Cyber Security or Cyber Insurance! Navigate your Insurance Business
Insurance is complex. It’s not like buying a T-shirt or grocery, when an individual or firm buys a insurance they are buying a promise. It’s a promise that any disaster happens your carrier is going to assist them to rebuild their business again. So customers plays a vital role in the insurance industry and exceeding their expectations is not so easy.
Customers shows trust towards your firm, when they buy any policy from you.
Undoubtedly it’s your responsibility to keep their data secure and maintain that level of trust which they have in your firm.
It is rightly said by Shep Hyken, a customer service expert that “Satisfaction is a rating. Loyalty is a brand”. But the concern with data security is increasing day by day, due to which insurance carriers are frazzled, as the cyber attack is continually damaging firm’s reputation.
Now it’s a big question among insurance carriers and agents, that they should go for Cyber security or cyber insurance?
This year, a report co-written by Lloyd’s of London and Cyence found that the average cost of a major cyber attack could soon reach $67.1 billion. Now the cyber threat has become so massive, that businesses are thinking, what measure they should take to protect their firm and minimize the damage?
Cyber Insurance is a fast emerging and still immature sector that looks to protect businesses from cyber based risks. An event on cyber insurance was held on Thursday 21st September 17, Managing Director at FTI Consulting, Dawna Wright described cyber insurance as, “ quantifying what might be at first seem unquantifiable”.
Pip Wyredman is the senior adviser for Cyber Policy in the Department of the Prime Minsiter, who has been only for one year in Cyber Insurance, but has already submerged into that murky world. She said, “ There are many impacts from a cyber incident, some can be insured against and some can’t. It is easy to see how the loss of one’s computer system can be insured against, and it is possible that loss of incomes might be insured against”. But according to her the situation becomes confusing on; where you have stored your personal and financial data about customers or clients and that is what get ex filtrated.
This is what actually happened in the United States in 2013, when the credit card and personal information of 110 million target customers was compromised, thanks to a major breach. Because after that the impact of this attack was global on a personal, financial and organizational level, but ultimately unquantifiable, demonstrating the difficulty cyber insurance underwriters faced.
So it has become confusing that, “Who should be insured in such a scenario? Who needs to be insured for what?” The Chief Information Security Officer for the NSW government, Maria Milosavljevic added a point that, “ You can’t outsource accountability, so you point the company and say they are fully responsible, accountable and liable. And you can’t point to the individual and say you shouldn’t have provided your data. And what exactly is the harm? The harm is not visible for years”.
She asked for a systematic and significant change in the structure, so that the world starts moving towards mutual responsibility. Because taking responsibility around cyber crime, may take shape in the form of mitigation.
Before investing in cyber security programs, companies should get better equipment to withstand an attack,so that they become less dependent on cyber insurance.And this might create a change in the insurance industry….!
At the end of the discussion Wyderman said that, “We can only raise awareness and teach people among insurance sector, until the cows come home. But I believe that people need to be self-motivated to act before going through a heavy regulatory path”
Key takeaways-
The insurance carriers across the globe have to take some preventive measures to secure their data, even when they are outsourcing insurance back- office process, policy management process, claims management process and commission management to a reliable industry, so that they could not become the target of these cyber attack and spoil their reputation in the market that will eventually lead the business towards insolvency.
