74% of CISOs have no personal liability coverage. CYGNVS changes that.
When a cyber incident hits, the CISO is no longer just responsible for the cyber incident response — increasingly they are personally accountable for every disclosure decision, governance call and regulatory filing that follows. And not just the CISO, other technology executives like the Chief Information Officer, Chief Technology Officer (CTO) or Chief Digital Officer (CDO). The SEC is now suing CISOs and other technology executives in their individual capacity. Regulators are holding individuals accountable. Legal representation alone can run into the hundreds of thousands of dollars. CYGNVS is the first and only platform to include dedicated CISO liability insurance — underwritten by AIG — as a standard customer benefit.
“As the CISO role has evolved from tactical security technology to strategic corporate risk, the CISO's exposure and liability has increased significantly. As a CYGNVS customer, CISO liability insurance being a benefit of the platform is a prudent safeguard to ensure meaningful protection.”
Being a CISO has never
carried more personal exposure.
Cyber incidents are no longer purely technical events. They are corporate governance events — and regulators, shareholders and courts are increasingly holding individual security leaders accountable for what happens before, during, and after.
The SEC has brought charges against CISOs personally for their role in incident disclosures — not just the organizations they work for.
Regulators across jurisdictions globally are increasingly naming security leaders in individual capacities following major incidents and disclosure failures.
Traditional corporate insurance may fail to cover CISOs adequately — or the CISO might not be included in the coverage at exactly the moment when it is needed the most.
Just retaining personal counsel for the initial stages of legal and regulatory proceedings can cost hundreds of thousands of dollars — out of pocket.
AIG Insurance Policy. Not just a
warranty or a promise from a vendor.
AIG is one of the world’s largest global insurers and Marsh is the world’s most trusted risk advisor. The CISO Insurance Policy that comes with the CYGNVS subscription is structured by Marsh and underwritten by AIG. That’s independent validation from two of the most trusted names in insurance. The AIG underwritten policy means an independent, government-regulated financial institution with the assets to pay out is providing an independent insurance policy with the CYGNVS platform.
$100B+
AIG assets backing the policy
Up to $3M
dedicated Side A D&O coverage per subscriber
5 Executive Roles
covered: CISO, CIO, CDO, CTO, CPO
While the cybersecurity and regulatory landscapes continue to evolve, the need for dedicated insurance coverage for senior security and technology executives has never been more clear. We specifically designed the Side A D&O policy to help leaders navigate their evolving liabilities and we are pleased to partner with Marsh Risk and CYGNVS to make the coverage available to CYGNVS subscribers.Steve Kammann, Chief Underwriting Officer, North America Financial Lines, AIG
Why is CISO liability insurance
better than vendor warranty?
Cybersecurity warranties are everywhere. They sound reassuring. But a warranty from a vendor is only as good as that company’s balance sheet, which means nothing if the vendor is a startup. The question is how many customers have ever collected on a vendor warranty.
Warranties are also tied to using the product in certain ways, or the product not performing in stated – all of which are hard to prove after the fact.
An AIG-underwritten insurance policy is a regulated financial product backed by one of the world’s largest insurers. The difference is not subtle.
-
Backed by the vendor's balance sheet, which may be a startup with limited assets
-
Tied to technology failures, not the leadership decisions made during a crisis
-
No state regulatory oversight of payouts or claims
-
Is written to the organization - not to protect the CISO personally
-
Underwritten by AIG, one of the world’s largest insurers
-
Covers any and all decisions made during a cyber crisis, not just technology failures
-
Regulated financial product: claims are legally enforceable
-
Is written for the CISO, CIO, CDO, CTO, and CPO personally
Dedicated protection for the
individuals making the calls.
The AIG Insurance Policy that is included with CYGNVS subscriptions covers personal financial exposure for leading technology executives when corporate indemnification is unavailable or denied.
CISO
Chief Information Security Officer
CIO
Chief Information Officer
CDO
Chief Digital Officer
CTO
Chief Technology Officer
CPO
Chief Product Officer
Why the insurance
industry backs CYGNVS.
Insurance companies are in the business of pricing risk accurately. When AIG and Marsh Risk structured this program, they reviewed CYGNVS’s actuarial record — 50+ major incidents per week, across 3,000+ organizations — and concluded the platform reduces the cost and impact of cyber incidents. That conclusion is in the policy.
One of the world's largest insurers with $160 billion in assets. AIG underwrites the Side A D&O liability policy included with eligible CYGNVS subscriptions. Insurance backing is a strong validation of the CYGNVS platform.
One of the world's largest insurers with $160 billion in assets. AIG underwrites the Side A D&O liability policy included with eligible CYGNVS subscriptions. Insurance backing is a strong validation of the CYGNVS platform.
Focus on the incident response,
not your personal liability.
CYGNVS Premium and Elite subscribers receive AIG-underwritten CISO liability coverage at no additional cost. Response-ready in 7 days.