 |
| Booming Cyber Insurance Market: Cyber Security in Germany and Europe |
| Oliver Delvos, Senior Underwriter Cyber Risk | Practice Leader FI Cyber for DACH region (Austria, Germany and Switzerland) The number of cyber-attacks on businesses is increasing. Encryption of data and extortion are among the most widely used methods. Effective protection is available through tailored solutions only. |
| Companies that become victims of cyber-attacks are in good company. Cyber crime and ransomware have been an increasing cause of cyber claims among small and large businesses, as AIG's European data report on cyber insurance claims events reveals. Two developments become quite clear: The attacks are increasingly intelligent and professionally implemented. The attackers have become expertly organised and are choosing their targets carefully before starting their attack. On the other hand, the increasing interlinking of companies in the context of "Industry 4.0" has made it more difficult to isolate attacks. They can therefore inflict claims to a company in several areas. The cyber criminals are targeting all sectors of the economy. From machine and plant engineering to financial services providers, chemical and pharmaceutical companies as well as the electrical engineering and the automotive industry. These sectors are exposed in different ways. A rethinking process needs to start in all companies. Data security and data protection must become an essential part of risk management. For a long time already, IT security is no longer a purely technical issue. Rather, it is to be understood as a continuous process and a part of any risk analysis. The second most frequent cause of data loss or data theft are negligent or even deliberate acts of own employees. IT security is often the responsibility of the IT department. The decisive factor for success, however, is a coordinated and collaborative commitment by all parties including the management, IT, compliance, the respective technical departments as well as the legal department. They should work closely together concerning cyber security. In the entire process of risk prevention, a plan for the continuation of the operation (keyword: business continuity plan) is one of the most important aspects. Having a plan - ideally a regularly tested one - how to react in the event of an attack, can save valuable time and contribute to greatly limiting the claim. When an attack takes place, the organization is often overwhelmed, panic sets in, and it may happen that the claim is made worse by hasty actions instead of minimizing it. A good business continuity plan also has to look at the extent to which resources are available internally, or whether external experts need to be involved. Ongoing interlinking makes it increasingly difficult to separate the individual risks from each other. Especially, if policies include data stored with external services providers. Therefore, accurate tracking of the insured risks is indispensable. AIG therefore advises its customers to adjust all their insurance solutions to their individual needs. Businesses should ask themselves three important questions:
The market for cyber insurance is booming and more and more insurers are pushing onto the market with their solutions. For companies it is important to bear in mind that the low premiums of a provider result in insufficient coverage in a claims event. Companies should therefore carefully examine the individual risks and services to be covered by a policy. For example, it should be ensured that a number of emergency services are included to ensure rapid notification of the insurer and claims processing. |
| © 2017 American International Group, Inc. Alle Rechte vorbehalten. |
 |