Skip to main content


Risk in Context Podcast: Debunking common cyber insurance myths

An expanded threat landscape and more sophisticated and persistent attackers are leading to an increase in the number and types of cyberattacks that can cripple a company.
Two smiling diverse businesspeople using a laptop together

An expanded threat landscape and more sophisticated and persistent attackers are leading to an increase in the number and types of cyberattacks that can cripple a company. Related claims have skyrocketed, leading to higher insurance rates and further underwriting scrutiny. But there is still a widespread misunderstanding of the value of cyber insurance.

In this episode of Risk in Context, Brian Warszona, Marsh’s UK Cyber Deputy Practice Leader, talks to Rachel Lavender, Marsh’s Southeast Zone Cyber Practice Leader, and Philippe Cotelle, who sits on the board of the Federation of European Risk Management Associations, about three common cyber insurance myths. This episode also features an interview with Jamil Farshchi, Chief Information Security Officer at Equifax.

Google Podcast Apple Podcast Spotify Podcast
Download transcript

Key takeaways

Even companies with good cyber hygiene benefit from cyber coverage

Cyber controls do not eliminate cyber risk. Today’s challenging threat landscape has made it more difficult for organizations to defend against cyberattackers. Cyber insurance provides an additional layer of protection.

Detailed underwriting process is critical to secure appropriate coverage

More than ever, underwriters are asking for detailed information about a company’s risks, making the process seem cumbersome. However, underwriting scrutiny should be seen as a pressure test of a company’s cyber hygiene controls and identify potential areas of improvement.

Insurance can help companies respond following a cyber incident

Some organizations, especially small- and medium-sized companies, may not have the structures and resources to respond to a cyber incident. When the worst happens, they can rely on their carrier to help them take the necessary action to minimize the impact of an event.

About our speakers

Brian Warszona

Brian Warszona

Global Cyber Digital Leader

Brian Warszona is the Deputy Practice Leader for Marsh’s FINPRO Cyber, Media & Technology Practice in the UK. He is responsible for connecting the cyber expertise within the UK and globally to the different businesses within Marsh and enhancing client engagement through supporting the UK Cyber Practice.

Placeholder Image

Rachel Lavender

US and Canada Cyber Brokerage Leader

Based in Washington, DC, Rachel Lavender leads the Southeast Zone for Marsh’s US and Canada Cyber Practice. She is responsible for executing the firm’s cyber strategy for her clients, supervising the team across the region, developing marketplace strategies, and crafting solutions to address cyber risks. This experience contributes to a broad view of the exposures and challenges organizations face and of the availability of coverages in today’s insurance marketplace.

Philippe Cotelle

Philippe Cotelle

Vice President, Federation of European Risk Management Associations

Philippe Cotelle is the vice president of the Federation of European Risk Management Associations and chairs its European Digital Committee. He is a board member of AMRAE and presides over its cyber commission. He is also the head of insurance risk management at Airbus Defense and Space and coordinates the cyber insurance program for Airbus Group.

Jamil Farshchi

Jamil Farshchi

Chief Information Security Officer, Equifax

Jamil Farshchi is executive vice president and Chief Information Security Officer of Equifax. He joined Equifax in the aftermath of one of the most consequential data breaches in history and led an unprecedented US$1.5 billion transformation. He has built what is regarded as one of the most advanced, effective, and transparent cybersecurity and privacy programs in business today.

Related insights