GFIA has published a set of key observations on cybersecurity and cyber insurance.
GFIA noted that cyber risk is a global issue that continues to evolve as the world becomes increasingly connected and supply chain interdependencies become more prevalent.
With this in mind, GFIA said that consistent international rules on cybersecurity and privacy are needed to avoid multiple inconsistent regulations for international businesses, like insurers. GFIA called for greater information sharing on threat and incident data, which would allow companies to approach cybersecurity in a risk-based manner and help insurers to better understand and underwrite cyber risks.
GFIA noted that cyber insurance is often mentioned as a tool to increase cyber resilience, and stressed its value as a risk transfer mechanism and useful evaluation tool to accompany and assist in business’s risk calculations.
GFIA said that the cyber insurance offering is growing, but that several challenges still need to be tackled for the market to reach its full potential. GFIA pointed to potential aggregation concerns, lack of data on cyber incidents, as well as low levels of cyber risk awareness and expertise as barriers that still need to be tackled.