AIG is, by most accounts, the world’s largest insurer. Peter Hancock, the CEO since September, came out to NYU Engineering Thursday morning and said that his company insures everything from cows in India to satellites in space.
He made his remarks during a talk about cybersecurity, titled “Cyber Insurance and Corporate Governance: Facing New Threats,” outlining AIG’s role in the cybersecurity business. Cybersecurity is an area in which NYU Engineering is seeking to establish itself as a thoughtleader.
Hancock became the company’s CEO in September. While not a computer programmer or cybersecurity expert, he had a lot to say about the nature of risk in a connected world. Some takeaways:
- AIG is a crowdsourcing machine. With 90 million customers worldwide, Hancock argued, “There’s a collective intelligence that comes from this community of clients we have.” In other words, with so much experience with so many adverse events, AIG knows how to advise clients to steer clear of danger. One interesting example he gave here: what he called “Cybershun.” It appears to be part of the company’s CyberEdge package, where certain clients get to share a database of bad IPs, updated in real time, based on information gathered across the company’s many clients (called “Proactive Shunning” on the web page).
- Regulators should require disclosure of cyber-insurance. “At this point cyber is not a mandatory item. Should it be? I’m not sure,” Hancock said. “But it is probably something people should be forced to disclose.” Investors might like to know if companies they want to buy in to are protected, and — for the broader investing community — the more companies that buy it, the less expensive it gets.
- Insurance rewards safer behavior. “Through the way we price insurance, we nudge people to alter the way they manage their risks,” Hancock said. “We reward mature infrastructure with lower rates.” Tighten up the loose screws on your IT, pay less money. It gives companies a more tangible reason to be more alert than hacker boogeymen.
- Technology improves that reward system. Hancock gave a shoutout to Progressive Insurance for its telematics program, which collects data about drivers and lowers rates for those who are safer behind the wheel. He said this isn’t just important because better drivers get priced more fairly, but “there’s evidence to show that bad drivers become better drivers, by virtue of that feedback loop,” Hancock said. He believes, with time, the insurance industry can create similar loops in cybersecurity markets.
- Big data. Hancock is of two minds about big data. He’s quick to tout his company’s cross-platform knowledge but he’s not so sure all information in one huge database is the best idea. “We insure millions of cows in India. We also insure satellites. I’m not really sure the cow data and the satellite data needs to be integrated.” An amusing way to put it, but he followed up with a real example that hit home much harder: The biggest data leak in recent memory, from Target stores, appears to have come through an HVAC vendor.
Hancock’s remarks were the sixth cybersecurity lecture in a series sponsored by the Alfred P. Sloan Foundation.