ACORD, the global insurance standards-setting body, has unveiled the insurance industry’s first ever standard for cyber data breach. The ACORD Cyber Data Breach Standard was developed in collaboration with global professional services firm, Aon, and specialist insurer Beazley.
Cyber risk is continually evolving, and the insurance industry is fighting to keep up. As organizations continue to be impacted by cyber-related losses, demand for coverage is steadily growing. This is driving the need for streamlined, standardized cyber risk data exchange – something nearly 60% of insurers said they lacked, according to the ACORS/NAIC Cyber Insurance Survey, 2017.
“ACORD has been at the forefront of cyber standards since we created the standard to capture cyber exposure in 2015,” said Bill Pieroni, president & CEO of ACORD. “This expanded standard supports the evolution of cyber coverage and data breach events. We would like to thank Aon and Beazley, whose contributions greatly accelerated the development and increased the quality of this global standard.”
The new ACORD Cyber Data Breach Standard increases operational efficiency and effectiveness for cyber risk stakeholders, establishes a baseline for compliance and audit-related activities, and enables solution providers to leverage standards for increased support.
“This question set will help organizations approach cyber risk in a united manner,” commented Christian Hoffman, president, US Cyber Solutions at Aon. “Connectivity and collaboration across organizations including, but not limited to, information security, legal and risk management is critical. A set of uniform standards is an ideal place to start this transition.”
ACORD identified a need to expand and enhance the existing cyber liability standard to better support the rapidly evolving marketplace. Working with Aon and Beazley, both key stakeholders in the cyber market, the firms focused on data breach, examining common challenges with manual, disparate practices for sharing information during risk assessment and policy workflow. ACORD synthesized these components to create and refine the draft standard.
“Beazley has been underwriting cyber for more than a decade. We work with companies ranging in size from small businesses to the Fortune 500. We’re delighted to have been a part of this process and offer our expert advice,” said Paul Bantick, UK technology, media & business services focus group leader for Beazley.
The ACORD Cyber Data Breach Standard is available to all ACORD members for review and feedback. It will then be incorporated into the next scheduled release of the ACORD Property & Casualty Standards, and will continue to evolve as the market expands and adapts in alignment with ACORD’s member requirements.
“Data breach is just one example of the many cyber exposures which require fast and accurate information exchange between parties,” Pieroni added. “ACORD will continue to welcome contributions like this from industry leaders, which will expand the portfolio of our cyber standards for the benefit of the entire insurance industry.”