Deloitte advises insurance on how to tackle cyber risks

By Joanna England
Share
As our world becomes increasingly digital, cyber attacks are the next big threat and challenge globally...

As our world becomes increasingly digital, cyber attacks are the next big threat and challenge globally.

According to a statistical survey by Purplesec, cybercrime is up 600% in the US as a direct reaction to the COVID-19 pandemic. To put that in perspective, in 2018, there were 80,000 cyber-attacks per day, or over 30 million attacks per year in the US alone. 

This phenomenon not only poses a huge threat to businesses, it also causes a quandary for insurance companies too, which are responsible for underwriting the damage caused by an unexpected cybercrime.

While traditional insurance companies have resisted the move to digital servicing compared to other industries, their transition period has been accelerated because of the pandemic. A new report by Deloitte looks at how senior insurance executives are managing the numbers of claims relating to cyber-attacks, and solutions for dealing with them both in-house and through new claims.

Taking a holistic view of the industry threats, identifying and managing online security is the first challenge. Deloitte pinpoints areas of vulnerability companies face, ranging from consumer protection, absent exclusions (where cyber risks trigger claims on policies) and silent cyber risks. 

Firms must also look within their own structures to determine whether they are cyber secure, or whether their own procedures are leaving them open to online attacks. 

One of the challenges of preventing cyber-attacks is that there is not a one-size-fits-all solution. Every firm has different structures and operational methods and, therefore, different areas of vulnerability. The report suggests forming a team of experts to manage and troubleshoot digital platforms. 

Claiming for a cyber attack

Identifying and managing silent cyber risk through claims in the insurance industry requires expertise. Many firms requesting claims will not even be aware of some of their breaches, the report points out. Indeed, managers and supervisors must “identify, quantify and manage their cyber exposures in line with regulatory expectations.”

The report also looks at performing analytical tests to track data risks and manage tail risks. Firms are advised they will have to demonstrate effective handling of sensitive data and security systems. 

However, because the frequency and development of new cyber-attacks are so regular, insurance firms may have to insist on bottom-up assessments of a company’s firewalls and digital platforms, to assess how responsible they themselves might be for an attack and what potential payouts would be under-written in the event of a damaging breach.

Demand for new products

Furthermore, the tradition of reinsuring is cheaper than buying into a new policy. But, as the goalposts of cyber warfare are constantly changing, digital security is an area that requires regular assessments. 

Deloitte advises that firms carefully examine the types of damage that cyber-risks pose to insurance customers and how best to tackle those pay-outs in the event of a breach. 

Because of the vast number of cyber attacks that happen, the different levels of damage they cause, and their complexity, it’s essential that insurance firms form a strong criterion within which compensation will be paid or rejected. 

The solution

Deloitte refers to a management strategy, devised by its experts, that insurance companies can adopt. Called the Deloitte Cyber Incident Response and Breach Management System, it comprises a team of experts ready to be deployed in the case of a security breach that requires repair.  

The study also points to companies carrying out regular ‘stress tests’ to monitor the strength of their existing security features and expose new vulnerabilities. 

Share

Featured Articles

GFT and Databricks Forge AI Data Alliance

Discover how GFT and Databricks tackle AI's major hurdles: precision and bias, through improved data integration in finance

Insurers Face Modelling Challenges Amid Regulatory Shifts

RNA Analytics director outlines how IFRS 17 implementation, climate disclosures and AI adoption will reshape insurance risk assessment in 2025

US Bank and One Inc Unite to Reshape Insurance Payments

Move aims to streamline claims processing through digital network, as insurers seek to modernise transaction systems amid rising digital payment adoption

Insurance Software Provider Fadata Expands Global Presence

Insurtech

Top 10: Sustainability Leaders in InsurTech

Sustainability

Allianz: Insurers Focus on Growth Despite Compliance Hurdles

Digital Strategy