The digital revolution is bringing many benefits to society and business, but the growing reliance on information technology and the internet is increasing the exposure to cyber risk. For insurers, this threat stems from the sensitive customer and company data they hold which make them vulnerable to disruption of IT service availability, data breaches and losses of data integrity.
The paper offers practical steps to enhance existing cyber risk management frameworks and examines the role that insurance can play. Traditional focus on IT security is no longer sufficient and equal focus is needed on preparing for, protecting against, detecting and improving resilience following security incidents.
Insurance can play a key role in improving society’s overall resilience to cyber risk. The insurance market for cyber risk is continuing to evolve in light of more frequent, more sophisticated and more high profile cyber-attacks and changes to regulatory frameworks. The paper outlines risk management steps on the codification of cyber risk, understanding cyber risk exposure accumulation and risk management framework needed to support a well-functioning insurance market for cyber risk.
In both respects, risk management should look to foster increased cross functional collaboration and communication with colleagues as way of bolstering organisations’ Cyber Resilience.