Cyber Insurance: A look at recent advances, good practices and challenges by ENISA
ENISA recognising the growing need of insurance companies and customers alike, developed a report, focusing on key developments, challenges, and an insurers’ pre-policy risk assessment.
Published on November 07, 2016
The aim of the report is to raise awareness for the most impactful market advances, by shortly identifying the most significant cyber insurance developments for the past four years – during 2012 to 2016 – and to capture the good practices and challenges during the early stages of the cyber insurance lifecycle, i.e. before an actual policy is signed, laying the ground for future work in the area.
Member States understanding the importance of addressing cyber-risk, have taken relevant action by publishing guides of good cyber-hygiene[1] [2]. Insurance federations have also shown a great interest in cyber-insurance, with actions taking place both at the European and national level.
A rising concern among a number of insurers is found to be the uncertainty around accumulating risk[3]. A subset of key recommendations, for the betterment of the cyber insurance constituency, to policy makers, insurance companies, and future customers include:
- To policy makers: avoid the introduction of mandatory requirements that might undermine the cyber-insurance market adoption rate
- To insurance companies: a) consider adopting common standards and methodologies, b) introduce explanatory sessions, and provide customer scenarios and generic examples of policy coverage and c) clarify the policy language and offer a transparent underwriting process
- To cyber insurance customers: get informed, prepare and document the environment before requesting a cyber-insurance policy.
The report is targeted primarily at insurance companies, to either benchmark themselves against the market trends, or evaluate good practices before entering the market. Additional beneficiaries are customers interested to adopt a cyber insurance policy. Founded to address residual risk, the cyber insurance market is anticipating a growth in both technological and sales volume terms; a growth that is expected to be further accelerated by the legislative additions of the GDPR and NIS Directive.
Full report is available here
For interviews and press enquiries please contact press@enisa.europa.eu
[1] France, ANSSI “40 essential measures for a healthy network” http://bit.ly/2dr6nbA
[2] United Kingdom, Department for Business, Energy & Industrial Strategy “Cyber essentials scheme: overview” http://bit.ly/1hkkmdz
[3] For example, in the event that an incident would occur an insurer cannot be certain about the number of customers that would be affected.
Stay updated - subscribe to RSS feeds of both ENISA news items & press releases!
News items:
http://www.enisa.europa.eu/media/news-items/news-wires/RSS
PRs:
http://www.enisa.europa.eu/media/press-releases/press-releases/RSS