International think tank Geneva Association, in its first Cyber and Innovation research program report, said that the risks associated with the use of information and communication technology costs companies more than $100 billion every year. Costs per data breach for each company is pegged in the range of more than $2 million to nearly $4 million.
However, cyber threats continue to be a challenge to insurers because of the “lack of standards, a common vocabulary and best practices,” the report went on to say.
“The insurance industry should globally work together with other stakeholders to collect and spread such information. One first idea would be to publish methods (standards and good practices) for cyber risk assessment,” the Geneva Association said.
Another inadequacy in the industry is the lack of understanding of such risk both on the demand and supply side.
Thus, Geneva Association noted that it is incumbent upon the industry to start a dialogue among stakeholders and help define risk management strategies both at state and corporate levels. Further, apart from identifying its impact on daily life, the industry should be prepared to deal with cyber-risk on a larger scale.
This could all be achieved by building up IT expertise within the ranks of the insurance industry, among brokers and insurers, as well as among its clients.
On the side of governance, the report said that global risk is determined by the country with the weakest laws and policies, mainly due to the borderless nature of cyber-threats.
“To some extent, it is the country with the weakest legal system and the highest cyber criminality that determines the global cyber threat level. Therefore, international collaboration, such as some minimal criminal law standards, the exchange of information and interstate rendition, is urgently needed,” the report went on to say.
The Geneva Association report, Ten Key Questions on Cyber Risk and Cyber Risk Insurance
, is a primer on the risks and state of the market.