Research, ideas, and leadership for a more secure, peaceful world

Past Event
Seminar

AI Cyber Lunch: Josephine Wolff on "The History of Cyberinsurance & War Exclusions"

Harvard Faculty, Fellows, Staff, and Students

Join the Science, Technology, and Public Policy Program for an AI Cyber Lunch Seminar featuring Josephine Wolff, Associate Professor of Cybersecurity Policy at The Fletcher School at Tufts University. In a talk entitled, "The History of Cyberinsurance & War Exclusions: Who Pays for State-Sponsored Cyber Attacks?" Wolff will explore what constitutes cyberwar and when cyberinsurance carriers are obligated to pay for damages linked to state-sponsored attacks - an increasingly important issue in the context of the Russian invasion of Ukraine.

Q&A to follow. Buffet-style lunch will be served. 

Registration: In-person attendance is limited to current Harvard ID holders. No RSVP is required. Room capacity is limited and seating will be on a first come, first served basis.

Members of the public are welcome to attend virtually via Zoom. Virtual attendees should register using the button below; upon registering, attendees will receive a confirmation email with a Zoom link. 

Recording: Please be advised that this seminar will not be recorded.

Accessibility: Persons with disabilities who wish to request accommodations or who have questions about access, please contact Liz Hanlon (ehanlon@hks.harvard.edu) in advance of the session.

Date: Time: - Location: Room 434 A-B
Courtesy of Josephine Wolff

Summary

NotPetya was described by the White House as "the most destructive and costly cyber-attack in history" and five years later, many of the companies hit by the Russian cyber attack are still sorting out who will pay for the damages and, in particular, what portion their insurance will cover. Several insurers have denied NotPetya-related claims on the grounds that the cyber attack was a "warlike action" because it was perpetrated by the Russian government and therefore excluded from most standard insurance policies. This has led to a series of legal disputes about what constitutes cyberwar and when cyberinsurance carriers are obligated to pay for damages linked to state-sponsored attacks. This talk will examine these disputes through the lens of the history of cyberinsurance, tracing the emergence and continuing growth of the cyberinsurance industry and describing how it has evolved in the first twenty years of its existence, where it is headed, why online threats have been particularly challenging for many insurers to model, and what role policy-makers can and should play in helping the market stabilize and grow. It will also consider how carriers and policyholders are responding to the disputes over NotPetya in light of the current war between Russia and Ukraine and the uncertainty around whether insurance coverage would apply to state-sponsored cyber attacks that occurred in the context of a war involving the use of physical force.

Speaker

Speaker

Josephine Wolff is an associate professor of cybersecurity policy at The Fletcher School at Tufts University. Her research interests include liability for cybersecurity incidents, international Internet governance, cyber-insurance, cybersecurity workforce development, and the economics of information security. Her first book, You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches, was published by MIT Press in 2018 and her second book, Cyberinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks, came out from MIT Press in 2022. Her writing on cybersecurity has also appeared in Slate, the New York Times, the Wall Street Journal, the Financial Times, The Washington Post, The Atlantic, and Wired.

Up Next