Pascal Millaire, Chief Executive Officer (CEO) of cyber risk analytics firm CyberCube, has argued that re/insurers must work closely with governments to help enforce minimum security standards as the world continues to grow its cyber vulnerabilities.
Speaking alongside the World Economic Forum annual meeting in Davos, Millaire said that the re/insurance industry is well positioned to play a greater role in rewarding organisations that take cybersecurity seriously.
Such an approach could become increasingly important as the world becomes more exposed to technology-based threats, with CyberCube noting that $1.25 trillion was spent on digital transformation globally last year – a figure projected to rise to $1.97 trillion by 2022.
Millaire also suggested that re/insurers could help their clients further reduce cyber losses by sharing the information they gain from managing large volumes of cyber claims, and by offering approved vendor cybersecurity schemes.
“For centuries, the insurance industry has been the key to unlocking the economic potential of new technology,” he said. “Part of this has always been insurers’ ability to drive improvements in safety and regulation. That ability will be critical as global cyber risk increases.
“We’re at a point at which the global economy is racing to digitise services and product offerings. This has far-reaching implications for society,” Millaire continued.
“With the exponential rise in the connected economy, there is a huge opportunity for both innovation and exploitation. As tangible and intangible items become hyperconnected, the implications of failing to get security and privacy right have much bigger consequences than they did in the past.”
With new risks emerging all the time, Millaire also urged businesses to stop thinking about cyber risk as an issue for IT departments, and instead to address it across their entire organisational structure.
Key digital threats highlighted by CyberCube include disruptive cyber attacks, ransomware, as well as the targeting of infrastructure and transportation systems.
Electoral systems are also vulnerable to cyber risks, while the arrival of 5G networks could soon provide criminals with faster and wider access to critical infrastructure and associated online services.
“Given the risks attributable to cyber can never be reduced to zero, insurance provides a way to transfer some of an organisation’s cyber risk,” Millaire explained.
“For a company spending $20 million on cyber security, it is appropriate to ask whether that company is best served by spending an incremental $1 million on more cyber security or by buying cyber insurance, when a holistic risk management lens is considered.”
