In the wake of the rising risk of cyber-attacks, the Insurance Regulatory and Development Authority of India (IRDAI) has asked insurance (non-life) companies to launch individual cover. It has recommended companies to widen the scope of their existing cyber risk policies.
COVID-19 and the necessity to digitize business operations and processes brought on a dramatic acceleration of criticality and attack surfaces. It mercilessly showed the bandwidth of threats and how these may be exploited. The FBI reported a 300% increase in reported cybercrimes in April 2020. In March alone, ransomware attacks increased by 148%. Furthermore, between February and April 2020, phishing was up 600% and in April, Google blocked more than 18 million COVID-19 related phishing mails each day.
The regulator’s working group believes there is no need for a standardized product due to the evolving nature of the legislation. It has come up with a model policy wording for personal cyber insurance cover. IRDAI has urged companies to develop cyber risk cover for individuals at the earliest. It noted that the focus of such covers introduced by insurance companies has been on businesses, although customers are increasingly exposed.
TA Ramalingam, Chief Technical Officer, Bajaj Allianz General Insurance, said an individual’s exposure to cyber risks is increasing with increase in exposure to the digital world. “Considering the need for cyber insurance for individuals, IRDAI has charted out some salient features, coverage and suggestions in its guidance document on product structure for cyber insurance, which insurers can look to adopt.” He highlighted that his company was the first to introduce cyber insurance for individuals.
Also Read: Parliamentary Panel urges government to sign FTAs with US and EU nations
However, Munich RE points out that cyber insurance offerings still are not recognized to the same extent as traditional insurance products. At the same time, it underpins the potential of cyber insurance. It remains a task for the insurance industry to provide transparency on coverage and accompanying service offerings. Top ranking pre-breach services that end-customers are seeking are network security, backup of critical systems and data, anti-malware tools, identity and access management and IT security consulting. In addition, more proactive cybersecurity measures, incident response is also regarded as a major pillar in cybersecurity risk management.
Pingback: A judge ruled Apple can't force developers to use in-app purchasing.