By Win-Li Toh
Principal
28 September 2022


Co-authors

Ross Simmonds

Cyber risk Green Paper tackles major concerns for public and private sectors


By Win-Li Toh | 28 September 2022 | Co-authors Ross Simmonds



By Win-Li Toh | 28 September 2022


Co-authors Ross Simmonds


In Australia, a cyber crime was reported every eight minutes over the past financial year and cyber risk cost the economy $33 billion. In a Green Paper commissioned by the Actuaries Institute, Taylor Fry authors Win-Li Toh and Ross Simmonds explore the challenges and opportunities in creating a vibrant, sustainable cyber insurance market – and why collaboration between government, business and insurers is key to filling major gaps in protection against attack.

The paper highlights how technology is woven into every aspect of our daily lives and cyber criminals take advantage of this dependence. Lead author Win-Li Toh says, “Despite increasing government and business spend, the approach to addressing the exposures appears disjointed and the losses are mounting. No one is immune – from SMEs to the largest corporates – across industries and disrupting supply chains.”

What’s more, Win-Li adds, government entities are a long way off baseline standards of cyber security, while many businesses are also behind in their resilience against rapidly shifting risks.

Cyber insurance as influencer, but there are gaps

In addressing these core issues, Win-Li says, “Importantly, cyber insurance is not the first line of defence – that role goes to good cyber hygiene and security. But cyber insurance can influence best practice in a major way – by boosting cyber hygiene and security resilience through eligibility criteria, pricing and insights.

“A vibrant cyber insurance market will do more than provide financial recompense for risks that break through the first line of defence.”

For this role to be effective, Win-Li says several gaps need to be addressed, including:

  • A severe shortage of qualified cyber security personnel
  • Limited understanding of the role of cyber insurance among Boards
  • Limited education on cyber risks among SMEs
  • Achieving sufficient capacity and profitability in the market
  • Managing accumulation risks
  • Cyber hesitancy in seeking the right insurance solutions.

The paper highlights cyber hygiene and security – not insurance – as the first line of defence

Cyber risk an explosive global concern

Globally, cyber risk is mirroring the Australian experience and growing at unprecedented levels, with ransomware attacks more than tripling in two years. Contributing factors to this expanding risk include:  the accessibility of Ransomware as a Service, the development of crypto currencies enabling untraceable payments, and cyber insurance hesitancy due to reduced cover, increasing premiums and a reduction in policy limits.

Compounding these issues, the paper points to the lack of geographical boundaries in cyber risk, where a computer virus can spread quickly around the world, resulting in multiple companies making a claim. “This is the accumulation risk challenge for an insurer,” Win-Li says. “The potential for a single event to trigger losses across business lines and global borders.”

A further hurdle is the difficulty in defining acts of cyber war (or terrorism) that are excluded from insurance policies, with Lloyd’s recently giving directions to underwriters towards excluding liability for losses arising from any state-backed cyber attack.

Problem too big to solve alone

The Green Paper offers several solutions-focused discussion points, as the authors examine the complementary roles of government, business and insurers.

“The problem is simply too big for any sole party to tackle on its own,” Win-Li adds. “Finding the right balance between guidance, education, mitigation, cover and regulation will require government, business and insurers coming together and appreciating one another’s perspectives.” Constructive conversation will encourage give and take, she says. “Active partnership between these stakeholders is critical in plugging the gaps, in heading off market failure and in creating a robust risk management framework, where cyber insurance can thrive and offer better protection against cyber risk.”

Listen to the Actuaries Institute podcast here.


Other articles by
Win-Li Toh

Other articles by Win-Li Toh

More articles

Win-Li Toh
Principal


RADAR FY2022

Welcome to RADAR 2022, Taylor Fry’s inside look at the general insurance industry, the state of the market and what it means for insurers

Read Article

Win-Li Toh
Principal


RADAR 2021

Welcome to RADAR 2021, Taylor Fry’s inside look at the general insurance industry, the state of the market and what it means for insurers

Read Article



Recent articles

Recent articles

More articles

Ross Simmonds
Director


RADAR New Zealand Snapshot

Our NZ general insurance overview highlights key market movements, events and trends over the past year and what they mean for insurers.

Read Article

Tom Moulder
Director


Accuracy and causality the hot topics in data science at SIGKDD 2022

Tom Moulder shares his top picks from the lively discussions at the recent knowledge discovery and data mining conference in Washington DC

Read Article