AIG's Mark Camillo on how GDPR is driving the European cyber market
Need to know
- Ransomware is the primary cause of loss in more than one in four cyber claims
- The majority of business interruption losses resulting from hacks are underinsured
- Extortionists can threaten to compromise a company’s data, knowing how much GDPR fines may cost
- When notified, cyber breaches are often met with class action lawsuits
- Cyber attacks affect an increasingly broad range of industry sectors
The General Data Protection Regulation is driving a surge in the European cyber insurance market, explains Mark Camillo, head of cyber for Europe, Middle East and Africa at AIG.
Not so long ago, cyber insurance was essentially a niche product, but in the past five years there has been a considerable increase in demand, especially in Europe.
To give some idea of the size of that increase, at the end of 2014, Europe represented just 5% of AIG’s global cyber portfolio. In the following three years, that figure rose to around 25%. In the first half of 2018, there has been a 50% increase in demand for cyber insurance in Europe compared to last year.
Claims are rising too: 2017 was a record-breaking year, with as many cyber claim notifications as in the previous four years combined, the equivalent of one per working day.
More than a quarter of cyber claims (26%) received in 2017 had ransomware as the primary cause of loss – up from 16% – according to AIG’s latest cyber claims report. This is unsurprising when you think that last year there were a series of sophisticated, systemic malware and ransomware attacks, including Wannacry and Notpetya.
The resulting business interruption was a significant issue for many European organisations – much of the financial impact was a balance sheet loss. While ransom payments only generated around $150,000, total economic losses associated with Wannacry are estimated at $8bn (£6bn), with half a billion dollars attributed to direct costs and indirect business disruption. The majority of these losses were underinsured.
A further increase in data breach and other security failure insurance claims is expected as a result of the General Data Protection Regulation, which will become another tool in the hands of extortionists. They will threaten to compromise an organisation’s data unless a payment is received, knowing that the consequences will be more significant under the new regime.
Companies will be more inclined to report breaches, with an increased impact on the volume of cyber claims as seen in the US after state breach notification laws came into effect. GDPR will also lead to more shareholder lawsuits against companies and their directors in the future. The US has had strict notification requirements for a number of years, and nearly every high-profile cyber breach is met with at least one class action lawsuit.
All businesses need to be prepared; no sector is immune to cyber attack. In 2017, cyber claims notifications were made by insureds in eight sectors that had previously not featured at all in AIG’s cyber claims statistics. This is a continuing trend, whereby a larger number of notifications each year come from an increasingly broad range of industry sectors, and not just those traditionally associated with cyber risk. This reflects the fact that many of the recent ransomware attacks have been indiscriminate in terms of which industry they hit.
For many businesses, it is now a question of ‘when’ rather than ‘if’ they will be victim of a cyber attack. To become cyber-resilient, organisations need to prepare – practise their response, implement a robust cyber risk strategy and ensure they are indemnified for the full range of cyber exposures, including network interruption.
Further reading
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@postonline.co.uk or view our subscription options here: http://subscriptions.postonline.co.uk/subscribe
You are currently unable to print this content. Please contact info@postonline.co.uk to find out more.
You are currently unable to copy this content. Please contact info@postonline.co.uk to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@postonline.co.uk
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@postonline.co.uk
More on Claims
How an AI-assisted motor claims handler cared for me
Editor’s View: Emma Ann Hughes shares how a recent call to her motor insurer highlighted why humans will always be needed to care for policyholders in their hour of need.
How to support insurance customers in vulnerable circumstances
As the Financial Conduct Authority intends to check claims-handling response times, and whether insurers are doing enough to help customers in vulnerable circumstances, Winn Group chief information officer Clint Milnes explains what providers need to do to meet the watchdog’s expectations.
How insurers should navigate supply chain disruption
With supply chain disruption continuing, Bill Bradshaw, operations senior vice president for London operations at FM Global, says companies need to prioritise resilience and proactive prevention measures beyond insurance reliance.
MoJ ‘needs to look’ at single personal injury claims portal
A single portal for motor personal injury claims is necessary for streamlining the claims process, Verisk’s head of personal injury claims, Simon Bradshaw, has told Insurance Post.
Foil’s Allchorne on keeping the OIC tariffs in proportion
Trade Voice: Pete Allchorne, president of Forum of Insurance Lawyers and partner at DAC Beachcroft, says now is not the time to increase the OIC tariff amounts.
Three-quarters of vehicles removed from Luton Airport car park
Luton Airport has issued an update on the salvage operation following last year's car park fire, confirming that 75% of the vehicles have now been cleared.
Civil injury fraudster caught out by ‘Jeremy Kyle’ appearance
A fraudster has been convicted of exaggerating her civil injury claim after being caught out by footage of her on ‘The Jeremy Kyle Show’.
Could rugby court clash shift the sport to self-insuring?
The outcome of a lawsuit launched by hundreds of rugby union players could have a far-reaching impact on the future of the sport. Tim Evershed looks at whether parallels can be drawn with similar actions in the US against governing bodies, such as the NFL and NHL, and what can be done to make sure players remain insurable.
Most read
- Covéa shrinks staff numbers by almost a third amid further losses
- DLG or Esure – which Peter Wood baby is most likely to bounce back?
- Aviva CEO warns home insurance premiums need to go up