Skip to main content

Cyber Insurance - a way for risk mitigation

By Sanjeev Srinivasan, CEO & MD, Bharti AXA General Insurance 

The recent spike in occurrence of cybercrime across the globe has made it obvious that it is no more a question of “whether” but a question of “when”. The average cost to the organization of these breaches is estimated to be close to 5 million USD. Multiple analyst reports place the average cost per breached record between USD 78 and USD 277. This cost is attributed to investigation and remediation activities, notifications to be sent to customers and other stakeholders, change in credit worthiness, reputation management, legal fees and settlements and any regulatory fines arising from the breach. Add to this the intangible loss to the brand value and the change in customer behavior in response to the breaches.

Organizations no more have the luxury of imagining that they will not be targeted by malicious hackers. Remember that the hacks need not just target the data an organization holds - the compromised systems can also be used to launch an attack on third parties it interacts with. In such a scenario, the organization may be held liable for the damage caused to the third parties. While a commitment to security is must, it is impossible to make any system 100% foolproof. As such, it has become inevitable for organizations across industries and sizes to develop a good cyber risk management approach.

A sound cyber risk management plan will include increased cyber resilience through response and recovery, contingency planning, and as a last resort mitigation and transfer of financial risk through cyber insurance. The cyber insurance market is still nascent, and even in the markets where take-up for commercial property and liability insurance approaches 100%, cyber insurance is purchased by anywhere between 20% to 35% of businesses based on the industry and size of the organization. The variation based on size and line of business indicates that the low adoption rate is because of a lack of awareness in the market.

An analysis of cyber-attacks over the last 3 years makes it clear that an organization’s defense is only as strong as the weakest vendor they interact with. Hackers have launched attacks on Fortune 500 companies using credentials they got off vendors like air conditioning and food delivery companies. The substantial difference in procedures and protocols followed at large and small organizations forces the larger player to fall back on cyber insurance as a way to transfer the risk arising from the weak links they have little control over. It is no surprise that while the take-up rates have increased in both small and large organizations, the gap between the two segments has actually increased over the last 3 years.

The very act of applying for a cyber-insurance incentives behavioral change in an organization. Simple desire to get the coverage at as low a premium as possible drives the organization to conduct gap analysis. The very first ask from underwriters is that all significant activities are logged against individual users and therefore login to the system are secure. Additionally, they require organizations to have disciplined procedures for patching software and put in place an incident response plan. They would also want to know if vendor networks are monitored regularly. Organizations would want to measure upto industry benchmarks like NIST framework and ISO 27001 as that would result in lower cost of insurance.

Further, once a policy is purchased, the insurer is invested in keeping the damage from any cyber-attacks at the minimum. This results in an additional layer of security through monitoring and rapid response services provided by the insurer to their policyholders.

Comments

Popular posts from this blog

Cloud Computing powering India’s priority of ‘Digital-first country’

By: Sunil Mahale, India MD and VP, Nutanix
Digital transformation has been recognized as being vital to the growth of our nation. This transformation has enjoyed the unanimous approval and contribution from all stake holders including enterprises, MSMEs, government bodies and citizens. But this level of adoption in a country with a population of over a billion people would need a robust technology base that is capable to collecting and distributing vital data seamlessly.
Digital India envisions creating high speed digital highways, that will impact commerce and create a digital footprint for every individual. Technologies based on mobility, analytics, Internet of things and most importantly, cloud technologies are the building blocks for the digital India missionThere is a growing need to manage huge volumes of data, and making them readily available to public through digital cloud services. Cloud has a pivotal role in enabling this change.
While Data centers have become crucial to th…

RevStart launches its RevItUp Incubation Programme

Underlining its vision of creating a nurturing ecosystem for start-ups to grow in, RevStart, a co-working and incubation centre, has announced the launch of its RevItUp Incubation Programme. The 12-week long programme will be held at RevStart Incubation Centre in Noida from July 1, 2018 onwards. As part of the programme, RevStart will select five high potential start-ups from the ed-tech sector, AI, Consumer Internet, Sustainability, as well as for-profit social impact companies to assist them with developing their business, along with connecting them to global mentors across industries and sectors. In addition, start-ups selected for the programme will receive INR 5 lakh to Rs. 25 lakhs worth of cash and benefits, while RevStart will get an equity stake in the ventures.
The RevItUp Incubation Programme has been created to enhance the founding team’s industry, product, and company building knowledge and capabilities through a world-class curriculum. The programme will focus on tailor…

The Workplace of the Future

By: Arnab Ghosh – Director, Synergy Property Development Services)
Workplaces are undergoing a major transformation today to stay relevant. Conventional space planning and design approach for office space are slowly but steadily changing across the globe. What was a trickle a decade back is snowballing into a movement as we speak? The nature of the work we do and the time we spend in our workplace is driving this change. 
The Social Workplace The original office in the west was originally based on the factory floor design. The Workers occupied the maximum space followed by Managers and the Senior Executives in their glass cabins. The term “productivity” also has industrial roots. There were well-defined tasks and targets for the employees to achieve in their working time. All these have changed drastically over the last few decades and going to change further in the future. The culture of organizations has to adapt to this change to stay ahead and retain talent. Productivity is no long…