Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label insurance. Show all posts

As Cyber Risk Increases, Insurers Must Provide a Better Market to Businesses in Need of Protection

 

This year has once again shown the domino effect that follows a crisis and the impact it has on businesses, from increasing rates to Russia's invasion of Ukraine. As we enter a new year, there are numerous lessons to be learned. If we consider the conflict in Ukraine, the geopolitical situation led to sanctions against Russian-based companies, sharp increases in operational and energy costs, interruptions in supply chains, significant financial losses for companies around the world, and greater vulnerability to cyberattacks. 

Businesses currently operate in a period of increased vulnerability to cyberattacks, with rising anxiety around cyberwarfare and information security systems. This is particularly true in industries that support crucial UK infrastructures such as aviation, transport, IT and telecoms and finance.

According to a City A.M survey of businesses, 79% of respondents across all industries had been the victim of a cyberattack this year, with 50% of those attacks resulting in a loss of data or money. These attacks have the potential to completely destroy businesses, resulting in data breaches, serious disruptions to regular business operations, lost revenue, and enormous financial expenses to investigate and restore systems. 

The biggest shift in 2022 has been that absolutely no one is protected because hackers are increasingly targeting industries that were once considered classic "targets," such as finance. The pandemic's impact on the retention of work-from-home habits is one factor contributing to this rise. 

In addition to making security more difficult to manage across more devices, locations, and communications platforms, remote working increased vulnerability and exposure to cyberattacks at the same time when hacker activity was sharply on the rise.

Since businesses are aware of this, cyber insurance is a crucial line of defense, despite its shortcomings. According to the poll, 77% of businesses believe their insurance protects them, at least in part, against the risk of cyberattacks. This is a significant improvement over the results of our previous survey from 2018, which indicated that only 30% of large enterprises have cyber-specific insurance.

However, there are concerns over the value and cost of this insurance. The price of cyber insurance has skyrocketed while the level of security offered has frequently been significantly diminished at a time when corporations are more vulnerable to cyberattacks and can least afford downtime.

Many policies now have more extensive exclusions, more limited definitions of coverage, and less incident response help available. Some forms of insurance, such as those covering ransomware or the expenses of their own IT interruption, may be outright inaccessible to the most susceptible firms. This poses severe concerns about the business insurance model since it makes protection considerably more difficult to obtain just when it is most required.

The environment is challenging for organizations attempting to defend themselves against cyber assaults. Researchers are observing rates rising and coverage declining, signs of a "hard market" in the insurance sector that has now lasted the longest on record and been prolonged by the current state of economic uncertainty. Following a high increase of 102% year over year in the first quarter, UK cyber insurance pricing climbed by 66% in the third quarter of 2022, according to Marsh's insurance pricing index. With an average premium cost that is already four times what it was in 2018, it is increasing much more quickly in the UK than in any other market.

Businesses are then forced to choose between investing in IT security and purchasing insurance coverage in case that security fails, which forces them to make difficult financial decisions. Insurance has a critical role to play in protecting organizations from unforeseen or unprotectable disasters and in promoting best practices in proactive security and incident response. This shouldn't be an either/or choice.

The insurance industry's response has been characterized by price increases ahead of projected losses, rather than taking action to assist businesses around the UK confronting an ever-increasing cyber threat. Instead, insurance companies should have a deeper comprehension of their clients' risk and offer assistance as a last choice.

With 2023 just around the corner and the possibility of cyberattacks becoming more and more common, businesses may find themselves in a difficult situation as they rush to find the best defense. Since cyber risk is not going away anytime soon, insurers need to prevent a situation where prohibitively expensive and inadequate coverage helps push enterprises even closer to the precipice.

SEC: Watch Out for Hurricane Ida Related Investment Scams

 

The Securities and Exchange Commission (SEC) has issued a warning about fraud associated with Hurricane Ida, which wreaked havoc in numerous states last week with torrential rain and tornadoes, leaving millions without power. 

The SEC's Office of Investor Education and Advocacy releases investor alerts regularly to caution investors about the latest investment frauds and scams. Fraudsters would most likely target people who may receive compensation from insurance companies in the form of huge payouts as a direct result of Hurricane Ida's destruction. 

The SEC explained, “These scams can take many forms, including promoters touting companies purportedly involved in cleanup and repair efforts, trading programs that falsely guarantee high returns, and classic Ponzi schemes where new investors' money is used to pay money promised to earlier investors." 

"Some scams may be promoted through email and social media posts promising high returns for small, thinly-traded companies that supposedly will reap huge profits from recovery and cleanup efforts." 

AccuWeather CEO, Dr Joel Myers calculated that Hurricane Ida caused almost $95 billion in total damage and economic loss. Millions of individuals will now have to deal with insurance companies to cover the cost of water damage and other difficulties caused by the hurricane's aftermath. 

The SEC added that following the devastation by Hurricane Katrina in 2005, they were compelled to take action against hundreds of false and misleading statements concerning alleged business prospects.

Precautionary Measures

In the context of mitigating the risk and preventive measures, SEC urged, "Be sceptical if you are approached by somebody touting an investment opportunity. Ask that person whether he or she is licensed and whether the investment they are promoting is registered with the SEC or with a state." 

"Take a close look at your entire financial situation before making any investment decision, especially if you are a recipient of a lump sum payment. Remember, your payment may have to last you and your family for a long time." 

This advisory follows the one issued by the FBI's New Orleans office, which warned the public about an elevated risk of scammers attempting to profit from the natural calamity. 

"Unfortunately, hurricane or natural disaster damage often provides opportunities for criminals to scam storm victims and those who are assisting victims with recovery," the FBI warned. 

The FBI also offered a list of safeguards that victims of natural disasters should follow to avoid getting scammed, including: 
  • Unsolicited (spam) emails should be ignored. 
  • Be cautious of anyone posing as government officials and requesting money via email. 
  • Clicking on links in unsolicited emails is not a fine decision. 
  • Only open attachments from known senders; be wary of emails purporting to have photos in attached files, as the files may contain viruses. 
  • Do not give out personal or financial information to anybody asking for donations; doing so might jeopardize your identity and leave you vulnerable to identity theft. 
  • Be vigilant of emails purporting to provide employment. 
  • Before transferring money to a potential landlord, do your research on the advertisement.

AIG Launches New Cyber Threat Analysis Service to Understand Cyber Risks

American International Group Inc., an American multinational insurance company, has launched a new system for cyber threat analysis.

The system scores companies on the degree to which a cyber attack may affect their business and the potential costs involved. It compares the company’s risk of having a breach to the safeguards it has in place.

Tracy Grella, AIG’s Global Head of Cyber Risk Insurance, in an interview said, “AIG’s underwriters have been using the computerized analysis since November, which combines information from a new insurance application designed for the process and data about current cyber threats to generate scores on various related factors.”

With mounting cyber threat to businesses, this system hopes to provide a way to measure the risk involved in a business so that cyber coverage in insurance may be taken into consideration.

This comes after AIG in October said that they will review all coverage types to check for cyber risk and give insurers a clear picture about cyber coverage and estimated financial exposure. They will also create a cyber-risk report for the customers with the analysis scores for understanding and comparing.

Along with this, AIG also announced their partnership with cybersecurity companies CrowdStrike Inc and Darktrace, on Tuesday, to launch CyberMatics, a service that verifies information AIG receives from customers’ cybersecurity tools.

Darktrace Chief Executive, Nicole Eagan, said, “The service uses artificial intelligence, or the ability of machines to carry out tasks normally associated with human intelligence, to look inside an insured company’s network for strengths and vulnerabilities.”

Tracy Grella said that while companies are not required to use the service, those who do may be able to negotiate more favourable policy terms.