1800 2666
Live Chat
(Please enter words below)
x
x

Please enter your details

Please enter the name
+91 Please enter the mobile number
Please select the product
(Please enter words below)

Live Chat

May I help you?

Begin Chat
expert_blog
 

India Inc must step up on cyber insurance

Posted by - ICICI Lombard, GIC Ltd.
June 04 2017

As cybercrime becomes a daily phenomenon, corporate and insurance firms should work together to fight the associated risks

Cybercrime is back in the news, with the recent ransomware attack WannaCry that struck users and firms across the world. Impacting over 200,000 computers in more than 150 countries, it held people and organisations to ransom and at the mercy of cyber-attackers.

While this incident might have brought the topic back into the limelight, cybercrime is already a day-to-day phenomenon. More than 4,000 ransomware attacks occurred every day across the globe in 2016 — up from 1,000 attacks a day in 2015. Cybercrime damages cost the world $3 trillion in 2016; this figure will rise to $21 trillion, according to experts. Further, cyber malwares are spreading to smartphones and other devices.

Indian companies and users are equally at risk. At nearly the same time when the ransomware attack occurred, 17 million user records were stolen from a prominent Indian food portal, despite these being stored in an encrypted format. We have already witnessed one of the biggest ever breaches of financial data involving 3.2 million debit cards in India in October 2016.

Cyberattacks impact firms irrespective of industry and size. Globally, health care, financial services and retail have been the most impacted by cyber breaches. In case of India, the impact is cross-industry, irrespective of whether the sector is consumer-facing or not. Financial services, pharma, oil and gas, apart from information technology (IT), have been the key targets of cyberattackers. According to recent surveys, while Indian executives acknowledge cybercrime as a serious threat to their organisations, few companies have made it part of their board agenda. Three in four companies do not conduct a detailed cyber risk assessment nor do they have any cyber incident response plan in place. This indicates that India Inc is largely oblivious to the critical damage that cybercrime can inflict on business.

Having said this, some organisations, especially the larger ones in the banking, financial services and insurance and IT space, are ensuring that they build robust cyber security defences. However, these firms are exposed to another risk — their partners and vendors have inadequate or lax security controls. Cyber hackers exploit this weak link to tunnel into systems and networks of companies. Another cause of concern is data that resides on the cloud. The shared, ondemand nature of cloud computing introduces the possibility of new security breaches. A cloud environment faces threats similar to traditional corporate networks, but due to the vast amount of data stored on cloud servers, providers are potential targets for a cyberattack.

Though cyber risk is acknowledged as a critical threat to business today, investments in cyber insurance remain small. The global cyber insurance market is estimated at $4 billion and is expected to grow to $20 billion by 2025. The Indian cyber insurance market stands at ~300 million and should expand to ~750 million by 2020. While these forecasts convey a major uptrend, they may not be sufficient given that technology-related risks will only grow in size and frequency in the new tech era. More importantly, this new-age risk is vastly different from traditional risks such as fire or marine losses. It does not remain confined to a pattern nor can it be entirely restricted by a defined set of preventive actions.

Insurers have been gearing up for this new-age onslaught. They have been enhancing their roles by offering consulting, communicating and constituting futuristic solutions. Further, industry leaders are coming together through platforms such as the World Economic Forum to define and draft recommendations on mitigating risks in the tech and cyber-enabled era. The industry has already demonstrated that it can be a source of guidance in advance of a breach and post breach. For instance, having dealt with incidents of many ransomwares in the past, insurers were in a position to guide their clients during the WannaCry attack to take appropriate action and worked jointly with their legal, communication and security teams to respond effectively.

On the product front as well, cyber insurance has evolved with time. The first “internet insurance” covers were introduced in the late 1990s to address exposure to online content or software. They were offered as an extension under professional indemnity policies with smaller limits. With the enactment of data privacy law in the US, a stand-alone cyber insurance product was conceived. At present, the principal cover under the policy is for damages and legal costs in connection with a data breach. It also pays for various costs associated with the company, negating an impact on its reputation — that is, costs for notifying customers, hiring reputation management agencies and credit monitoring services for affected customers. In addition, the policy pays for cost of forensics investigation and expenses incurred in recreating any lost data. In case of a cyber extortion situation like WannaCry, the policy will pay the ransom as well as costs of a specialist engaged to handle such a situation. In case of an outage of services (denial of service attacks) due to a cyberattack, loss of profits are also covered.

As the cyber risk situation evolves, insurers are focusing on addressing business interruption losses caused by cyberattacks. Coverage for lost earnings due to customer attrition as a result of network breach is also being introduced. Further, as comprehensive legislations are put in place, insurance offerings are being aligned beforehand to meet regulatory requirements.

Cyberattacks are bound to increase in the future. It is up to corporate and insurance firms to join hands to work cohesively to fight these risks. For insurers, this presents yet another opportunity to add value to the ecosystem by taking up the risk manager position in the new-age innovation economy.


Source: Business Standard

Write a review

Related articles

06

July 2014
  • How to maximise your motor insurance cover

    Motor insurance has evolved significantly over the years. Consumers today can look forward to a host of additional covers as well as assistance services thus deriving maximum value from their motor insurance policy.
    Posted By - ICICI Lombard
    Read More

18

July 2015
  • Insured Declared Value and Total Loss - An Insight

    More often than not, the insured find themselves in a fix and anxiety takes over when their insured vehicle is seriously damaged and/or destroyed. Judgements about actual losses exceeding the sum insured make them even wearier.
    Posted By - ICICI Lombard
    Read More

01

October 2013
  • Online Motor Insurance - An Industry Snapshot

    When it comes to investing in a motor insurance policy, one looks for a plan that adequately covers and offers adept financial assistance during vehicle damage, theft, and road accidents.
    Posted By - ICICI Lombard
    Read More

12

January 2015
  • Safety Above All Health Insurance

    Several years of financial planning and meticulous savings helped Rakesh Mishra to plan the purchase of his new car. However, destiny had something else in store for him.
    Posted By - ICICI Lombard
    Read More

12

April 2014
  • Significance of Motor Insurance

    It is imperative for a driver to own a motor insurance. Motor insurance is legally required in almost all the countries in the world. Owning a quality motor insurance protects the driver, the passengers and their vehicle.
    Posted By - ICICI Lombard
    Read More

05

February 2017
  • Our MD & CEO Mr. Bhargav Dasgupta's view on the Union Budget 2017

    The Union Budget was a much awaited event post the demonetization drive, a momentous step by any standard. While many were expecting the budget to provide sops to balance the short term impact of the drive, I think the Government has done well to present a prudent balance sheet that focuses on the long term growth prospects of the nation and gives a boost to those areas that form the backbone of the Indian economy. To my mind, the focus on agriculture growth, digitization, infrastructure development and enabling cashless transactions will give the necessary fillip to India’s long term growth engine.
    Posted By - ICICI Lombard
    Read More