New Cyber Risk and Insurance Forum Develops Best Practices

June 25, 2015

As information about cyber breach hazard is disseminated-often as a reaction to hacks such as the Target attack of 2013 or the Sony breach of 2014-interest in cyber insurance increases. Standards for cyber insurance are in the evolutionary stages, and take-up rates are still low. But evidence of rising awareness of cyber risk and related insurance coverage can be found in the five-year history of Google searches on these topics.

Cyber Risk Google Searches
The growing number of Google searches on "cyber risk" and "cyber insurance," 2011-2015 (Source: Google)

AIR has become a Founding Member of the Cyber Risk and Insurance Forum (CRIF), a London-based cross sector group dedicated to the advancement of the cyber risk insurance space.

CRIF is a consortium of insurance, broking, IT, legal, and consulting industry professionals charged with the mission to help organizations better understand cyber risks and the damage that may occur as result of a cyber attack.

CRIF aims to do this through the establishment of a cyber risk and privacy framework, promoting best practices, and by supporting the creation of effective insurance solutions. With founding members from many industries, CRIF is uniquely positioned to influence this process.

The CRIF Vision includes:

  • Developing a risk-based framework of recommended security practices and policies
  • Encouraging a risk-based culture, adequate business continuity plans, and corporate information security policies within the industry
  • Raising awareness through events and briefings to the industry highlighting the risks of cyber loss
  • Providing risk management and insurance professionals with tools to approach cyber risks in partnership with their information security colleagues

AIR is in the process of building a cyber exposure data framework and a fully probabilistic cyber risk model and is committed to broadening the understanding of loss potential from cyber breaches, including aggregation events, as discussed in a recent AIR Currents article.

In partnership with CRIF, AIR will pursue the creation of cyber best practices and help companies and insurers better prepare for worst case cyber scenarios.

To participate in CRIF's survey on cyber coverage at small and medium enterprises (SME), please click here.

For an overview of issues raised by the 2014 Sony breach, see the blog post by my colleague Tomas Girnius.

Don't miss a post!

Don't miss a post!
Subscribe via email:


Close

Loading Video...

Loading...

Close

You’re almost done.
We need to confirm your email address.
To complete the registration process, please click the link in the email we just sent you.

Unable to subscribe at this moment. Please try again after some time. Contact us if the issue persists.

The email address  is already subscribed.