July 18, 2017 – The hunt for seasoned cybersecurity talent has seen a dramatic increase in the last several years, according to executive recruiters who hunt for talent in the space. Today, the need for such leaders reaches across virtually all industries. Areas like financial services, defense and high technology have long focused on cybersecurity.
But with cyber attacks continuing to make headlines, businesses in far flung sectors like retail, healthcare, entertainment, utilities and a host of others are beginning to take action to protect themselves.
To that end, business is brisk for headhunters. The Lapham Group just placed cyber industry veteran Bill Stewart as division president of Chubb’s global cyber risk practice. Craig Lapham, managing partner and CEO of the search firm, led the assignment.
Mr. Stewart will lead the development and implementation of Chubb’s strategy to deliver the next generation full suite of property and casualty cyber insurance offerings, worldwide. This global focus on cyber security will deliver Chubb’s risk transfer, loss mitigation and incident response services for the rapidly evolving threats faced by businesses of all sizes and individuals. In addition, Mr. Stewart will collaborate with David Cowart, Chubb’s chief information security officer, and the company’s enterprise risk management team in developing cyber security best practices for its business.
“Our client was seeking a recognized cyber risk expert and accomplished executive able to provide strategic perspective and thought leadership to the global insurer’s cyber risk offerings, as well as to emerging trends in cyber risk,” said Mr. Lapham. “While insurance industry experience was not required, the successful candidate needed to have had exposure to cyber insurance products as well as pure technical depth and industry-leading expertise in cyber risk and emerging trends in cyber threats.” In sum, he added, the client desired a cyber-risk technical expert who also possessed the relevant skills and commercial experience to lead a P&L and build a global business.
“Bill was uniquely qualified in that he is very deep in cyber security as it relates to technology and trends, but also has proven success moving that technical expertise into the commercial space,” Mr. Lapham said. “He understood how you look at security architecture from a risk management standpoint in the commercial sector.”
Mr. Stewart created, for example, the strategy for his previous firm’s commercial cyber business. That included the development of a comprehensive offering framework to provide advisory, design, integration and operational services and developed relationships with leading CISOs and CSOs in key sectors, including financial services, energy, manufacturing and retail.
“This was combined with his prior military background and government experience leading the NSA client account for his firm for several years,” said Mr. Lapham. “The result is a highly technical cyber security expert who is also a strategic business builder.”
Mr. Lapham came to this search with a keen perspective on cyber / IT risk and security, having worked with other large global insurance clients on building their cyber risk functions. One was Prudential, which was seeking to upgrade the sophistication of its IT risk management function post SIFI (systemically important financial institution) designation.
Recruiter Rankings: Cyber 20
These 20 cybersecurity recruiting specialists are well-positioned to identify your next best-in-class leaders in IT risk management, network security, intelligence and privacy.
Mr. Stewart has close to 30 years experience. Most recently, he served as executive vice president at Booz Allen Hamilton, where he was responsible for the firm’s commercial cyber business. He joined the company in 1989 as an information assurance business leader. From 2013 to 2015, Mr. Stewart led the firm’s commercial financial services business. He previously worked for RCA, where he developed communications security and key management devices. He also served in various capacities in the Army, including signal officer, battalion commander and company commander.
“The number and complexity of cyber exposures have grown exponentially over the last few years,” said John Lupica, vice chairman, Chubb Group, president, North America major accounts and specialty insurance. “The decision to make our cyber-risk practice a standalone business under a forward-thinking leader like Bill adds another level of depth and thought leadership to Chubb’s offerings in this segment. His extensive knowledge of global cyber risks, coupled with his background and experience in providing cyber counsel to organizations across different industries, will complement the underwriting, servicing, claims handling capabilities and enterprise risk management that distinguish Chubb in the market.”
Cyber risk management, already a multi-billion dollar global industry, is expected to see great expansion in the years ahead. “Cyber exposures are growing exponentially across all industry sectors with corresponding exponential growth in the cyber insurance sector offering products and services to mitigate these risks,” said Mr. Lapham.
Security Threats Create Talent Challenges, Opportunities
Cybersecurity might well be the greatest challenge facing corporate America today. The threat to reputation, private information and dollars — both from immediate theft and the cost of repairing the damage of a cyber-attack — can be staggering.
Chubb was a pioneer in the cyber insurance marketplace when it began to offer its first cyber risk product in 1998. Today, Chubb’s global cyber risk practice brings together the global expertise, underwriting capabilities and claims and loss control services from the insurer’s cyber risk related business units around the world.
Recruiting Cyber Talent
Finding good cybersecurity talent can be the ultimate talent challenge for recruiters. “The most sophisticated talent can be found within the major industries that are facing significant loss from cyber related incidents to include financial services, in particular retail banking; energy; healthcare; and retail,” said Mr. Lapham. “The ideal executive should have prior government background combined with experience working within complex global corporations on broad gauged cyber risk initiatives. That would include assessment of cyber security risk management practices, asset and data security, vulnerability management, secure system development, network security, identity and access management, security testing, incident management and business continuity/ disaster recovery.”
So, what traits and characteristics make up ideal security professionals executives? Beyond the above mentioned core technical skills, outstanding communication skills, ability to partner and collaborate closely with internal and external constituents, a keen strategic vision to identify not just current but future issues and threats, said Mr. Lapham. “The most sophisticated cyber executives change the security paradigm by helping organizations use intelligence, be more proactive and implement strategy into network security,” he said.
The Lapham Group is a boutique search firm with more than 20 years recruiting for the global insurance and diversified financial services sector. Its searches include board of director, president/CEO/general management and multifunctional engagements conducted across North America, South America, Europe, Asia and the Far East.
Contributed by Scott A. Scanlon, Editor-in-Chief; Dale M. Zupsansky, Managing Editor; Stephen Sawicki, Managing Editor; and Will Schatz, Managing Editor – Hunt Scanlon Media