ICA calls for cyber insurance overhaul

Changes recommended to 'protect our way of life'

ICA calls for cyber insurance overhaul

Cyber

By Roxanne Libatique

The Insurance Council of Australia (ICA) is calling for Australian insurers, businesses, and governments to work together and overhaul policy settings to establish a “vibrant and sustainable cyber insurance market,” which will boost economic growth in the country.

In its “Cyber Insurance: Protecting our way of life in a digital world” paper, the ICA highlighted the barriers preventing the cyber insurance market from supporting Australian individuals, businesses, and organisations operating in the digital economy following the COVID-19 pandemic.

The paper noted that standalone cyber insurance in the country is not yet a well-known or understood insurance product, and a small number of cyber insurance providers in the market has implications for the pool size by which risk is transferred. It also claimed that increasing loss ratios and reducing risk appetite prevent businesses from taking out cyber insurance, prompting the insurance industry’s calls for overhauling the Australian government’s policy settings.

“Right now, cyber insurance awareness is low within the Australian business community – only about 20% of small businesses have cyber cover,” said ICA CEO Andrew Hall. “However, the digital evolution of both the economy and society since the COVID-19 pandemic has resulted in increasing awareness of cyber risks. As a result of this, in recent years, the number of organisations taking up cyber insurance in Australia has increased rapidly.”

The ICA’s policy paper recommended:

  • Better data sharing from the insurance industry to the government and vice versa to prevent, detect, and report cyberattacks;
  • Mandatory minimum-security requirements and third-party certifications for software and hardware to reduce cyberattack vulnerability; and
  • Investment incentives for cyber risk education and businesses willing to disclose and work with enforcement agencies.

It also called for the government to develop and issue an Australian cybersecurity standard to ensure that government agencies and their contractors evaluate their cyber maturity according to uniform and constantly evolving standards.

“This policy paper is the first step in getting the settings right for managing cyber risk in Australia and will give the industry greater confidence in participating in the market and providing cover,” Hall said.

The ICA released its policy paper following Gallagher’s warning that the escalating conflict between Ukraine and Russia might trigger cyberattacks that could impact organisations across the globe.

Kelly Butler, head of cyber at Marsh, also warned that cyberattacks resulting from the conflict might see insurers wind back coverage in the event of an attack, constituting an “act of war” and triggering an exclusion that will prevent cyber insurance customers from making a claim, as reported by The Australian.

She added that Marsh expects to see many policy updates excluding cyberattacks from state actors in the coming weeks. However, she emphasised: “If there is collateral damage, we think we should be covered.”

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!