Other parts of this series:
Insurers are uniquely placed to help their customers counter the increasingly ominous threat of cyber crime. They possess considerable experience, expertise and resources in the business of managing risk. There’s a huge opportunity for carriers to apply these assets to assist their customers to strengthen their cyber security. The benefits for both parties are likely to be substantial.
In my previous blog I highlighted the urgent need among organizations around the world for help in combating the dangers of cyber crime. Research conducted by Accenture and the World Economic Forum shows that fear of cyber attacks is most executives’ biggest headache. Seventy six percent of business leaders believe the likelihood of malicious attack to be “very or extremely high.” Another 68 percent estimate the likelihood of privacy breaches of personal data to be high.
Organizations around the world are being targeted by cyber criminals. Yet, few have adequate measures to respond and recover from a data breach or system shut-down. Insurers, I believe, often underestimate how well-placed they are to help their customers manage the risk associated with such threats.
Sometimes an outside perspective helps us see our own industry more clearly. The U.S. Treasury recently highlighted how the underwriting conducted by insurers could help organizations strengthen their data security. By asking the questions necessary to cover cyber risks, insurers can help organizations identify the tools and practices they need to counter this threat. The underwriting process, says the U.S. Treasury, can also help organizations gauge whether cyber security is sufficiently embedded in their risk management strategy. Key questions include:
- Does the organization have a cyber-incident response plan?
- Are subcontractors and suppliers evaluated to ensure their adherence to the organization’s cyber security standards?
- Does the organization conduct basic cyber hygiene such as regular scanning for malicious activity, patching of software, and multistep identity checks to access internal networks?
The digital economy has dramatically increased the scale and scope of the risks that must be managed. They go beyond the traditional boundaries of the organization and include an ever-growing volume of digital connections with suppliers, partners and customers.
Furthermore, risk management is no longer just an exercise in limitation. It’s not only about trying to stave off disaster. The digital environment is highly interconnected and extremely fluid. Sooner or later something harmful is going to slip past the defenses. An extensive understanding of all potential hazards is vital so that organizations can respond quickly and effectively and limit the damage to their business and its brand.
Insurers have extensive experience and expertise in managing risk. They can play a key role in helping their customers meet the critical demands of risk management in the digital economy. They can guide their customers as they attempt to identify the risks in their business universe. They can act as trusted partners as the organizations put the strategies, technology and governance in place to manage and respond to these risks. And they can provide specialized insurance products and services that address these risks. Such support would strengthen carriers’ ties with customers and provide a solid platform for long-term revenue growth.
In my next blog I’ll discuss how some insurers are responding to the market opportunities created by the need for robust and resilient cyber security.
Until then, these links are likely to be useful.