Getting to Know: Joe DePaul
Willis’ senior vice president of FINEX/cyber risks discusses his work as chair for CLM’s Cyber Liability Committee and previews its upcoming conference in October.
By Eric Gilkey
On fulfilling his committee’s goal of increasing awareness of cyber liability:
“Increasing awareness and educating the committee and CLM members and fellows is a priority for our group. We host a monthly call where we discuss topical and informative items surrounding cyber liability. For example, on our past call, we invited a guest speaker to discuss the UMPC Health Plan data breach case and Judge Wettick’s decision to dismiss it.”
On what to expect from the committee’s upcoming conference:
“We are hosting our second annual Cyber Summit on Oct. 21, 2015, in New York City. The conference is set up with a “cyber 2.0” approach, and will be targeted toward an intermediate and advanced attendee base. Sample session titles include, “The Retail Data Breach: Navigating the Murky Waters of the Payment Card Industry,” “The Interface of Underwriting, Claims, and Counsel to Create Sustainable Insurance Products for Cyber Risk,” and “Death by Twitter: Impact and Appropriate Governance of Social Media to Prevent Data Breach or Liability Claims Doomsday.”
On the rash of data breaches in both the private and public sector:
“What we are seeing is that no company is safe and that some of the most sophisticated companies in the world are as vulnerable as the smallest firms that have little-to-no information security controls in place. Every company needs to take these cyber threats seriously and determine which risks they can accept, avoid, mitigate, or insure against. But the first step is acknowledging that you are vulnerable and you will not prevent an event from occurring at some point in the near future.”
On predicting what his committee will be focusing on in five years:
“The cyber environment is so very challenging. Unfortunately, our technology, while assisting us all in our everyday lives, changes at an unprecedented speed. It does not take one year—let alone five or 10 years—to uncover what the next risks are. We are seeing new risks each and every day, but currently we’re looking at the ‘Internet of things,’ cyber risks related to utilities, and two more recent developments: drones and self-driving automobiles. What’s next? I simply don’t know. But we are gathering information, speaking with others, and trying to stay ahead of what the next risk or exposure may be.”
On his own smartphone privacy settings and social media participation:
“My firm requires certain security settings on our mobile devices as well as password protection and other state-of-the-art security measures. Social media, yes, to a point, but I do not have a Facebook account and have no intention of getting one. I have used Twitter very little.”
For more information about the 2015 Cyber Liability Summit or to register, click here.