Get the Skills you need from Home with SANS Online Training - Special Offers Available Now


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Bridging the Insurance/InfoSec Gap: The SANS 2016 Cyber Insurance Survey

  • Tuesday, June 21, 2016 at 1:00 PM EDT (2016-06-21 17:00:00 UTC)
  • Barbara Filkins, Benjamin Wright, Dave Bradford, Julian Waits


  • PivotPoint Risk Analytics

You can now attend the webcast using your mobile device!



Information security specialists and insurance underwriters have been thrown together by corporate managers terrified by headlines about record numbers of data breaches and desperate to find financial protection should the worst happen to them. Insurers are flocking to the burgeoning market, but wondering how they can provide financial protection for customers in an environment in which they can't define how seriously they are at risk themselves.

Information security specialists see the basic protections underwriters require as prerequisites and wonder if the sophisticated, best-practices driven policies they enforce will become a reason to deny coverage later because they go beyond the limited requirements demanded by underwriters.

The gap is narrowing, but is still wide and dangerous, as you'd expect of any two groups charged with cooperating to defend an organization from attack without even being able to agree what they both mean by the word "risk."

By signing up for this webcast you become part of the discussion and of the survey that will provide many of the answers presented jointly by SANS Institute and insurance-industry counterpart Advisen, Ltd. And by sponsor PivotPoint Risk Analytics. Get highlights of the survey from our panel of experts, who will also talk about the development of cybersecurity standards, legislation, and acceptable levels of risk and how to create sustainable digital and financial protection in a cyber environment that gets more threatening every day.

View the associated whitepaper here.

In Conjunction With:

Data Breach Summit

Assessment, Compliance & Communication
August 18 | Chicago, IL
More Info:

Join us at the Data Breach Summit to learn even more on this topic. The summit brings together CISOs, risk managers, communication execs, insurers, attorneys, and security professionals to discuss the complexity of a data breach and how to prepare your organization for the inevitable.

Speaker Bios

Barbara Filkins

Barbara Filkins, SANS Analyst Program Research Director, holds several SANS certifications, including the GSEC, GCIH, GCPM, GLEG and GICSP, the CISSP, and an MS in information security management from the SANS Technology Institute. She has done extensive work in system procurement, vendor selection and vendor negotiations as a systems engineering and infrastructure design consultant. Barbara focuses on issues related to automation—privacy, identity theft and exposure to fraud, plus the legal aspects of enforcing information security in today’s mobile and cloud environments, particularly in the health and human services industry, with clients ranging from federal agencies to municipalities and commercial businesses.

Benjamin Wright

Benjamin Wright is a practicing attorney based in Dallas, Texas, focusing on technology law. He serves as a senior instructor at the SANS Institute, teaching its five-day course, LEG523 Law of Data Security and Investigations. By means of that course, Mr. Wright has taught thousands of students from throughout the world. He chairs the SANS Institute’s annual Data Breach Summit. Benjamin advises diverse clients, both in the United States and outside of it, on privacy, electronic commerce and data security law.

Dave Bradford

Dave Bradford is co-founder and chief strategy officer for insurance industry analytics provider Advisen, Ltd. Prior to co-founding Advisen in 2000, Dave spent 20 years in the reinsurance industry in underwriting, marketing and strategy-development roles. He was most recently a senior vice president with Swiss Re where he led the Global & National Division of Swiss Re America, a $500 million profit center. Prior to Swiss Re, Dave was a senior vice president at Reliance Reinsurance Corp where he founded and managed the Special Programs Department. Dave began his career as an actuarial analyst and treaty underwriter with Allstate's Assumed Reinsurance Division.

Julian Waits

Julian Waits is president and CEO for PivotPoint Risk Analytics, where he is leading the charge to establish a new category of solutions - cyber risk analytics- which quantify an organization's cyber value-at-risk in dollars and cents, allowing them to make better decisions regarding cyber security and cyber insurance investments. With more than 20 years in IT and security, Julian has served as the president and CEO of ThreatTrack Security, CEO of Brabeion Software Corporation and in senior leadership positions at Archer Technologies, e-Security and BNX Systems. Julian is an alumnus of both Loyola University of New Orleans and Xavier University of New Orleans.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.