1-888-643-2217 Email ABEX
Keeping you updated


Esports Accelerating into Mainstream Entertainment Market

Imagine a nascent but fast-growing global market generating revenues running to billions of dollars and annual audiences well into the hundreds of millions. Now stop imagining – what you’re thinking about is the world of esports.

Moving mainstream

Esports have been developing for some years now, and the growing numbers and sophistication of the market prove it is here for the long haul.

Most of us are familiar with online gaming. Esports takes things one step further. Instead of people playing video games on their own, esports has created an entire online and in-person spectator experience around these games.

Professional players compete alone or as part of teams, battling each other in tournaments or as part of a league. Audiences fill out arenas, watching players fight it out on massive screens, or supporters log in online and watch their favourites play remotely.

In 2017, esports generated almost $700m in revenues worldwide and a global audience of almost 400 million.

In 2021, despite the impact of COVID-19 on physical spectator events, the market is forecast to have revenues of almost $1.1bn and an audience of 475 million.

Market stakeholders

There are many different stakeholders in the world of esports. There are the publishers who make the games that people play. There are then the tournament organizers. In many cases, publishers run their own tournaments, but there are also lots of third parties organizing events.

Streaming platforms such as Twitch or YouTube Gaming allow players to record and broadcast themselves to online audiences, who can then engage with supporters as they play. These players are often part of professional teams.

There are then the fans, who watch online or attend live events. They spend significant sums on merchandise and can support players through donations and subscriptions.

On top of all this sit the sponsors who provide the lion’s share of the market’s revenue and in 2021 this segment will account for almost 60% of the money generated by esports.

Investment interest

Understandably, investors want to get involved in a market that is generating revenues that will exceed $1bn this year and where live stream viewer numbers are exploding.

The COVID-19 lockdown restrictions accelerated the growth in these numbers, which will continue to grow as more games are tailored for watching on mobile devices and the experience for remote users improves.

FaZe Clan has led the way in monetizing interest in gaming through an entertainment-first model which has garnered a global fanbase of 339 million combined across all social platforms.

Audiences of this scale offer significant opportunities and it is no surprise that most of the money generated in the esports market comes from outside of competitive play.

New concepts are being developed quickly and are proving hugely successful. For example, a Travis Scott concert was hosted and broadcast within the game Fortnite. Players could drop in and watch the concert as part of their playing experience. They could also buy digital merchandise as part of the show.

The concert attracted 27.7 million unique viewers across five showings within the game, demonstrating the potential of these innovative events to engage new and sizeable audiences.

Risk and reward  

In 2024, esports is on track to appear at the Paris Olympics as a side event. This sort of mainstream exposure will further accelerate its already stellar growth and make it even more attractive to big brands and sponsors.

In recent months, the restrictions on live events created by COVID-19 have seen many professional sports turn to esport alternatives to maintain audience engagement.

It is also the case that as a developing market, esports has not yet been standardized, increasing the number of opportunities to engage with the multiple structures surrounding the various players, teams, leagues and tournaments.

In the same way that professional football, or any other established global sport, relies on insurance, elite level esports has the same need for safeguards and protections, and demand is growing.

It is a market that is brimming with potential from media, entertainment and advertising to sponsorship, contingency and individual players.

Source: www.cfcunderwriting.com

Rebooting the Events Industry

COVID-19 dragged the events industry off a cliff, and the climb back to the top has still got a long way to go.

Governments across the globe have earmarked dates to do away with limits on social contact and it’s these dates the entire events sector is eagerly awaiting.

The pent-up demand to host and attend events is palpable and in recent weeks we have begun to see a noticeable uptick in the number of enquiries coming through to our contingency team.

This is especially the case for smaller events that do not require the same lead time or upfront investment as flagship gatherings such as Glastonbury or Coachella.

Supporting the transition back to full scale live events

The idea is to let several events go ahead in tightly controlled environments, so organizers and authorities can work out the best way to hold them safely in the future. Governments will be offering compensation should a pilot event be cancelled due to public health reasons.

Many people are clamouring for a comprehensive support package from the government in terms of providing backstop contingency cover for future events. In addition, any such cover would probably require event organizers to have their own insurance in place to respond in the first instance.

As brokers and their clients seek to arrange cover for their forthcoming events, they will have to bear in mind the significant impact COVID-19 has had on the contingency market.

Changing market dynamics

When the first lockdowns came into force in early 2020, scheduled events simply disappeared from the agenda. Enquiries for cover fell away to nothing and plans for live events were cancelled or shelved.

Some carriers took COVID-19 as their cue to leave the market, although there were also new entrants who saw it as an opportunity to capitalize on hardening rates.

At the moment, the small number of risks being placed in the market means it is difficult to tell just how much rates have hardened. But that will become more apparent in the coming months as volumes return to something more like normal.

Given the scale of recent losses and the historically soft nature of the pre-pandemic market, it is inevitable the price rises will be significant.

In addition, policyholders should expect exclusions for COVID-19 and communicable diseases to be standard. This cover will still be available if it is specifically required, although it will come at a cost and from a reduced number of carriers.

In truth, communicable disease exclusions were standard in the contingency market before the onset of COVID-19, although there will be more focus on them in its aftermath.

Where the difference between the pre and post pandemic market will be more pronounced is in the ability to find underwriters prepared to take on an entire risk. This issue will be more prevalent for larger events and brokers may find themselves having to engage with numerous markets to place the full cover required, when a single carrier might have offered it in the past.

Heightened awareness of risk

In a devastatingly short period of time, COVID-19 has shown the debilitating power of pandemics to bring live events, and economies more generally, to a halt.

Previous public health issues such as Middle East respiratory syndrome (MERS) and Severe acute respiratory syndrome (SARS) never delivered the widespread disruption they threatened. This cannot be said of COVID-19 and it has significantly heightened the awareness of the cancellation risk faced by the events sector.

This more practical understanding of cancellation risk should increase the penetration of contingency insurance and grow the overall size of the market in the coming months and years.

Even if event organizers decide not to buy cover, risk management considerations will be much higher up their agenda and they will be more open to discussions on the subject as they plan their event.

This extra interest should also act as a catalyst for brokers to strengthen existing client relationships and to develop new ones. It may also encourage clients to be more active in assessing and understanding the exact nature of the wordings and definitions in their policies. Such engagement would be positive for the market and minimize unexpected outcomes in the event of a loss.

In whatever way brokers and their clients interact with the contingency market going forward, they can rest assured it will be there to offer them the cover they need. Underwriters are just as desperate as they are to see live events back on the daily agenda.

Source: www.cfcunderwriting.com


What is the Internet of Things?

Dongles, Fitbits, Alexa, smart watches and more – we are all familiar with these handy pieces of tech. With ever-increasing functionality and user hype, the Internet of Things (IoT) is no doubt a growth market. But what defines IoT? How did we get here? What are the risks? And how much further can this tech go?

What is IoT?

It is estimated that there is a staggering 31 billion IoT devices online, but what exactly are they? The IoT refers to devices with embedded technologies that allow them to exchange data with other devices and systems over the Internet.  An example of this is a smart home equipped with various interconnected devices (e.g., smart lighting, smart thermostats etc.) that can be controlled from a single app or device. Being able to turn on the heating and launch your favourite playlist before you have even stepped foot in your home, all from your phone, is surely not a bad thing.

IoT devices are also being deployed increasingly for commercial application. A study in the US estimates that 35% of manufacturers utilize IoT sensors within their manufacturing processes. Sensors can track parts as they move through the assembly line, giving process engineers improved oversight compared to traditional methods. This increased transparency can drive down costs for manufacturers and improve their bottom line.

How did we get here?

Technology companies have been trying to connect devices to the Internet for well over 40 years, with one of the first examples being a vending machine in the 1980s. This allowed the vending machine to report on its inventory and whether or not drinks were cold. For many reasons early attempts to develop this technology were largely unsuccessful. This quickly changed with the advent of smaller, cheaper to produce chips that could efficiently connect devices to the Internet. By 1999, technology pioneer Kevin Ashton had coined the phrase “Internet of Things”.

What are the key exposures for IoT devices?

Cyber vulnerabilities: Given their size, it is often hard to integrate robust cyber defences into IoT devices to fend off hackers. Once a hacker gains access, they can infiltrate the network the smart device is connected to. In what sounds like a Hollywood blockbuster movie, hackers managed to gain access to a casino’s network via a smart thermometer located in the fish tank, walking away with 10 gigabytes of the casino’s data – not quite suitcases of cash but just as valuable!

Intellectual property exposure: IoT is a competitive market with many large companies fighting for market share, but with this comes the very real potential for IP litigation. In particular, the complex nature of IoT can mean that companies can unknowingly infringe patented inventions and risk IP infringement allegations from competitors.

Bodily injury and property damage: Given the fact that IoT involves physical devices, there is an inherent exposure to bodily injury/property damage when compared to a non-hardware-based technology. For instance, the FDA had to recall 500,000 pacemakers in 2017 after concerns around cyber vulnerabilities which could be exploited to drain the battery or alter the heartbeat. The recall did not involve replacement of the pacemakers. Instead, medical staff were able to patch the security holes. Nonetheless, this highlights our reliance on IoT for critical functions and the potential for catastrophic loss.

What does the future look like for this growth area?

It is safe to say that the number of IOT devices will only increase and their functionality will also become more sophisticated. For better or worse, IoT is here to stay. Here are a couple of ways IoT may change the world in the coming years:

The idea of a “smart home” is something we are familiar with, but the idea of a “smart city” is still being developed. IoT has the potential to change the way we interact with the cities we inhabit. Smart cities will use a host of IoT devices to collect data using sensors, which can then be analyzed to improve health services, transport infrastructure and other services.

Farming is one of the oldest industries in the world, and while it has grown leaps and bounds from the days of horse-drawn farming, IoT has the ability to further modernize the sector. For example, sensors can be used to monitor weather conditions, livestock, agricultural drones and assist with crop management. Smart farms can drive efficiencies and bring down costs, making farming more profitable and environmentally friendly.

Global research firm Gartner estimates that by 2025 there will be 75 billion IoT devices connected to the Internet. The rapid rise of the number of units in circulation and the ever-increasing functionality of IoT brings with it increased exposures and risks.

Companies developing, manufacturing, or selling these devices need a comprehensive insurance policy to cover their exposures. CFC has a dedicated technology policy and an inhouse team of claims experts to deal with any issues that may arise. For more information, please contact ABEX or CFC.

Source: www.cfcunderwriting.com

Recruitment Firm Falls for a Phishing Scam

Social engineering involves the use of deception to manipulate individuals into carrying out an act such as transferring money, handing over confidential information, or clicking on a malicious link, and it’s causing serious financial harm to organizations around the world.

Any organization that transfers funds electronically can be susceptible to social engineering attacks, which can result in the company mistakenly transferring funds to fraudulent third parties. However, it’s not always businesses themselves that are tricked into transferring funds, but their customers. In some cases, fraudsters will impersonate a business, intercept communications between the business and a customer, and fraudulently redirect funds that were due to be paid to the business for the goods or services it provided. This can potentially result not only in strained relations with customers but also, in many cases, with the business being left out of pocket for the money that was owed.

One of our policyholders affected by such a loss was a recruitment and staffing firm. The firm provides recruitment services across a range of industries, including banking, insurance, manufacturing, and technology, and the positions that the company helps to fill range from entry-level jobs to senior executive roles.

Credential phishing opens floodgates
The scam began when a member of the recruitment firm’s accounts department fell for a credential phishing email. Credential phishing emails are used by malicious actors to try and trick individuals into voluntarily handing over their login details, typically by directing them to a link that takes them through to a fake login page.

In this instance, the recruitment firm’s employee received an email purporting to be from a spam filtering service. The email explained that some of the employee’s outbound emails had been blocked by the spam filter, but it went on to explain that emails coming from the employee’s account could be unblocked if the employee clicked on a link and verified his email address by inputting his details.

Not wanting to have a situation where important invoices to external clients were blocked by this spam filtering service, the employee clicked on the link and entered his email login details to verify the account. Unfortunately for the recruitment firm’s employee, however, he had unwittingly handed his credentials to a fraudster.

To make matters worse, the recruitment firm did not have multi-factor authentication enabled for remote access to all company email accounts. This meant that the fraudster was able to gain access to the employee’s account remotely without having to go through a second verification procedure, such as inputting a verification code or number. This allowed the fraudster to peruse the employee’s email account, monitor communications to and from the account and gain valuable information about the nature of the policyholder’s business and the employee’s role within it.

What the fraudster found was that as part of his role within the recruitment firm’s accounts team, the employee was expected to send over invoices to client businesses following the successful placement of a candidate at the hiring company, with the recruitment firm charging a percentage of the newly employed candidate’s salary as commission.

Spotting an opportunity, fraudster pounces
The fraudster was clearly looking for a lucrative opening to appear, and as it happened, the employee was in correspondence with a client business operating in the technology sector, whom the recruitment firm had recently helped in the hiring of a Chief Operating Officer. Following the successful placement of the candidate for the role at this company, the recruitment firm’s employee in the accounts department had sent over an invoice for $77,000 to the technology company. Having spotted an opportunity, the fraudster chose this moment to strike.

The first step was to set up a forwarding rule in the employee’s email account. Forwarding rules are settings that can be applied to an email account which ensure that emails that fall within a certain criteria are automatically forwarded to a specific folder or to another email account. In this case, the fraudster set up a forwarding rule that meant that any emails that featured the technology company’s domain name were immediately marked as read and sent directly to the employee’s deleted items folder.

The next step was to send an email from the employee’s account to the technology company. In the email, the fraudster explained that the recruitment firm had recently changed banks and that the previous invoice had mistakenly included the details for the firm’s old account. The email went on to say that the new bank account details could be found on the new invoice attached and that the payment for the recent placement of the Chief Operating Officer should be sent to the new account instead.

In order to ensure that the request looked legitimate, the fraudster used exactly the same invoice template as before, including the same company address and logo, with the only difference being the addition of the new bank account details. The fraudster also ensured that the new email formed part of the original email chain, as well as adding some subtle touches, such as mimicking the employee’s writing style and including the employee’s email signature to sign off the email.

With the email forming part of the original email chain and coming from the recruitment firm’s employee’s genuine email address, along with the same invoice template as before, the individual responsible for processing the payment at the technology company never doubted the legitimacy of the request. Assuming that the new account details were valid, the client business paid the $77,000 owed and believed that the matter was now settled.

It was only several weeks later, when the recruitment firm’s employee noticed that the invoice remained unpaid and contacted the technology company via phone, that the scam was revealed. The technology company contacted its bank and tried to see if the transfer could be recalled, but unfortunately it was too late and the funds had already been removed from the fraudulent account.

With the funds deemed unrecoverable, this meant that the money owed to the recruitment firm remained unpaid. However, as it was the recruitment firm’s employee who had had his email account hacked, and as the request to change the bank account details had come from his genuine email account and appeared to be legitimate, the technology company did not accept responsibility for the lost funds and was not willing to pay the invoice a second time, leaving the recruitment firm out of pocket to the tune of $77,000.

Fortunately, however, the recruitment firm was able to recoup the lost funds under the cyber crime section of its cyber insurance policy with CFC, which provides cover for social engineering style losses such as this.

Click here to download the case study.

Source: www.cfcunderwriting.com

Should Ransomware Payments Be Illegal?

By Graeme Newman, Chief Innovation Officer at CFC Underwriting

Ciaran Martin, former head of the UK’s National Cyber Security Centre, is the latest security expert to champion the cause for making it illegal for cyber insurers to reimburse ransom payments. Quoted in a recent Guardian article, Martin claims that cyber insurers are “inadvertently funding cyber crime”. Like many similar articles quoting seasoned security professionals there is an underlying allegation that this move would not be supported by the insurance industry. That somehow it would fundamentally destroy the value proposition of the product and service we provide, and that we would rather that this crime continue to develop “because it’s good for business”.

I can’t claim to speak on behalf of the insurance industry, but having been involved in cyber insurance for almost 20 years now, I can say with some certainty that this is not how the industry thinks. In fact, I’d make a fairly large wager that most (if not all) of my peers would happily support a bill to make the reimbursement of ransoms illegal, if (and only if) that would actually solve the problem. Unfortunately, I don’t think it would.

Let’s leave aside for one minute the practicality of enacting – and enforcing – such a law, it feels that targeting insurers as the source of the problem is fundamentally mis-guided. Less than 15% of global businesses purchase this kind of insurance, so to suggest that eliminating part of it would fix what is now a global issue would be to ignore the other 85% of businesses who face the same problem without insurance.

There is no evidence to suggest that businesses who purchase cyber insurance are more inclined to pay a ransom demand than those without, in fact in my experience, it is quite the opposite. Armed with insurance a company can avail itself of the appropriate experts to guide them through the issue and support them through the recovery process, in the absence of this, most small businesses assume they have no other option but to pay.

Furthermore, to suggest that there are no laws in place already to prevent payments is fundamentally wrong. The US government has rightly reminded the industry of global sanctions laws, which make it illegal to facilitate payments to entities on the OFAC SDN list (and foreign equivalents). We are steadily seeing more entities related to cyber crime being added to these lists, and with insurers being regulated entities and most having US assets, this is already a powerful incentive to seek alternatives to paying ransoms.

There is no doubt that ransomware poses a serious threat to global business. Increasingly emboldened criminals are ditching their old tactics of ID theft and social engineering and moving to the increasingly lucrative business of extortion. Furthermore, the economic damage caused by ransomware is often many multiples of the billions the criminals are stealing, making this the worst form of financial crime. It is a problem that needs to be stopped.

But there are many reasons why this crime continues to develop:

  • Cryptocurrencies make it possible to launder billions of dollars with little fear of being caught. More must be done to clamp down on the exchanges that wittingly or unwittingly facilitate this crime.
  • The media continues to demonise businesses that fall victim to this crime, making them fear the accompanying negative publicity which in turn fuels the desire to pay rather than be “outed”. We must recognise that this is a crime and the only party that ought to be shamed is the perpetrator.
  • Recent tough privacy regulations should also be questioned. Their accompanying fines and potential route for statutory damages are making it even more lucrative for criminals to steal. Businesses now fear the financial consequences of the data being leaked, making this one of the most common tactics in the evolving crime of extortion. We must stop seeking to punish the victims and instead focus on preventing the crime.
  • Cyber insurance has a critical role to play in tackling ransomware. There are already close connections between the industry and global law enforcement, with threat intelligence being shared and data being gathered. By following carefully structured paths and involving the right professionals we can ensure that payments are only made when absolutely necessary and that law enforcement are kept informed so they can use the intelligence gathered to track and ultimately catch the perpetrators.

Our goal is to provide the support and resources necessary to help businesses recover as quickly as possible, and to ultimately help protect our clients from this increasingly serious source of crime. As an industry we are committed to doing all we can to ultimately eradicate this vile bi-product of the digital age. And with almost $1tr in policy limits exposed I don’t think there is any other part of the economy that has a stronger motivation to make it happen!

Click here to access the original article.



Receive notifications of new posts automatically.


Like us on Facebook

Connect with us on LinkedIn