Lloyd’s Insurer Says Cyber Risks Are Too Big to Cover

The head of the largest Lloyd’s of London insurers has called for governments to cover the risks of cyber attacks, saying the potential liabilities are too large for insurers to cover.

Stephen Catlin, founder of Catlin Group, said cyber security presented the “biggest, most systemic risk” he had encountered in his 42-year career in insurance, in part because a vulnerability in widely-used software or internet architecture can affect systems globally, putting the industry on the hook for simultaneous, multibillion-dollar payouts.

“Our balance sheets are not large enough to pay for that,” Catlin told the Insurance Insider London conference recently, according to The Financial Times.

In the latest cyber attack against a major US firm, health insurer Anthem reported earlier this week that hackers stole the account information of as many as 80 million customers. Other recent corporate victims include Sony Pictures, JPMorgan Chase, and Target.

Such electronic incursions present an opportunity for the insurance industry to sell more coverage. Policies are designed to help companies meet costs including mounting forensic investigations and defending lawsuits.

But Catlin stressed that cyber attacks are unusually systemic, rather than, for example, a natural disaster that affects only one specific region. “It’s possible that you can have the same loss happening around the globe,” he explained.

Governments have already established state-backed schemes to provide coverage for acts of terrorism, such as Pool Re in the United Kingdom and the Terrorism Risk Insurance program in the US, because the insurance market was unwilling to do so. But Catlin said cyber security posed an even bigger threat than terrorism.

“He’s got a valid point,” Andrew Horton, chief executive of Beazley, a rival Lloyd’s insurer, told the FT. “We’re very mindful of the potential aggregation impact. It’s something governments should be putting a lot of thought into.”

Rob Lay, a security expert at Fujitsu, said businesses should not rely on insurance to protect themselves from a cyber attack. “While insurance may help mitigate some of the financial impact of a security incident or breach, the reputational impact and the impact to the business operation cannot be mitigated with insurance in the same way,” he said in a news release.

Risk Management: http://bit.ly/1O8ZWXH

« Business Is Struggling To Combat Hacking
Israel’s Electrical Grid Cyber Attacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Synopsys

Synopsys

Synopsys delivers trusted and comprehensive silicon to systems design solutions, from electronic design automation to silicon IP and system verification and validation.

INSUREtrust

INSUREtrust

INSUREtrust is a pioneer in the industry, inventing the concept of cyber insurance.

Institute for Cyber Security Innovation - Royal Holloway

Institute for Cyber Security Innovation - Royal Holloway

The Institute for Cyber Security Innovation aims to bring together Academia, Industry and Government to be a catalyst for applied research and innovation in cyber security policy and solutions.

Cryptosense

Cryptosense

Cryptosense provides the first application security software dedicated to the detection and remediation of crypto vulnerabilities.

Risk Ident

Risk Ident

RISK IDENT specializes in supporting enterprises in identifying and preventing criminal activity like payment fraud, account takeovers and identity theft.

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference (AtlSecCon)

Atlantic Security Conference is a non-profit, annual, information security conference located in Halifax, Nova Scotia, Canada.

Adaptive Shield

Adaptive Shield

Addaptive Shield - Complete Control For Your SaaS Security. Proactively find and fix weaknesses across your SaaS platforms.

IntelliGenesis

IntelliGenesis

IntelliGenesis provide comprehensive cyber, data science, analysis, and software development services that provide tailored, secure solutions for your critical data and intelligence needs.

tru.ID

tru.ID

We’re tru.ID, and we're reimagining mobile authentication, one API at a time.

Retruster

Retruster

Protect your users against phishing emails, ransomware & fraud with the most advanced, user-friendly, non-intrusive solution available.

Information Security Officers Group (ISOG)

Information Security Officers Group (ISOG)

ISOG's mission is to strengthen information security through awareness and education programs, promoting community and fellowship among information security leaders.

Data Defenders

Data Defenders

Data Defenders provide information security technology solutions that empower consumers, businesses and governments with safe and secure IT and cybersecurity infrastructures.

dWallet Labs

dWallet Labs

dWallet Labs is a cybersecurity company specializing in blockchain technology. We believe that the future of Web3 relies on cutting edge cryptography and unabated security.

Gutsy

Gutsy

Gutsy uses process mining to help organizations visualize and analyze their complex security processes to understand how they actually run, based on observable event data.

Xcelerate Solutions

Xcelerate Solutions

Xcelerate Solutions is a leading defense and national security company, providing integrated solutions in three service areas – Enterprise Security, Digital Transformation, and Strategic Consulting.

IT Voice

IT Voice

IT Voice specializes in Managed IT and VoIP solutions. Our focus is simplifying the technology so our customers can stay focused on what they do best.