It's been reported many times that regulatory pressure is the biggest factor driving investment in cyber security and the UK is undertaking a review for 2020. This study suggests it's also driving insurance sales...: What is motivating cyber (re)insurance sales? Guy Carpenter’s Cyber Year in Brief and 2020 Outlook explores how the threat of ransomware and associated high costs of regulatory actions have driven clients to purchase cyber insurance cover for the first time, or

This is why it pays to work with a specialist broker. The cover you think you've signed up for might not be all it seems...: [...] Businesses can often find "trapdoors" in cyber and traditional insurance policies where coverage is withheld due to missed provisions that limit funds for specific risks, Scott Godes, partner at Barnes & Thornburg, told CIO Dive. If a business buys a policy for losses related to business email compromise (BEC), it might find the binde

For the insurance industry, this counts as 'rapid response'. Cynicism aside, it's good to see the risk model adapting too the 'new normal'...: Aon has expanded the scope of CyQu Enterprise, a cyber risk assessment methodology, to help analyze the cyber security impacts of recent network access or policy changes businesses have made to accommodate the increase in remote working due to COVID-19. CyQu is an automated cyber self-assessment designed specifically for small-to-m

Like banks have a 'lender of last resort', insurers need an 'insurer of last resort' for events that affect a large proportion of their insured parties...: A European Union framework is needed to provide insurance cover for catastrophes such as pandemics and huge cyber attacks, the Federation of European Risk Management (FERMA) said on Tuesday. This would involve public-private partnerships and could cover events which hit businesses but do not involve physical damage, FE...

This quote from Zurich’s cyber risk engineering global practice leader, Philipp Hurni sums up the current themes in cyber security...: “To make sure that this damage can only have limited impact, companies must prepare for the attack and expect the worst. They are best advised to develop response and recovery plans, and test these plans with relevant stakeholders and be well prepared,” he said, and added: “Businesses need to strive for resilience and have – wherever possible

Many organisations are implicitly covering their cyber risk themselves rather than take out insurance. Contrast with this example of a company (underwritten by a wealthy individual) explicitly offering to cover liabilities for a different set of risks. I'm not sure if this represents 'coercive control' of the board by Musk... [...] Tesla determined not to renew its directors and officers liability insurance policy for the 2019-2020 year due to disproportionately high premium

I think the US government has got this one right. The cyber insurance market is failing to drive behaviour...: [...] Insurance can provide financial incentives for individuals and organizations to better manage their risk. From incentivizing the use of seatbelts and airbags in the automotive industry to pushing for fire suppression systems as a part of building codes, the insurance industry has played an important role in identifying risk management standards for individual

It seems a natural for the credit agencies to have a major role in assessing cyber risk. It was all going so well, until the buzzphrase 'machine learning' got chucked in. [...] Developed by Experian DataLabs, the company's research and development group,  Experian's cybersecurity risk model uses machine learning to bring together data elements, build linkages, and construct a model that may more effectively predict cyber risk based on many critical factors including the cybe