Call For Public-Private Cyber-Catastrophe Reinsurance Scheme In The UK

Public-Private Cyber-Catastrophe

The increasing risks from cyber threat could result in the United Kingdom (and other countries) being exposed to “catastrophic consequences” that could never be covered by existing insurance cover – with single event estimates ranging from between £2 billion to £20 billion ($3 to $30 billion). However, a public-private cyber-catastrophe reinsurance scheme would help the UK cyber-industry flourish by accelerating the much-needed growth of cyber insurance.

According to a newly released report prepared by the London-based Z/Yen Group, cyber-risk has the very real potential to be “the biggest, most systemic risk” ever. In addition to being systemic, it is also financial. And as we move towards “the fabled” Internet of Things (IoT), this risk will grow exponentially. Whether computer outages are caused by power failure, a super solar storm, or cyber-terrorism, the results could result in massive business interruptions and property damage that the insurance industry simply won’t be in a position to cover.

“Our potential nightmares range from destruction of the contents of all freezers, to massive pile-ups of autonomous vehicles, to interference with medical devices implanted in people,” says Stephen Caitlin, Executive deputy chairman of XL Caitlin in the foreword of the report.

While insurance plays a major role when it comes to managing major risks (fire, flood, theft, aviation, shipping, automotive, employer’s liability and so on), the system and global nature of cyber-risk restricts the ability of insurers to manage this risk, he says. While expected by regulators to manage their balance sheets, Insurance Companies acknowledge that these balance sheets simply aren’t big enough to pay for “a true cyber-catastrophe.”

While insurers and reinsurers shouldn’t be afraid to add “real risk” to their balance sheets, if the risk is not “containable” then they aren’t going to be able to honor their promise to pay out, Caitlin maintains.

Following a four-month study

  • Considers and discusses the nature of cyber-risk together with potential cyber-catastrophes, and
  • Recommends a public-private cyber-catastrophe reinsurance scheme for the UK that will help insurers tackle the problems of cyber-risk proactively.

Additionally, it examines a number of reported cyber attacks from 2007 to 2014, in Estonia, Myanmar, Iran, the US, and Germany. It also compares terrorism risk insurance programs in Australia, France, Germany and the UK.

The Real Threat of Cyber Attack

There is no contest that the prosperity of the UK (and other countries) depends on information and communications technology (ICT) in an increasingly cyber-based world. However, as dependence on “cyber” worldwide grows, cyber attacks are becoming more sophisticated, more common, and more damaging.

But as real as cyber-risk is, the extent of cyber-attack and the damage done isn’t known since many victims don’t publicize attacks. In fact, as the report points out, many individuals don’t have any knowledge of daily hacking attempts made on their own computer systems, never mind the infrastructures and utilities that support these systems.

Cyber Risk and Cyber Insurance

While traditional risk management relies on “reasonable estimates of impact and likelihood,” the concept of cyber insurance is limited. There is some cover available in the UK, but there are also cyber attack exclusion clauses. A major problem is that one single cyber event can trigger multiple claims by a number of clients, all of whom have different insurance policies. Similarly, a single cyber event can draw attention to past cyber attacks, and this could trigger multiple claims across multiple underwriters. This aggregation of claims in the event of some sort of cyber-catastrophe would prevent the ability of insurers to underwrite business interruption costs, regular property damage, and third part liability cover (which would include cyber).

A report by the UK Government and Marsh, released in March this year, considered the role of insurance in managing and mitigating the risks of UK cyber security. It found that without reinsurers, insurers find it difficult to write cyber insurance. At the same time, reinsurers need “significant scale” if the pooling effects are going to make reinsurance possible.

As the risks of cyber attack continue to grow at an increasingly rapid rate, the traditional insurance tools (shared learning and risk management) must be grown quickly and deployed the Z/Yen Group report states. Ultimately, cyber-catastrophe reinsurance is essential for business interruption, property damage, and third party liabilities.

The report suggests that a public-private scheme could be new, or it could be implemented as an extension to the existing Pool Re for terrorism. Either way it was improve the cyber resilience of the UK and improve its competitiveness as “an attractive economy to locate cyber business.”

By Penny Swift

Thomas Franklin

Future of Stock Markets : Raising Capital Through ICO is 10x cheaper and 20x easier

Future of Stock Markets: Raising Capital Through ICO How blockchain will replace the stock markets as we know them today. Welcome to the future. It’s a beautiful Monday morning of 5th June, 2023. Jane wants ...
Armen Najarian

Martech: Brand Marketing is the New Demand Generation

Martech: Brand Marketing First, An Apology Sorry, demand generation professionals. We still love you and your jobs aren’t going away. But, as you are well aware, the B2B buyer journey has changed—dramatically. Your roles, measurements, data sources, ...
Mark Casey Apcela

How to Optimize Your Office 365 Performance with Network Peering

Optimize Performance with Network Peering Microsoft Office 365 usage has grown significantly in recent years. More than 56 percent of organizations all around the world now use Office 365 cloud-based services. In terms of user ...
Christian Buckley

The Evolution of SharePoint Customization

When I started working with SharePoint back in 2005, deploying WSS 2.0 followed and then SharePoint Portal Server 2003 for a large client, the concept of "customization" as we define it today was not really ...
Gary Bernstein

5 Notable Proxy Servers Adding That Extra Layer Of Privacy

What’s A Proxy Server? A proxy server is a gateway between the user and the internet. This is an intermediary server that separates end users from the websites they browse. It’s completely legal to use ...
Scott Leatherman

Speeding up Digital Transformation During the Pandemic – 7 Steps to Unlocking the Benefits of Cloud

7 Steps to Unlocking the Benefits of Cloud The pressure for IT leaders to support more workloads and remote staff with limited resources is as contagious as the pandemic. The most powerful tool in their ...