For many senior executives today, the jargon of cybersecurity may feel like hieroglyphics, a mysterious language that requires translation. Additionally, there is a lack of consensus on how to categorize cyber within a risk taxonomy. The insurance sector often views cyber as a financial risk, specifically a subset of insurance risk due to underwriting of policies. Banks may view cyber as a type of operational risk, while other industries may see it altogether as a strategic or standalone risk.
This lack of a common vernacular creates a communication barrier between cybersecurity experts and the board. To bridge that gap, a new approach is required that makes it possible for stakeholders on both sides of the table to speak the same language. In this paper, Milliman’s Chris Harner and Chris Beck discuss the language of cyber and why it’s important to translate this complex, technical language into financial terms.