Cyber resilience - The cyber risk challenge and the role of insurance

Return to list

(Contribution of a SCOR expert in an external publication) The digital revolution is affecting nearly all aspects of everyday life. Society and business have become increasingly reliant on technology and the internet. As a result, the availability and security of all services we rely on for daily life, particularly financial services, are exposed to cyber threats and cyber risk.
As a term, cyber risk covers the risks of doing business, including managing and controlling data, in a digital or "cyber" environment. Goods and services are being provided at an ever increasing rate by large scale infrastructure and business projects, underpinned by information technology and the internet. As the environment becomes increasingly interconnected and complex, the tools and expertise needed to exploit the increasing vulnerabilities become more widely available. Consequently, it becomes simpler to carry out an attack. Given the many ways that cyber risk can affect the operation of a business, the costs and impact are uncertain and will be increasingly substantial.
Insurance is not exempt from the impact of these changes, as the industry embraces technology to interact with customers. The sensitive data that insurers accumulate and hold about their customers and the variety of privacy laws that relate to the protection of this information make them a target. The threat for insurers falls into three broad areas: unavailability of IT services, data breach and loss of data integrity.
In light of the continuing evolution of cyber risk, this paper explores two key areas:
1) Practical steps for cyber resilience;
2) The role of insurance in strengthening cyber resilience.

CRO Forum

Return to list

Top of page