With contributing editor, Ryan Schradin, away in the wilds of the Pacific Northwest this week, I’ve been tasked with finding the most interesting and relevant stories on cyber insurance to share with our readers. We’ve already published one this week on Insurance Tech Insider, a great interview with insurtech industry expert, Lauren Effron. In the interview she shared that companies must overcome their reluctance to buy cyber insurance and make it a fundamental part of their business planning and processes.
This, it seems, is a sentiment that is widely shared by both cyber security and insurance industry experts. While the insurance experts might have some pecuniary interests in recommending cyber insurance, tech executives seem to be responding to the data regarding the prevalence of cyber attacks against companies of all sizes and the damage that leaking personally identifiable information (PII) is doing to reputation and the bottom line.
Here are the top stories to read this week:
Cyber Insurance Will Help Improve Data on Cyber Attacks and Risk Modeling
One of the reasons that corporations might not be buying cyber insurance is that the data on the frequency and extent of cyber attacks is still not sufficiently compelling. Matt Honea, cyber manager at Cyence, a cyber risk modeling company that was recently acquired by Guidewire, said in a recent interview with Insurance Journal that the cyber insurance market is growing, but that it needs to develop in order “to have a robust model in place.”
Without sufficient data about cyber risk there are difficulties for underwriters in writing viable policies or having common criteria for denying a cyber insurance policy, Honea shared. However, it’s kind of a chicken and egg problem because without cyber insurance there’s a lack of reporting on cyber attacks, but in order to build viable policies insurers need data.
How would Honea and Cyence solve this problem, read on to find out.
Fitch Ratings Inc., Sees Growth in Cyber Insurance Market from GDPR
Meanwhile, Fitch Ratings Inc., posits that The European General Data Protection Regulation (GDPR) will spike demand for cyber insurance, not just in the EU but globally. The new EU data protection rules, which come into effect in May 2018, will have stringent requirements for organizations regarding breach notification that will not only increase awareness “about the prevalence of breaches” but will also give the EU the authority to level hefty fines against organizations that expose PII as part of a data breach.
Because the GDPR applies not only to companies headquartered in European Union member states but all organizations doing business or holding the data of EU citizens, this mandate has global reach. In other words, it could be the game changer the insurance industry has been looking for. Here’s the whole story about how the GDPR will reshape the cyber insurance field.
The Third Wave of Cyber Insurance? Wait! What Were the Other Two?
Last week on Accenture’s insurance blog, Werner Rapberger, Principal Director – Distribution and Marketing Practice for Insurance, wrote an insightful article on the third wave of cyber insurance. While we’re still not certain there were ever any other waves of cyber insurance, given how reluctant companies are to buy into the marketplace, Rapberger makes a strong argument for why now is different for both insurers and their customers.
Citing “[t]he interconnectedness of everything—driven by the Internet of Things (IoT), cloud, social, analytics, mobile, telematics and the automation that Industry 4.0 brings” as the reasons for an increase in the frequency and severity of cyber attacks, Rapberger warns that offering cyber insurance policies presents just as much risk as opportunity for insurers.
While the market for cyber insurance is large, according to Allianz it will be approximately a $20 billion opportunity by 2022, without partners with “advanced cyber security skills and capabilities,” the opportunity might not be quite as lucrative. The good news is that Rapberger is developing a six part series on cyber insurance, including ways in which carriers can manage risk.
To find out more click here.
To learn more about insurance technology best practices and trends, subscribe to Insurance Tech Insider’s newsletter here. If you’d like to share your professional insights about the industry, please reach out to us here.