Lloyd’s Insurer Says Cyber Risks Are Too Big to Cover

The head of the largest Lloyd’s of London insurers has called for governments to cover the risks of cyber attacks, saying the potential liabilities are too large for insurers to cover.

Stephen Catlin, founder of Catlin Group, said cyber security presented the “biggest, most systemic risk” he had encountered in his 42-year career in insurance, in part because a vulnerability in widely-used software or internet architecture can affect systems globally, putting the industry on the hook for simultaneous, multibillion-dollar payouts.

“Our balance sheets are not large enough to pay for that,” Catlin told the Insurance Insider London conference recently, according to The Financial Times.

In the latest cyber attack against a major US firm, health insurer Anthem reported earlier this week that hackers stole the account information of as many as 80 million customers. Other recent corporate victims include Sony Pictures, JPMorgan Chase, and Target.

Such electronic incursions present an opportunity for the insurance industry to sell more coverage. Policies are designed to help companies meet costs including mounting forensic investigations and defending lawsuits.

But Catlin stressed that cyber attacks are unusually systemic, rather than, for example, a natural disaster that affects only one specific region. “It’s possible that you can have the same loss happening around the globe,” he explained.

Governments have already established state-backed schemes to provide coverage for acts of terrorism, such as Pool Re in the United Kingdom and the Terrorism Risk Insurance program in the US, because the insurance market was unwilling to do so. But Catlin said cyber security posed an even bigger threat than terrorism.

“He’s got a valid point,” Andrew Horton, chief executive of Beazley, a rival Lloyd’s insurer, told the FT. “We’re very mindful of the potential aggregation impact. It’s something governments should be putting a lot of thought into.”

Rob Lay, a security expert at Fujitsu, said businesses should not rely on insurance to protect themselves from a cyber attack. “While insurance may help mitigate some of the financial impact of a security incident or breach, the reputational impact and the impact to the business operation cannot be mitigated with insurance in the same way,” he said in a news release.

Risk Management: http://bit.ly/1O8ZWXH

« Business Is Struggling To Combat Hacking
Israel’s Electrical Grid Cyber Attacked »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Nixon Peabody LLP

Nixon Peabody LLP

Nixon Peabody LLP is an international law firm with offices across the USA, Europe and Asia. Practice areas include Data Privacy and Cyber Security.

CCL Solutions Group

CCL Solutions Group

CCL is one of Europe’s leading digital investigation specialists, supporting law enforcement, government and organisations across both public and private sectors.

Redshift Consulting

Redshift Consulting

Redshift is an information management and information security consulting company offering a full range of services from infrastructure design to security assessments and network monitoring.

Infosistem

Infosistem

Infosistem is a Croatian ICT company with extensive expertise and experience in enterprise and SMB ICT projects and solutions.

Fedco International

Fedco International

Fedco International is an IT and SCADA ICS Security consultancy firm.

Assystem

Assystem

Assystem delivers a comprehensive security approach for the industrial and service sectors that integrates physical security systems, industrial cyber-security, functional safety and dependability.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Elitecyber Group

Elitecyber Group

Elitecyber group is a team of Cyber Security recruitment experts who work for Cyber Security and Cyber Defence clients and candidates throughout Europe.

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

Hawk Network Defense

Hawk Network Defense

HAWK.io is the First Fully Automated, Multi-Tenant, Cloud-Based, MDR Service Company.

Udacity

Udacity

Udacity's mission is to train the world’s workforce in the careers of the future. Our programs range from beginner to expert levels and deliver the hands-on skills for real-world expertise.

LAVAAT

LAVAAT

At LAAVAT, our goal is to make it easy for our customers to build secure IoT devices without a need to invest considerably in embedded security and cryptography expertise.

Bastazo

Bastazo

Bastazo provides tools for vulnerability and patch management. Focus your cybersecurity operations on vulnerabilities with the highest risk of exploitation.

AKIPS

AKIPS

AKIPS develops the world's most scalable network and infrastructure monitoring software, delivered as a turn-key software appliance.

Defence Logic

Defence Logic

Defence Logic is a cyber security company serving clients in many business sectors. Our consultancy services include Penetration Testing, Security Reviews and Monitoring.

Ransomware Help

Ransomware Help

Ransomware Help is a trusted ransomware recovery company offering fast and effective ransomware recovery services to get your business back on track.