John Lupica, Chubb

John Lupica

A Recognized
Market Leader in
the Cyber Space

Editors’ Note

Prior to ACE’s acquisition of Chubb in January 2016, John Lupica was Vice Chairman of ACE Limited and ACE Group and Chairman of Insurance – North America. He was appointed Vice Chairman of ACE Limited in November 2013 and Vice Chairman, ACE Group, in March 2014. Lupica joined ACE in 2000 as Executive Vice President of the U.S. Professional Risk business and advanced to Division President of the unit. He also served as Division President of U.S. Regional Operations before being named President of ACE USA in 2005. He was appointed to the additional role of Chief Operating Officer, Insurance – North America, in 2010. Prior to ACE, Lupica served as Senior Vice President for Munich-American Risk Partners, Inc., and held various management positions at American International Group. He received a Bachelor of Arts degree from Hobart and William Smith Colleges and holds the Chartered Property Casualty Underwriter designation.

Company Brief

Chubb (chubb.com) is the world’s largest publicly traded property and casualty insurance company. With operations in 54 countries, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance, and life insurance to a diverse group of clients. The company is distinguished by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength, underwriting excellence, superior claims handling expertise, and local operations globally. Chubb maintains executive offices in Zurich, New York, London, and other locations, and employs approximately 31,000 people worldwide.

Would you highlight Chubb’s focus on cyber?

We engage regularly with our clients and distribution partners to gain a better understanding of their unique needs and challenges, and then develop solutions as appropriate to help them address those concerns. For cyber in particular, we listened as both shared their concerns about the lack of capacity in the market and the need for additional services to help them improve their security posture and respond to incidents post-loss. We introduced comprehensive loss mitigation and loss control services and developed Chubb’s Global $100M Cyber Facility, which combines both capacity and pre- and post-loss services within a single policy purchase to help large customers secure the coverage they need.

Would you provide an overview of Chubb’s cyber products and services and how Chubb differentiates itself?

We pride ourselves on being a recognized market leader in the cyber space. We offer a multitude of cyber products and services that vary depending on the client’s size, industry, complexity of risk, and buying needs. The common thread within all of our cyber offerings is our exceptional underwriting, pre- and post-loss servicing, and claims handling – the core of our business.

This approach starts with pre-incident services, including the loss mitigation and loss control services that can help our clients strengthen and improve their security posture and help prevent cyber incidents from taking place. Next, our incident response team comprises our post-incident services. This team of specialists – ranging from law firms and forensics to call centers and public relations – engage directly with clients and respond quickly and effectively in the event of an incident. Lastly, is risk transfer, which is our balance sheet – our promise to our customers to pay claims. We were the first to introduce this approach to the market, and we constantly refine it. For example, we are expanding our pre-incident services to provide online awareness training and password defense services to all cyber policyholders. Why? Because an analysis of our loss data showed that the addition of these services could help to better protect our policyholders. Chubb differentiates itself within the cyber industry by refusing to accept the status quo.

How is Chubb able to customize its offerings based on client needs?

At Chubb, we serve clients of all shapes and sizes, and we recognize that one size does not fit all. We apply the highest degree of skill and professionalism in all that we do, and that we carefully and thoughtfully tailor our solutions to address our clients’ unique needs – it’s what we call craftsmanship.

How broad is the target market for Chubb with its cyber offerings and do these offerings apply to companies of all sizes?

We view our cyber risk practice as a leading specialty product for Chubb within all market segments: from large corporate accounts to middle market companies to small businesses. We have challenged our leaders to be the best-in-class in each. Our target market and appetite span the entire spectrum of the marketplace. If we can achieve success within each market segment, as we have set out to do, our success will translate into solutions for our clients and distribution partners.

Cyber risks continually evolve. How challenging is it to stay ahead of these risks?

The threats are constantly evolving and we’ve developed relationships with law enforcement, IT security firms, and other experts to identify trends and manage our business. While a bad actor’s latest method of attack is important to us, we believe what’s most critical in serving our clients is to remain focused on three key elements: remediation, response, and indemnity. This means providing assistance to effectively respond to and manage the situation when an incident happens, offsetting the immediate costs associated with that incident, and managing any liabilities that may arise. If we can execute on these three elements, then we have delivered on our promise to our customers and distribution partners.

How critical is it that cyber be a priority at the board level and in the c-suite?

We want companies to be prepared. The most critical thing businesses can do to improve their cybersecurity posture is to foster and reinforce a culture of awareness around cyber and privacy issues. Effective enterprise risk management extends from the c-suite and the board to the receptionist at the front desk and the newest intern. A company is only as strong as its weakest link. The culture around data security and privacy should permeate the entire organization so every employee feels empowered to maintain security and protect information.

Would you highlight the strength of Chubb’s team within its cyber practice?

Our cyber practice is truly best-in-class in terms of its depth and expertise. The global, cross-functional network of dedicated individuals who form this practice – from underwriters, claims specialists, and actuaries to risk engineering and data-analytics experts – have established Chubb as a recognized leader in the cyber industry. Our team has built relationships with law enforcement, regulators, IT security experts, data scientists, and legal specialists who are the best in their fields, and we’ve leveraged those relationships to further differentiate ourselves and enhance our capabilities and the services we offer. I’m very proud of the team we’ve built and what we’ve achieved together.