Latest News

ENISA: Cyber insurance incomprehensive

By staff reporter

The traditional coverage offered by Europe’s insurance providers may not comprehensively address present-day digital risk, according to the European Network and Information Security Agency (ENISA).

A new report from the digital risk agency, Incentives and barriers to the cyber insurance market in Europe, which calls for a kick-start in the cyber insurance market, identifies a lack of actuarial data on the extent of the risk and uncertainty about what type of risk should be insured against among the obstacles to the development of an effective cyber insurance market.

To address these issues, ENISA makes four recommendations:

•Collect empirical data on cyber insurance in Europe, looking at types of risk insured, premiums paid and levels of payouts to determine future trends. The action could be taken by insurance underwriters, firms or regulatory authorities.

•Examine incentives for firms to improve their data security as a way for them to reduce their risk and financial liability if they breach data protection regulations. Fact finding with the European Commission would be a first step to understanding this area.

•Establish agreed frameworks to help firms put a measurable value on their information. The work could be assisted by privacy and information security advisors, underwriters and the European Commission. ENISA could also provide further support.

•Explore the role of governments as an insurer of last resort, following other models where policy intervention is in evidence when catastrophic risk is involved. This could be investigated by EU Member State governments and the European Commission.

According to ENISA’s executive director, Professor Udo Helmbrecht, this new report indicates that there is potential for Europe’s cyber security policies and legislation must be complemented by a prevention-focused cyber insurance market.

"As well as providing reassurance that proper cover was available, a developed market in this area would help to improve levels of cyber security by putting a true cost on cyber incidents and showing the benefits of implementing good security practices,” Professor Helmbrecht said.

    Share Story:

YOU MIGHT ALSO LIKE

Hospitality sector urges clearer government guidance and more support over pandemic next steps

2022 Predictions: A year of opportunity

2022 Predictions: FCA and Treasury will seek AR oversight improvements


BANNER

Resilience Rooted in Reality
In this podcast, CIR speaks to CLDigital’s Tejas Katwala about why organisations must move beyond checklist compliance to build living, data driven resilience. He explains how rethinking governance, risk and compliance, breaking down silos and focusing on value streams can create sustainable, real time resilience that is rooted in the way businesses actually operate today.

Building cyber resilience in a complex threat landscape
Cyber threats are evolving faster than ever. This episode explores how organisations can strengthen defences, embed resilience, and navigate regulatory and human challenges in an increasingly complex digital environment.

© 2019 Perspective Publishing     Privacy & Cookies