Cyber risks soar as Canadian society connects with tech

Cyber risks soar as Canadian society connects with tech | Insurance Business

Cyber risks soar as Canadian society connects with tech

Gone are the days when cybercriminals only targeted companies that were treasure troves of credit card or health information. In today’s interconnected society, everybody is vulnerable. Cyberattacks and data breaches can happen to the most unsuspecting victims. As Canadians reap the benefits of the Internet of Things (IoT) and connected technology in both the personal and commercial spheres, they’re unknowingly creating long, connected access routes for cybercriminals to exploit. 

Earlier in January, the city of Saint John in New Brunswick revealed it had suffered a data breach in its parking payment system. The city released a statement saying the breach involved: “multiple instances when an unknown source gained access to confidential customer information on the city’s server through the Click2Gov payment system.” That’s just one example of how everyday tasks in today’s connected society are being targeted and exploited by cyber criminals.

Cyber and technological threats are the most significant blind spots societies face today, according to Børge Brende, president of the World Economic Forum (WEF). Speaking ahead of the WEF annual meeting in Davos, he said: “The blind spot risk that needs more attention is technology. That might seem like a strange thing to say given how much attention technology receives today, but it’s hard to overstate how reliant we are on technology, or how rapidly technology is evolving. Our networked societies are vulnerable to cyberattacks.”

Cyber risk is particularly scary and challenging because of how interconnected it is. It only takes one cybersecurity chink in a supply chain for all entities within the chain to fall prey to an attack, including the end-consumers. Commercial organizations are “entering unchartered [risk] territory” as they continue to adopt connected technology, Brende added.

“We’re living in an era of rising cyber dependence. If the world remained static, we would be in a much more secure place, but technology and cyber exposures are evolving at a rapid rate,” commented Barry Franklin, head of risk for Zurich North America. “At a time when society’s dependence upon technology is increasing, so are the capabilities of the bad actors who are trying to penetrate and take advantage of cyber vulnerabilities.”

The good news, according to Franklin, is that organizations are starting to realize the severity of cyber risk and the importance of implementing adequate risk mitigation and cyber security protocols. The cyber insurance market is booming in tandem with growing understanding of the risk. For the past few years, the standalone cyber insurance market in Canada has enjoyed a period of sustained growth – and the coverage line will only grow faster as communities adopt more technology and other associated technology components within the economy.

Cyber is considered an opportunity for many insurance carriers and brokers because of its potential to provide organic growth, according to Charles Sebaski, head of North American business intelligence at Guy Carpenter.

He told Insurance Business: “P&C insurance is a mature industry and its natural growth rate is tied somewhat to GDP expansion. Something like cyber, which is conceptually a net new peril, provides an opportunity for carriers to expand and deploy capital and grow their business in a space where they’re not necessarily just vying for market share of an already known. That ability of being able to write something new and, theoretically, the possibility of becoming a leader in a new peril, is an attractive value proposition.”

Blake Berman, senior vice president, strategic advisory at Guy Carpenter, added: “Carriers have the ability to enter a new market that has fast growth potential. [Cyber is growing] significantly faster than other traditional P&C lines, which makes it an attractive market. However, it’s still a very new risk [and] there’s still a lot to learn about what the exposure is and what gets classified as an insurable cyber event.”