not going to haveanything else, let's start here.
But we also know that it's nota silver bullet and there's been
instances of people workingaround that.
(08:49):
But we want to see multi-factorauthentication.
We want to see it enabled forremote access to a network and
on an email platform.
We want to see backups that arestored offline or disconnected
from the network.
If you have that twocombinations of controls and you
sit in that, really that smallto medium business size, that's
(09:10):
kind of what the insuranceindustry is looking at as a
starting point.
Then from there, all the otherstuff that we do kind of ends up
on the sliding scale of are wegood, acceptable risk?
Are we better than the averagerisk?
Or do we sit in thisbest-in-class bucket at the very
top and get the absolute bestterms and conditions from a
carrier?
So there's that variation.
(09:31):
And then, as you go upstream interms of client size, you see
things like endpoint detectionand response technology, which
is called EDR, or sometimes MDRor XDR, which is really about if
something gets in and malwarestarts to run on a specific
computer device, it can stopthat malware, it can isolate it,
(09:53):
it can pull that machineoffline and contain it to where
it doesn't spread to the rest ofthe network.
So we have seen instances, andthe technology is so good, that
there are certain carriers outthere that look at specific EDR
providers and say, if you havethis platform deployed within
your network, we'll actuallygive you an extra 10, 15, 20%
(10:14):
credit because we believe in itso much.
So we've had clients of oursthat said, hey, look, we had
ransomware deployed on thisserver, this cluster of machines
, but we were running a specificEDR product.
That product contained itwithin these 10, these 20
machines.
So instead of having aransomware attack that takes
down the whole company, you havethis one little aspect of it.
(10:34):
That is really the affectedportion.
Obviously, in that world, likeChris was just saying, you don't
have the large businessinterruption outage.
As a company and talking aboutday-to-day implications you're
able to still function.
You're able to still conductbusiness, generate revenue,
which is all the things thatwe're certainly interested in.
And then the larger you go, ifyou get into large
(10:56):
enterprise-style clients, right,there are technologies that
they want to see.
They want to know that you have24 by 7 monitoring of your
network in the form of asecurity operations center.
They want to know that you are.
If something is going to happen,that you're going to catch it
in the fastest way, in thefastest time possible.
So we're going to happen thatyou're going to catch it in the
fastest way, the fastest timepossible.
So we're going to shrink thetime to response and that you've
(11:18):
tested an incident responseplan, just like we have fire
drills in schools.
You don't want the first timeyou're trying to figure out how
to get out of a building is whensomebody pulls the fire alarm.
Same thing with an IT issue, aransomware attack.
Don't be testing that the veryfirst time when you have a
ransomware attack.
So those things become moreimportant the larger you are as
(11:39):
a client or a customer.
But insurance companies, onceagain, have gotten really good
at discerning okay, this is thissize of risk, these are our
expectations and because they'vebeen so clear in their
messaging, we myself, chris whenwe come to a client, we can say
hey, your industry class yoursize in terms of revenues or
employee count.
We can intersect those twothings and say this is very
(12:03):
clearly what the insuranceindustry will expect of you and
we can create a better buyingexperience for our customers in
that way.
Chris Zepeda (12:09):
Yeah, to piggyback off of what Hunter said, an
incident response plan can besuch a great thing.
A lot of business owners orCTOs have said a day of a breach
has been one of the worstprofessional days of their
career.
So to have a little bit ofknowledge of what to do, who to
call, who to email when you havesuch a dramatic situation
(12:33):
unfolding is a great piece ofmind and preparation for a
business, no matter the size.
I'd also like to highlight, youknow, backups are great.
They really need to besegmented for them to work.
We've had clients where theyhad great up-to-date backups but
they were encrypted with therest of the data in a breach.
So unfortunately they did notreally help them in that
(12:55):
specific case.
And MFA being implemented fullyacross the entire network as
much as humanly possible.
There's also been situationswhere breaches have occurred on
the endpoints that didn't haveMFA.
It was 80%, 90% implemented andthe one that didn't have it.
That's how the bad actor got in.
So those are all ways to usetools properly to really secure
(13:19):
business.
Amanda Knight (13:20):
So you know, MFA, edr, having a good incident
response plan, I feel like thoseare, you know, very automated,
like sort of that steel wall ofdefense, right.
But then we also hear about therole that human error, you know
, that human element can play insomething like a ransomware
attack.
How do we guard against thepeople part?
(13:43):
How do we guard against thathuman error piece of this?
Hunter Maskill (13:46):
Yeah, you know, a long time ago, when we were,
you know, when ransomwareattacks were just becoming a
novelty, a concept.
You know, maybe almost a decadeago people were, you know, when
ransomware attacks were justbecoming a novelty, a concept.
You know, maybe almost a decadeago people were just kind of
starting to explore cyber andall the things that it can be.
You know, we were sitting on apanel one day and I heard an IT
security expert that I reallyrespect in the industry said
(14:07):
something that really stuck withme for a decade now.
He said right like, youremployees are your largest asset
as a company by far, but theyare also the most likely the
person that will make themistake that will lead to
whatever IT issue that you have,whether that's clicking on a
link or opening an attachmentthat they shouldn't or whatever
it may be.
So employee training isabsolutely critical.
(14:29):
It should be done, it should beone of those core controls.
We do it within CRC.
We have our consistentquarterly trainings and we would
encourage every single one ofour clients to have that sort of
consistent training thatthey're making sure that they're
doing.
However and this was the partthat I loved is you'll never
educate your way to zero.
You will never have ever haveso much training that somebody
(14:52):
won't click on that link, won'topen that email, won't do what
they're not supposed to do.
So on the back end, it iseducate, educate, educate and
then make sure that if they doclick that link, if they do open
that email, how do we make itnot matter that much?
Right, and so what happensgenerally is when you open that
email, click that link, enterthose credentials where you
(15:14):
shouldn't.
Right, the bad guy now hascontrol of you for, let's say,
my computer.
Right, they are nowhunter-masculine within the
environment.
But what does that mean?
Right, that means they can sendsome emails out.
That means that they can gointo some file shares, but that
doesn't mean that they have thekeys of the kingdom and can go
in and shut down the network.
So for them to execute a properransomware attack, they need to
(15:36):
do what we call escalateprivileges, which means go from
that end user that you phished,that you got their credentials
or that you got access to theirmachine and you got to get all
the way up to the keys of thekingdom, what we call a domain
administrator.
So how do they move from pointA to point B.
It depends a lot on the type ofthe entity, the infrastructure,
how many people have the keysof the kingdom.
(15:58):
There's a lot of differenttechnical factors that exist
there, but as many technicalfactors that exist, there are
technical controls that you canhave there.
You can have separation ofduties, you can have internal
MFA, so even those domainadministrators have to
multifactor if they're insidethe network, right, we always
think about external access.
(16:19):
There's MFA for internal, forthose privileged users.
There's implementing the EDRtechnology that we've talked
about, right, that can containthat there is monitoring on
those super sensitive assetsthat exist within an
organization.
So, you know, we move from theIT, which is kind of this human
training.
We got to talk about it, we gotto educate all the way through
(16:43):
the hey, if this all goes wrong,how do we make it not matter
that much?
Chris Zepeda (16:47):
And that's really focused on a lot of those
technical controls theseparation of duty, separation
of servers, and then theprotections built in around
there, phishing simulations canhelp employees, which will
probably be the way in, as youcan't, like Hunter said, you
can't make that 0%, but what doyou do when it does happen?
What controls do you have inplace when you do have an
(17:11):
employee error?
I think Hunter got that downpretty great for Amanda and
Scott.
Amanda Knight (17:16):
I know that we get fake phished all the time.
To try to train all of us, Iwant to report that I get a gold
star because I will report anemail to phishing all the time.
If I have any doubt I'm notclicking that.
Scott Gordon (17:29):
Yeah, an email to phishing all the time.
If I have any doubt I'm notclicking that.
Yeah, but even like, I considermyself pretty sophisticated
with that stuff.
Like amanda said, I'm sendingthem in all the time, but they
put one out one time that Iforget whether it was just like
absent-mindedness or force ofyou know, instinct or uh
whatever.
I hit it and they were like,uh-uh good thing, this wasn't
real scott.
And I was like, yeah good, yeah, good thing, because we all
(17:49):
have a lapse in judgmentsometimes.
Amanda Knight (17:51):
Yeah, I think it's when it hits you, when
you're super busy or distractedright and you don't really take
the time to look super carefully.
It can totally happen toanybody.
Scott Gordon (18:01):
I mean, and we've all worked for the place where
there's that one old guy whoalways forwards the email joke
or whatever.
But I'm not that guy and Istill got it.
So, on the flip side of things,how are insurers adjusting to
these threats and what shouldbusinesses look for in their
cyber policies?
Hunter Maskill (18:20):
Yeah, I mean I think you know we're in a soft
market cycle, as I said.
So right now we are it'sbuyer's friendly right, so we're
not seeing a lot of like newexclusions added to policies.
You know there's a couple ofsmall nuanced areas that we're
seeing, things like wrongfulcollection, which is nothing to
do with the data breach orransomware attack, collecting or
(18:43):
using data in violation of oneof these data privacy walls out
there.
And then there's a class actionlawsuit against the insured for
their data use practices or howthey're collecting data and it
could be as simple as just howyou're tracking cookies on your
website.
Those things are evolving at avery quick pace.
That's probably the most activearea that we see policy
language changing.
(19:04):
That's meaningful to ourinsured.
We're seeing a lot of carriersalso make changes around the war
exclusion and that's beingdriven by reinsurance markets
that are really moving towardslanguage that came out of London
a few years ago but in realitythat hasn't overly affected a
large swath of claims.
So right now the good news isit's still a good time to be a
(19:26):
buyer.
We're still making sure thatwe're looking for full limits.
There really shouldn't beanything sublimated on your
policy these days outside ofcrime, cybercrime being part of
a cyber policy.
Now we see that in terms ofwrongful transfers of money.
But other than that, theinsurance industry has responded
(19:47):
with very good, very broadpolicies that we've not seen.
But you're only going to getthat if you're buying a true
standalone policy from folkslike myself and Chris.
They're out there broking thisevery day.
If you're buying a bolt-on to aGL policy or you're relying on
the cyber within property formor something like that, you're
going to have a very differentclaim experience as opposed to
(20:08):
that standalone cyber market.
Chris Zepeda (20:10):
Yeah, and you know buyers should be careful on
business interruption.
Sometimes they are like it'sfull coverage but you look in
the details and it's sublimatedfor non-IT third-party BI or
something like that.
It'll have sublimits forcertain types of business
interruption is something to beaware of.
Amanda Knight (20:29):
I mean just listening to you all talk about,
you know the differencesbetween standalone policies and
add-ons, and you know you'reclearly just talking out of your
expertise and your knowledge,right, and it's just the
information just flows right onout.
So this is a complex topic andyou guys are so articulate about
it and you're wholesale brokers, right, obviously you're with
(20:52):
us.
So what difference does workingwith the right wholesaler
hopefully CRC make for agentsand insurers?
I mean, off the top of my head,I would say you know what
you're doing, you know whatyou're talking about, but is
there anything else you'd wantto highlight about the real
benefits of working with theright wholesaler?
Hunter Maskill (21:11):
Yeah, I think it's just how inherently unique
a cyber policy is.
Right, there's no ISO form.
There are hundreds of differentcarriers, hundreds of different
languages, different approaches.
There's nuances that if you'renot in this every day,
(21:41):
understanding the development ofboth walls that govern our
industry, as well as how thecyber policy is set up to
respond to those, then look hereI'll put this all together
under one form Conveniencefactor through the roof.
Obviously, for our retailpartners.
But are you truly getting thatbest-in-class experience?
And in a soft market cycleright now, where we are pushing
the boundaries and coveringthings that have been never
covered before, it's affordingour clients opportunities to
(22:04):
have claims covered that two,three years ago we wouldn't have
imagined being covered.
So you know there's, there'sthe ability to have that push
forward and I mentioned itbefore.
But I'm going to double downhere to say probably the single
most active area of coveragethat we are seeing changes in
and therefore importance tounderstand and know, is that non
(22:25):
breach or-attack violation of adata privacy law.
So what I'm doing with the dataI'm collecting for my customers
violates data privacy laws andI get sued.
And there's no data breach,there's no ransomware attack.
How does my insurance policyrespond.
A good chunk of the markets outthere are excluding that
outright, including some of theleading cyber markets are
(22:47):
excluding that outright,including some of the leading
cyber markets.
Then there's some people thatdo defense, some people that do
a sublimit, some people that tieit to how the individual client
writes their privacy policy.
Who knew about violationsinternally?
There's all these differentnuances to it, but with the
amount of class actions that areout there, it's super important
to understand that nuance.
And unless you're reading howthese laws are structured and
(23:08):
then how the policies arestructured to respond to those
laws, it's really reallydifficult to be in that.
So that's why we really diveinto the expertise level of what
we do, as opposed to looking atthis from a generalist state
and saying, look, I know thatthis particular carrier has
always done a really good job onmy GL, my property and I'm
going to give them a shot at thecyber.
Chris Zepeda (23:28):
And, on top of not having any kind of ISO forms,
different carriers use differentnames for the same coverage.
So you know, having thetraction and experience with the
carriers really helps beingable to compare the quality of
coverages and the type ofcoverages that one policy would
have from another and the typeof coverages that one policy
(23:48):
would have from another.
You know there's kind of nichecyber coverages that maybe are
not as common, depending on theexposure of a client, like is
there a bit of, you know,biometric exposure?
Do they do any pixel trackingright?
Like how important is thatwrongful collection of coverage
for this particular client?
So things like that areimportant that you need a
specialist to kind of helphighlight those exposures.
Scott Gordon (24:07):
Are there any other final thoughts you guys
want to add Anything on howbusinesses can stay ahead or any
other items?
Hunter Maskill (24:14):
For me, it's just a really exciting time to
be in this industry.
I joined the cyber world in2006.
So I'm coming up on 20 yearshere doing this, but it's just
never been this unique instanceof it, right?
But it's just never been thisunique instance of it, right,
like it feels like we got ourarms around everything that was
ransomware related, got a reallygood policy, really good
approach to responding to that,and now it's a lot of these
(24:35):
non-breach class action claims.
And then it's these okay, well,crime is fully in the cyber
world now, too.
What are we doing to make surethat our clients are covered for
large transfers of money orwrongful transfers of property
and not money?
Can that be covered?
(24:55):
So there's just all theseinteresting nuances of coverage
that have come up and developed.
And then we've obviously gotthe.
We haven't talked about it onthis one, this podcast as much,
but the overlay of AI and howthat's going to fit into
everything that's going on.
We haven't really seen any ofthe carriers step out and do
anything from a restrictivestandpoint.
We've seen a couple of carriersadd affirmative grants that
probably didn't really make muchof a difference in terms of
(25:16):
coverage, but it's nice to seehey, we're affirmatively
covering anything that wasAI-driven on the policy as well.
For me, the most importantthing that we do for our clients
is to sit down, look at a risk,make sure that the client
understands what we see theirexposures, as Chris and I see
thousands and thousands of thesea year Like.
Let us help you with that levelof experience, understand what
(25:40):
your risk is from the claimsthat we've seen from other
clients that look a lot like you, and then make sure that we're
crafting a policy to get thatrisk insured at the best
possible rate.
And all of those things arevery possible, very doable in
today's world, which just makesit an exciting time to be in
cyber.
Chris Zepeda (25:58):
It would be good to keep an eye on kind of like
the global level of ransomwareand the news that go on with
that.
You know, know, the kind ofunique thing with fiber is that
there's always new kind of uhthreats out there, new ways
actors to to cause issues forbusinesses or or litigation
issues as well, right, when newtopics come up.
Um, it'd be, you know, like thepixel pixel claims that weren't
(26:21):
even a thing a decade or twoago.
So it's a bit innovative forthe space.
You want to keep an eye on it.
Scott Gordon (26:29):
When we talk about market trends it's like what's
going on this year.
I'm like, well, in cyber it'smore like what's going on this
week, because it's soquick-moving and changing.
That's true.
But you guys are fantastic andI always learn a lot about this
stuff when we touch on thissubject because it's so fast
(26:49):
moving.
But we're done with the hardpart.
Now we're to the fun part, alittle segment that Amanda and I
like to call Rapid Fire, whereyou guys just answer off the top
of your head to a few questions.
So don't think about it toomuch, just go with what from the
hip.
Our first question.
Don't think about it too much,just go with what from the hip.
Our first question.
If you could have an unlimitedsupply of one thing, one thing
(27:11):
only, what would it be?
Hunter Maskill (27:14):
Pizza.
Well, I'll join him and I'd saygood red wine, and I think
those two things could gotogether.
There you go.
Scott Gordon (27:21):
Solid answers, all right.
So originally this was going tobe a holiday related issue.
Amanda Knight (27:26):
Yes.
Scott Gordon (27:27):
Episode, rather, and the holidays are upon us,
guys.
They're coming up.
In just 11 short months fromnow, the holidays will be upon
us.
So what's your favorite holidaythough Year round?
What is it that you lookforward to the most?
Hunter Maskill (27:41):
July 4th and it's not even close for me.
You're on the other side of 7-1, and that's the biggest reason
in insurance to celebrate.
Scott Gordon (27:48):
I like it Very topical Fair enough.
Chris Zepeda (27:50):
Maybe Thanksgiving for me, just because it's kind
of like the kickoff to the realwinter in the holiday season.
Thanksgiving to all.
Amanda Knight (27:59):
I mean, it's a holiday surrounded by food you
don't have to worry about, likebuying anybody presents.
Scott Gordon (28:04):
I get it, I agree to worry about, like buying
anybody presents.
I get it, I agree.
I like thanksgiving.
It's usually warm and fuzzy.
Uh.
So and our final question, onesubject you would like to learn
more about, not insurancerelated, though not insurance
related for me it's pilots andflying.
Hunter Maskill (28:19):
I think just the fact that those that size of
anything can fly is justmesmerizing to me.
Chris Zepeda (28:26):
Always has been sure yeah, marine biology for me
um just really like ocean,ocean life well, you're in the
perfect place for that.
Amanda Knight (28:35):
Yeah, that's true , florida right y'all have such
great answers.
Scott Gordon (28:38):
Mine would have been like I'd like to know more
about a beer or somethingridiculous, you know.
So those were good answers.
Amanda Knight (28:48):
What can we say?
We're surrounded by reallysmart people.
Scott Gordon (28:51):
I know they're so intelligent and they actually
bring so much to CRC and thepeople that work with us.
Amanda Knight (29:02):
Well, hunter and Chris, thank you so much for
joining us today.
This was a fun one.
If you're a listener, don'tforget to subscribe and share.
There is actually also awritten companion piece that you
can find that came out beforethis podcast episode.
It's on the CRC website atcrcgroupcom, under tools and
intel.
You can also reach out to yourCRC group broker for more
(29:24):
tailored advice and guidance.
Providing current insights intothe marketplace is just one
more way.
Crc Group broker for moretailored advice and guidance
Providing current insights intothe marketplace is just one more
way CRC Group is placing youfirst.
We'll see you next time.
Welcome back to the Placing you First podcast.
Today we're tackling theevolving ransomware threat and
the critical role that cyberinsurance plays.
We're joined by Hunter Maskell,a director with the CRC
InsureTrust Cyber Practice Group, as well as CRC Professional
Lines broker, chris Zepeda.
This is the Placing you Firstpodcast from CRC Group.
Scott Gordon (00:21):
This podcast features news and insights from
a vast knowledge base of over5,100 associates who write more
than $35 billion in premiumannually.
Amanda Knight (00:30):
Plus, we give you the latest information on
what's happening at CRC thisthis.
Hunter Maskill (00:35):
this is the Placing you First podcast, and
now the hosts of the podcastAmanda Knight and Scott Gordon.
Amanda Knight (00:42):
Thanks for joining us, guys, Thanks for
having us.
Scott Gordon (00:45):
Yeah well, let's get right to it, fellas.
Ransomware attacks areobviously increasingly
sophisticated we're hearing thisevery day With double and
triple extortion tacticsbecoming very commonplace.
So what trends are we seeing aswe head into 2025?
Now?
Hunter Maskill (01:03):
Yeah, thanks, scott.
I appreciate that.
You know we're hearing from avast majority of the carrier
partners we speak with is thatransomware continues to be up.
So if you go back a couple ofyears, into 2022, there was a
very significant drop off thatwas mostly attributed to the war
in Russia and Ukraine, and thenwe've kind of seen it tick back
up consistently over the lastcouple of years.
(01:26):
As we enter 25, I think that'scertainly on the forefront of
all of our carriers' minds andjust in the market in general is
that claims continue toincrease.
We're trending back very closeto the levels of 20 and 21,
where we saw those all-timehighs.
And it's not just theindividual attack, right, we're
concerned with any sort of likesystemic or industry impacting
(01:48):
attacks.
So we saw, you know, changehealthcare in the healthcare
industry and CDK, and both in2024, that were major systemic
events across a certain industryand we even saw the CrowdStrike
outage across all industriesfor anybody that used that
platform as a systemic event in2024.
(02:09):
That's the really keep you upat night.
Most carriers are financiallypositioned to be able to pay a
claim for any one customer.
What concerns them is ifthere's a single event that hits
75% of their book.
Chris Zepeda (02:23):
Chris, you got anything you want to add yeah,
no, I would say, like Huntermentioned, claims are on the
rise, but it's not like 20 and21, which was like the highest
the cyber market had ever seen.
Amanda Knight (02:36):
In regards to some widespread, like systematic
events, to the point where theaverage person saw the effects.
So, with that in mind, what canwe say about the real world
impacts that are hittingbusinesses?
Hunter Maskill (02:52):
Yeah, I think there's a couple of things that
we think about in the way thatbreaks down across our clients.
There are specific aspects of aclaim, whether that's breach
recovery, whether that's a classaction lawsuit that comes on
the back of it, whether that's abusiness interruption claim,
right, lost revenue that comesas a result of an outage.
(03:12):
You know we've gotten reallygood at the very first part of
that incident response rightthat how to hire a breach coach,
how to hire a forensic vendorthose costs continue to be
refined, managed, when managedproperly, can actually be, you
know, quite reasonable for thework that's being done.
I think the real world impactthat we're most concerned with
from a cost perspective is therising cost of what business
(03:37):
interruption claims are causingright.
So when clients are down or outor unable to conduct their
business operations because ofthe time that their networks are
offline, those are certainlyrising, those are certainly more
complex.
It's the most difficult portionof a claim to adjust.
And then, when we get intoclass actions, we're seeing a
significant rise in the amountof litigation or regulatory
(04:00):
investigations that happen onthe back end of a ransomware
attack, or even not a ransomwareattack in instances where it's
just data theft.
Quite often, if you have tonotice any reasonable size of
population that their data couldhave been compromised, you're
seeing a class action filedwithin a week or two weeks after
(04:22):
that and quite often several ofthose that are going to end up
being consolidated into a singlematter.
So we're seeing all of thosethings fit together for our
clients to say we're gettingbetter at the incident response,
but the longer the tailexposure that starts to exist,
which is business interruptionclaims and the actual litigation
(04:43):
that follows on the back end ofthis or the regulatory
investigation on the back end ofthis, those things are driving
costs up in the cost of a claimfor our clients and are really
becoming a little bit moretricky in terms of, okay, what's
the proper amount of limit tobuy?
How do we ensure that we areprotecting ourselves and not
leaving any risk uninsured?
(05:04):
I think the last thing to thinkabout is the okay, we talked
about that increase in the sizeof the claim.
What does that mean for me interms of real world impact on my
premium?
Despite all of that, the marketremains relatively soft, which
means it's a buyer's market.
There's favorable terms andconditions for our clients out
(05:24):
there to be had.
There's a lot of competitionfor our business.
So while we're having a rise inclaim and have continued over
the last couple of years to seethat we're not seeing a
corresponding change in pricingand a great restriction in
coverage but you don't have tobe a real market expert or real
(05:46):
market savant to see that thosetwo things can't continue in
perpetuity, forever, can't havea rise in claims and a decrease
in pricing forever.
So there will be an inflectionpoint and that will be a very
real world impact.
I think what we are all mostconcerned with is not going back
to the pricing experience of2020 and 2021, which was here's
(06:08):
your 50% increase and it doesn'tmatter what you're doing, or
here's your 100% increase and itdoesn't matter what you're
doing.
I think this time around we'vegotten a lot better at risk
analysis, risk selection as anindustry, which will allow us to
be a little bit more targeted.
We've already seen the firstcouple of those maybe an
insurance company stepping outand saying we need a little bit
(06:28):
of rate in this portion of ourbook, but the rest of it still
performing well and we're stillhealthy and we're still open for
competition there.
So there's just different waysthat this whenever the next
firming of the market cyclehappens.
Chris Zepeda (06:42):
There's a lot of reasons to think it won't look
like the last one For businesses, a way that a claim could
affect them beyond what they maythink that being obvious would
be.
I think forensic investigationscan be a bit more expensive,
especially for a slightly morecomplex insurer, than maybe they
realize, especially if theydon't have a tool like EDR share
(07:05):
.
Then maybe they realize,especially if they don't have a
tool like EDR, where they canpinpoint a lot more data of how
a bad actor accessed theirnetwork.
It may be a land fee to try tofind out if the bad actor is
still involved or not, and themore complex and the larger the
network, the more time and moneyit may take.
For a smaller business maybe itwould be any kind of business
(07:25):
interruption concern, especiallywhen margins are very thin.
Or is there a large onlinepresence where customers are
unable to use the services orbuy their inventory?
It can be quite sizable if theydon't have a fast-acting
solution either through acarrier or through a vendor.
(07:47):
It can add up pretty fast inways that they wouldn't have
imagined.
Scott Gordon (07:51):
Clearly, ransomware can deal a
devastating blow to any business, big or small, and I know that
we've touched on this a littlebit previously.
But what proactive steps canbusinesses take to strengthen
their defenses?
Hunter Maskill (08:04):
proactive steps can businesses take to
strengthen their defenses?
There's a ton of differentthings that exist in the
industry to help an insuredbecome a more valuable risk in
terms of insurance premiumscoming down, which is something
we're all very partial to, butalso just what makes them more
secure.
I think what we've gotten againbetter at in this cycle of the
market is saying not everythingapplies to every client.
(08:29):
So our clients that sit in thatSME segment of the portfolio
we're going to focus on reallythe core essentials.
Multi-factor authentication hasbecome kind of the seminal
one-stop.
If you're not going to haveanything else, let's start here.
But we also know that it's nota silver bullet and there's been
instances of people workingaround that.
(08:49):
But we want to see multi-factorauthentication.
We want to see it enabled forremote access to a network and
on an email platform.
We want to see backups that arestored offline or disconnected
from the network.
If you have that twocombinations of controls and you
sit in that, really that smallto medium business size, that's
(09:10):
kind of what the insuranceindustry is looking at as a
starting point.
Then from there, all the otherstuff that we do kind of ends up
on the sliding scale of are wegood, acceptable risk?
Are we better than the averagerisk?
Or do we sit in thisbest-in-class bucket at the very
top and get the absolute bestterms and conditions from a
carrier?
So there's that variation.
(09:31):
And then, as you go upstream interms of client size, you see
things like endpoint detectionand response technology, which
is called EDR, or sometimes MDRor XDR, which is really about if
something gets in and malwarestarts to run on a specific
computer device, it can stopthat malware, it can isolate it,
(09:53):
it can pull that machineoffline and contain it to where
it doesn't spread to the rest ofthe network.
So we have seen instances, andthe technology is so good, that
there are certain carriers outthere that look at specific EDR
providers and say, if you havethis platform deployed within
your network, we'll actuallygive you an extra 10, 15, 20%
(10:14):
credit because we believe in itso much.
So we've had clients of oursthat said, hey, look, we had
ransomware deployed on thisserver, this cluster of machines
, but we were running a specificEDR product.
That product contained itwithin these 10, these 20
machines.
So instead of having aransomware attack that takes
down the whole company, you havethis one little aspect of it.
(10:34):
That is really the affectedportion.
Obviously, in that world, likeChris was just saying, you don't
have the large businessinterruption outage.
As a company and talking aboutday-to-day implications you're
able to still function.
You're able to still conductbusiness, generate revenue,
which is all the things thatwe're certainly interested in.
And then the larger you go, ifyou get into large
(10:56):
enterprise-style clients, right,there are technologies that
they want to see.
They want to know that you have24 by 7 monitoring of your
network in the form of asecurity operations center.
They want to know that you are.
If something is going to happen,that you're going to catch it
in the fastest way, in thefastest time possible.
So we're going to happen thatyou're going to catch it in the
fastest way, the fastest timepossible.
So we're going to shrink thetime to response and that you've
(11:18):
tested an incident responseplan, just like we have fire
drills in schools.
You don't want the first timeyou're trying to figure out how
to get out of a building is whensomebody pulls the fire alarm.
Same thing with an IT issue, aransomware attack.
Don't be testing that the veryfirst time when you have a
ransomware attack.
So those things become moreimportant the larger you are as
(11:39):
a client or a customer.
But insurance companies, onceagain, have gotten really good
at discerning okay, this is thissize of risk, these are our
expectations and because they'vebeen so clear in their
messaging, we myself, chris whenwe come to a client, we can say
hey, your industry class yoursize in terms of revenues or
employee count.
We can intersect those twothings and say this is very
(12:03):
clearly what the insuranceindustry will expect of you and
we can create a better buyingexperience for our customers in
that way.
Chris Zepeda (12:09):
Yeah, to piggyback off of what Hunter said, an
incident response plan can besuch a great thing.
A lot of business owners orCTOs have said a day of a breach
has been one of the worstprofessional days of their
career.
So to have a little bit ofknowledge of what to do, who to
call, who to email when you havesuch a dramatic situation
(12:33):
unfolding is a great piece ofmind and preparation for a
business, no matter the size.
I'd also like to highlight, youknow, backups are great.
They really need to besegmented for them to work.
We've had clients where theyhad great up-to-date backups but
they were encrypted with therest of the data in a breach.
So unfortunately they did notreally help them in that
(12:55):
specific case.
And MFA being implemented fullyacross the entire network as
much as humanly possible.
There's also been situationswhere breaches have occurred on
the endpoints that didn't haveMFA.
It was 80%, 90% implemented andthe one that didn't have it.
That's how the bad actor got in.
So those are all ways to usetools properly to really secure
(13:19):
business.
Amanda Knight (13:20):
So you know, MFA, edr, having a good incident
response plan, I feel like thoseare, you know, very automated,
like sort of that steel wall ofdefense, right.
But then we also hear about therole that human error, you know
, that human element can play insomething like a ransomware
attack.
How do we guard against thepeople part?
(13:43):
How do we guard against thathuman error piece of this?
Hunter Maskill (13:46):
Yeah, you know, a long time ago, when we were,
you know, when ransomwareattacks were just becoming a
novelty, a concept.
You know, maybe almost a decadeago people were, you know, when
ransomware attacks were justbecoming a novelty, a concept.
You know, maybe almost a decadeago people were just kind of
starting to explore cyber andall the things that it can be.
You know, we were sitting on apanel one day and I heard an IT
security expert that I reallyrespect in the industry said
(14:07):
something that really stuck withme for a decade now.
He said right like, youremployees are your largest asset
as a company by far, but theyare also the most likely the
person that will make themistake that will lead to
whatever IT issue that you have,whether that's clicking on a
link or opening an attachmentthat they shouldn't or whatever
it may be.
So employee training isabsolutely critical.
(14:29):
It should be done, it should beone of those core controls.
We do it within CRC.
We have our consistentquarterly trainings and we would
encourage every single one ofour clients to have that sort of
consistent training thatthey're making sure that they're
doing.
However and this was the partthat I loved is you'll never
educate your way to zero.
You will never have ever haveso much training that somebody
(14:52):
won't click on that link, won'topen that email, won't do what
they're not supposed to do.
So on the back end, it iseducate, educate, educate and
then make sure that if they doclick that link, if they do open
that email, how do we make itnot matter that much?
Right, and so what happensgenerally is when you open that
email, click that link, enterthose credentials where you
(15:14):
shouldn't.
Right, the bad guy now hascontrol of you for, let's say,
my computer.
Right, they are nowhunter-masculine within the
environment.
But what does that mean?
Right, that means they can sendsome emails out.
That means that they can gointo some file shares, but that
doesn't mean that they have thekeys of the kingdom and can go
in and shut down the network.
So for them to execute a properransomware attack, they need to
(15:36):
do what we call escalateprivileges, which means go from
that end user that you phished,that you got their credentials
or that you got access to theirmachine and you got to get all
the way up to the keys of thekingdom, what we call a domain
administrator.
So how do they move from pointA to point B.
It depends a lot on the type ofthe entity, the infrastructure,
how many people have the keysof the kingdom.
(15:58):
There's a lot of differenttechnical factors that exist
there, but as many technicalfactors that exist, there are
technical controls that you canhave there.
You can have separation ofduties, you can have internal
MFA, so even those domainadministrators have to
multifactor if they're insidethe network, right, we always
think about external access.
(16:19):
There's MFA for internal, forthose privileged users.
There's implementing the EDRtechnology that we've talked
about, right, that can containthat there is monitoring on
those super sensitive assetsthat exist within an
organization.
So, you know, we move from theIT, which is kind of this human
training.
We got to talk about it, we gotto educate all the way through
(16:43):
the hey, if this all goes wrong,how do we make it not matter
that much?
Chris Zepeda (16:47):
And that's really focused on a lot of those
technical controls theseparation of duty, separation
of servers, and then theprotections built in around
there, phishing simulations canhelp employees, which will
probably be the way in, as youcan't, like Hunter said, you
can't make that 0%, but what doyou do when it does happen?
What controls do you have inplace when you do have an
(17:11):
employee error?
I think Hunter got that downpretty great for Amanda and
Scott.
Amanda Knight (17:16):
I know that we get fake phished all the time.
To try to train all of us, Iwant to report that I get a gold
star because I will report anemail to phishing all the time.
If I have any doubt I'm notclicking that.
Scott Gordon (17:29):
Yeah, an email to phishing all the time.
If I have any doubt I'm notclicking that.
Yeah, but even like, I considermyself pretty sophisticated
with that stuff.
Like amanda said, I'm sendingthem in all the time, but they
put one out one time that Iforget whether it was just like
absent-mindedness or force ofyou know, instinct or uh
whatever.
I hit it and they were like,uh-uh good thing, this wasn't
real scott.
And I was like, yeah good, yeah, good thing, because we all
(17:49):
have a lapse in judgmentsometimes.
Amanda Knight (17:51):
Yeah, I think it's when it hits you, when
you're super busy or distractedright and you don't really take
the time to look super carefully.
It can totally happen toanybody.
Scott Gordon (18:01):
I mean, and we've all worked for the place where
there's that one old guy whoalways forwards the email joke
or whatever.
But I'm not that guy and Istill got it.
So, on the flip side of things,how are insurers adjusting to
these threats and what shouldbusinesses look for in their
cyber policies?
Hunter Maskill (18:20):
Yeah, I mean I think you know we're in a soft
market cycle, as I said.
So right now we are it'sbuyer's friendly right, so we're
not seeing a lot of like newexclusions added to policies.
You know there's a couple ofsmall nuanced areas that we're
seeing, things like wrongfulcollection, which is nothing to
do with the data breach orransomware attack, collecting or
(18:43):
using data in violation of oneof these data privacy walls out
there.
And then there's a class actionlawsuit against the insured for
their data use practices or howthey're collecting data and it
could be as simple as just howyou're tracking cookies on your
website.
Those things are evolving at avery quick pace.
That's probably the most activearea that we see policy
language changing.
(19:04):
That's meaningful to ourinsured.
We're seeing a lot of carriersalso make changes around the war
exclusion and that's beingdriven by reinsurance markets
that are really moving towardslanguage that came out of London
a few years ago but in realitythat hasn't overly affected a
large swath of claims.
So right now the good news isit's still a good time to be a
(19:26):
buyer.
We're still making sure thatwe're looking for full limits.
There really shouldn't beanything sublimated on your
policy these days outside ofcrime, cybercrime being part of
a cyber policy.
Now we see that in terms ofwrongful transfers of money.
But other than that, theinsurance industry has responded
(19:47):
with very good, very broadpolicies that we've not seen.
But you're only going to getthat if you're buying a true
standalone policy from folkslike myself and Chris.
They're out there broking thisevery day.
If you're buying a bolt-on to aGL policy or you're relying on
the cyber within property formor something like that, you're
going to have a very differentclaim experience as opposed to
(20:08):
that standalone cyber market.
Chris Zepeda (20:10):
Yeah, and you know buyers should be careful on
business interruption.
Sometimes they are like it'sfull coverage but you look in
the details and it's sublimatedfor non-IT third-party BI or
something like that.
It'll have sublimits forcertain types of business
interruption is something to beaware of.
Amanda Knight (20:29):
I mean just listening to you all talk about,
you know the differencesbetween standalone policies and
add-ons, and you know you'reclearly just talking out of your
expertise and your knowledge,right, and it's just the
information just flows right onout.
So this is a complex topic andyou guys are so articulate about
it and you're wholesale brokers, right, obviously you're with
(20:52):
us.
So what difference does workingwith the right wholesaler
hopefully CRC make for agentsand insurers?
I mean, off the top of my head,I would say you know what
you're doing, you know whatyou're talking about, but is
there anything else you'd wantto highlight about the real
benefits of working with theright wholesaler?
Hunter Maskill (21:11):
Yeah, I think it's just how inherently unique
a cyber policy is.
Right, there's no ISO form.
There are hundreds of differentcarriers, hundreds of different
languages, different approaches.
There's nuances that if you'renot in this every day,
(21:41):
understanding the development ofboth walls that govern our
industry, as well as how thecyber policy is set up to
respond to those, then look hereI'll put this all together
under one form Conveniencefactor through the roof.
Obviously, for our retailpartners.
But are you truly getting thatbest-in-class experience?
And in a soft market cycleright now, where we are pushing
the boundaries and coveringthings that have been never
covered before, it's affordingour clients opportunities to
(22:04):
have claims covered that two,three years ago we wouldn't have
imagined being covered.
So you know there's, there'sthe ability to have that push
forward and I mentioned itbefore.
But I'm going to double downhere to say probably the single
most active area of coveragethat we are seeing changes in
and therefore importance tounderstand and know, is that non
(22:25):
breach or-attack violation of adata privacy law.
So what I'm doing with the dataI'm collecting for my customers
violates data privacy laws andI get sued.
And there's no data breach,there's no ransomware attack.
How does my insurance policyrespond.
A good chunk of the markets outthere are excluding that
outright, including some of theleading cyber markets are
(22:47):
excluding that outright,including some of the leading
cyber markets.
Then there's some people thatdo defense, some people that do
a sublimit, some people that tieit to how the individual client
writes their privacy policy.
Who knew about violationsinternally?
There's all these differentnuances to it, but with the
amount of class actions that areout there, it's super important
to understand that nuance.
And unless you're reading howthese laws are structured and
(23:08):
then how the policies arestructured to respond to those
laws, it's really reallydifficult to be in that.
So that's why we really diveinto the expertise level of what
we do, as opposed to looking atthis from a generalist state
and saying, look, I know thatthis particular carrier has
always done a really good job onmy GL, my property and I'm
going to give them a shot at thecyber.
Chris Zepeda (23:28):
And, on top of not having any kind of ISO forms,
different carriers use differentnames for the same coverage.
So you know, having thetraction and experience with the
carriers really helps beingable to compare the quality of
coverages and the type ofcoverages that one policy would
have from another and the typeof coverages that one policy
(23:48):
would have from another.
You know there's kind of nichecyber coverages that maybe are
not as common, depending on theexposure of a client, like is
there a bit of, you know,biometric exposure?
Do they do any pixel trackingright?
Like how important is thatwrongful collection of coverage
for this particular client?
So things like that areimportant that you need a
specialist to kind of helphighlight those exposures.
Scott Gordon (24:07):
Are there any other final thoughts you guys
want to add Anything on howbusinesses can stay ahead or any
other items?
Hunter Maskill (24:14):
For me, it's just a really exciting time to
be in this industry.
I joined the cyber world in2006.
So I'm coming up on 20 yearshere doing this, but it's just
never been this unique instanceof it, right?
But it's just never been thisunique instance of it, right,
like it feels like we got ourarms around everything that was
ransomware related, got a reallygood policy, really good
approach to responding to that,and now it's a lot of these
(24:35):
non-breach class action claims.
And then it's these okay, well,crime is fully in the cyber
world now, too.
What are we doing to make surethat our clients are covered for
large transfers of money orwrongful transfers of property
and not money?
Can that be covered?
(24:55):
So there's just all theseinteresting nuances of coverage
that have come up and developed.
And then we've obviously gotthe.
We haven't talked about it onthis one, this podcast as much,
but the overlay of AI and howthat's going to fit into
everything that's going on.
We haven't really seen any ofthe carriers step out and do
anything from a restrictivestandpoint.
We've seen a couple of carriersadd affirmative grants that
probably didn't really make muchof a difference in terms of
(25:16):
coverage, but it's nice to seehey, we're affirmatively
covering anything that wasAI-driven on the policy as well.
For me, the most importantthing that we do for our clients
is to sit down, look at a risk,make sure that the client
understands what we see theirexposures, as Chris and I see
thousands and thousands of thesea year Like.
Let us help you with that levelof experience, understand what
(25:40):
your risk is from the claimsthat we've seen from other
clients that look a lot like you, and then make sure that we're
crafting a policy to get thatrisk insured at the best
possible rate.
And all of those things arevery possible, very doable in
today's world, which just makesit an exciting time to be in
cyber.
Chris Zepeda (25:58):
It would be good to keep an eye on kind of like
the global level of ransomwareand the news that go on with
that.
You know, know, the kind ofunique thing with fiber is that
there's always new kind of uhthreats out there, new ways
actors to to cause issues forbusinesses or or litigation
issues as well, right, when newtopics come up.
Um, it'd be, you know, like thepixel pixel claims that weren't
(26:21):
even a thing a decade or twoago.
So it's a bit innovative forthe space.
You want to keep an eye on it.
Scott Gordon (26:29):
When we talk about market trends it's like what's
going on this year.
I'm like, well, in cyber it'smore like what's going on this
week, because it's soquick-moving and changing.
That's true.
But you guys are fantastic andI always learn a lot about this
stuff when we touch on thissubject because it's so fast
(26:49):
moving.
But we're done with the hardpart.
Now we're to the fun part, alittle segment that Amanda and I
like to call Rapid Fire, whereyou guys just answer off the top
of your head to a few questions.
So don't think about it toomuch, just go with what from the
hip.
Our first question.
Don't think about it too much,just go with what from the hip.
Our first question.
If you could have an unlimitedsupply of one thing, one thing
(27:11):
only, what would it be?
Hunter Maskill (27:14):
Pizza.
Well, I'll join him and I'd saygood red wine, and I think
those two things could gotogether.
There you go.
Scott Gordon (27:21):
Solid answers, all right.
So originally this was going tobe a holiday related issue.
Amanda Knight (27:26):
Yes.
Scott Gordon (27:27):
Episode, rather, and the holidays are upon us,
guys.
They're coming up.
In just 11 short months fromnow, the holidays will be upon
us.
So what's your favorite holidaythough Year round?
What is it that you lookforward to the most?
Hunter Maskill (27:41):
July 4th and it's not even close for me.
You're on the other side of 7-1, and that's the biggest reason
in insurance to celebrate.
Scott Gordon (27:48):
I like it Very topical Fair enough.
Chris Zepeda (27:50):
Maybe Thanksgiving for me, just because it's kind
of like the kickoff to the realwinter in the holiday season.
Thanksgiving to all.
Amanda Knight (27:59):
I mean, it's a holiday surrounded by food you
don't have to worry about, likebuying anybody presents.
Scott Gordon (28:04):
I get it, I agree to worry about, like buying
anybody presents.
I get it, I agree.
I like thanksgiving.
It's usually warm and fuzzy.
Uh.
So and our final question, onesubject you would like to learn
more about, not insurancerelated, though not insurance
related for me it's pilots andflying.
Hunter Maskill (28:19):
I think just the fact that those that size of
anything can fly is justmesmerizing to me.
Chris Zepeda (28:26):
Always has been sure yeah, marine biology for me
um just really like ocean,ocean life well, you're in the
perfect place for that.
Amanda Knight (28:35):
Yeah, that's true , florida right y'all have such
great answers.
Scott Gordon (28:38):
Mine would have been like I'd like to know more
about a beer or somethingridiculous, you know.
So those were good answers.
Amanda Knight (28:48):
What can we say?
We're surrounded by reallysmart people.
Scott Gordon (28:51):
I know they're so intelligent and they actually
bring so much to CRC and thepeople that work with us.
Amanda Knight (29:02):
Well, hunter and Chris, thank you so much for
joining us today.
This was a fun one.
If you're a listener, don'tforget to subscribe and share.
There is actually also awritten companion piece that you
can find that came out beforethis podcast episode.
It's on the CRC website atcrcgroupcom, under tools and
intel.
You can also reach out to yourCRC group broker for more
(29:24):
tailored advice and guidance.
Providing current insights intothe marketplace is just one
more way.
Crc Group broker for moretailored advice and guidance
Providing current insights intothe marketplace is just one more
way CRC Group is placing youfirst.
We'll see you next time.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.