As cyberattacks increase in frequency and severity, the Insurance Council of Australia (ICA) has welcomed analysis from the Actuaries Institute on cyber risk and the role of re/insurance in protecting against the impacts of cybercrime.
In a recent report, the ICA announced its support for the finding in the Actuaries Institute report that one of the current limitations for insurers writing cyber insurance is a lack of available data.
The ICA added that by making data on cyber incidents available, the Government could improve the understanding of cyber risk and the cyber insurance market and assist risk assessment by insurers.
Andrew Hall, CEO Insurance Council of Australia, commented, “Working in partnership with the government, insurers have a key role to play to help businesses protect themselves and recover from cyberattacks.”
“The Actuaries Institute provides yet another opportunity to discuss how industry and government can work in partnership to tackle this significant challenge.”
The report notes that Government plays a central role in promoting cyber security across the economy, including legislation to protect critical infrastructure and personal data, supporting businesses to lift their cyber security and respond to major threats.
In the same breath, it suggests that insurers also play a crucial role in improving cyber security by working with clients to reduce the risk of a damaging cyberattack and providing technical, legal, and financial support to investigate the source and deal with the consequences for the business and its customers.
Despite Senior executives at Swiss Re recently observing that they are “certain” that cyber will become a prominent line of business in the long term, the uptake of cyber insurance globally is still low relative to other classes of insurance, particularly among smaller businesses.
Hall added, “This week’s extraordinary cyberattack on Optus and its customers demonstrates how important it is for large and small organisations to have robust cyber protections in place.”
“This chilling example reminds us that more needs to be done to protect businesses and organisations from cyber-attacks.”
The report concludes that Government should increase information to businesses and the community about cyber risk and promote simple ways of improving cyber security, including reviewing existing standards.