Lloyd’s Insurer Says Cyber Risks Are Too Big to Cover

Uploaded on 2016-02-01 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY--Resilience

The head of the largest Lloyd’s of London insurers has called for governments to cover the risks of cyber attacks, saying the potential liabilities are too large for insurers to cover.

Stephen Catlin, founder of Catlin Group, said cyber security presented the “biggest, most systemic risk” he had encountered in his 42-year career in insurance, in part because a vulnerability in widely-used software or internet architecture can affect systems globally, putting the industry on the hook for simultaneous, multibillion-dollar payouts.

“Our balance sheets are not large enough to pay for that,” Catlin told the Insurance Insider London conference recently, according to The Financial Times.

In the latest cyber attack against a major US firm, health insurer Anthem reported earlier this week that hackers stole the account information of as many as 80 million customers. Other recent corporate victims include Sony Pictures, JPMorgan Chase, and Target.

Such electronic incursions present an opportunity for the insurance industry to sell more coverage. Policies are designed to help companies meet costs including mounting forensic investigations and defending lawsuits.

But Catlin stressed that cyber attacks are unusually systemic, rather than, for example, a natural disaster that affects only one specific region. “It’s possible that you can have the same loss happening around the globe,” he explained.

Governments have already established state-backed schemes to provide coverage for acts of terrorism, such as Pool Re in the United Kingdom and the Terrorism Risk Insurance program in the US, because the insurance market was unwilling to do so. But Catlin said cyber security posed an even bigger threat than terrorism.

“He’s got a valid point,” Andrew Horton, chief executive of Beazley, a rival Lloyd’s insurer, told the FT. “We’re very mindful of the potential aggregation impact. It’s something governments should be putting a lot of thought into.”

Rob Lay, a security expert at Fujitsu, said businesses should not rely on insurance to protect themselves from a cyber attack. “While insurance may help mitigate some of the financial impact of a security incident or breach, the reputational impact and the impact to the business operation cannot be mitigated with insurance in the same way,” he said in a news release.

Risk Management: http://bit.ly/1O8ZWXH

« Business Is Struggling To Combat Hacking
Israel’s Electrical Grid Cyber Attacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZDL Group

ZDL Group

At ZDL (formerly ZeroDayLab) we take a comprehensive view of our clients cyber security risks and provide quality services to address those risk

Virtual Security

Virtual Security

Virtual Security provides solutions in the field of managed security services, network security, secure remote work, responsible internet, application security, encryption, BYOD and compliance.

UpGuard

UpGuard

UpGuard's discovery engine brings visibility to complex IT environments, enabling teams to identify risk, confirm compliance and make business safer.

Redspin

Redspin

Redspin provide penetration testing, security assessments and consulting services.

Exein

Exein

Exein are on a mission to build the world’s first ecosystem for firmware security so that all different types of firmware are secure around the world.

Cyber Defense Agency (CDA)

Cyber Defense Agency (CDA)

Cyber Defense Agency is a premier professional services firm specializing in cyber security, computer network defense, and information security.

SoSafe

SoSafe

SoSafe empowers organizations to build a security culture and mitigate risk with its GDPR-compliant awareness programs.

Scanmeter

Scanmeter

Scanmeter helps identifying vulnerabilities in software and systems before they can be exploited by an attacker.

AgileBlue (Agile1)

AgileBlue (Agile1)

AgileBlue (formerly Agile1) is a managed breach detection company with an Autonomous SOC-as-a-Service for 24×7 monitoring, detection and guided response.

Exium

Exium

At Exium we’ve integrated networking and security in a cloud-delivered Zero Trust platform powered by 5G and open source.

Metallic.io

Metallic.io

Metallic (formerly TrapX) is a SaaS portfolio for enterprise-grade backup and recovery, designed to protect your data from corruption, deletion, ransomware, and other threats.

Aardwolf Security

Aardwolf Security

Aardwolf Security specialise in penetration testing to the highest standards set out by OWASP. We ensure complete client satisfaction and aftercare.

Blue Cloud Softech Solutions

Blue Cloud Softech Solutions

Blue Cloud Softech propels inspiring digital transformations. We provide AI products, cybersecurity, healthcare technology, and cloud solutions.

Winslow Technology Group (WTG)

Winslow Technology Group (WTG)

Winslow Technology Group is a leading provider of IT Solutions, Managed Services, and Cybersecurity Services dedicated to providing exceptional business outcomes for our customers since 2003.

CyTwist

CyTwist

CyTwist is an early warning attack detection platform that complement your existing security suite and provides your security teams with unique detection capabilities of stealth targeted attacks.

RealmOne

RealmOne

RealmOne addresses the most challenging issues in the realms of defense and cyberspace, adapting to the continuously changing demands of our national security customers.