With Insurtech, it is more threatening than ever: Cyber Risk

As a more connected world with billions of sensors, connected machines, totally digital processes, trillion terabyte of new data and strict regulations on data privacy, cyber risk appears as a big threat on their digital transformation journey of insurance companies.

Actually, cyber risk was always there and companies had been managed it without detailed policies or billion dollar covers. But, the conjuncture is changing dramatically. In our century, managing cyber risk is a full-time job and requires big budgets. With 2017 figures, gross written premium of cyber risk policies is nearly 3,1 billion USD and it is expected to reach 14 billion USD just  in 5 years. Insurance professionals expect a rapid growth because cyber risk is now threating not just financial statements, but also existence of companies from every business.

As a sub-type of operational risk, cyber risk is defined as “exposure to harm or loss resulting from breaches of or attacks on information systems”. According to other risk types, managing cyber risk seems still like maiden soils. In frontline of policies, there are covers for business interruption, reputation loss and possible physical damages. However, it is obvious that there is lack of clear understanding about how much cyber risk has policy owners.  If we look from point of maturity, cyber risk management is still in the very early stage of risk management: I don’t know what I don’t know!

As a result of new capital regimes and strict regulations, like GDPR, Solvency II, MiFID II, there is a remarkable increase in sales and acquisition activities among companies from every sector and cyber risk appears as a new key indicator during M&A due diligence processes as well. As professionals said, “four or five years ago, cybersecurity due diligence consisted of asking few questions in a short phone call”. But now, maturity of cyber risk management of a company terminates a very profitable M&A process just in few days without any deal or with a deal very low than normal price. So, insurers appear as due diligence partners of companies during their cyber risk management. As all we know, the acquisition process of Yahoo Inc. was radically changed right after Verizon Communications learnt about three billion Yahoo accounts were stolen. Accordingly, the proposed purchased price was reduced from 4,48 billion $ to 350 million $! Sometimes, companies discovered their hacking history during due diligence processes. When Home Depot Inc. was preparing itself for a fair proposal to its rival, The Company Store, they discovered that e-mail and payment card information of up to 56 million customers was stolen and nobody knows about this breach in the Company Store! I cannot be sure, which one is worst.

Cyber risk is climbing to top of CEO’s nightmares steadily. Ironically, even it is a trigger for increasing of cyber risk; insurtech is the unique tool for also managing cyber risk.

#CyberRisk, #Insurtech, #RiskManagement, #GDPR, SolvencyII, #MiFIDII, #ZeynepStefan

 1,105 total views,  1 views today