Cyber Insurance – The New Born Need

Growing cyber risks and standard insurance cover recommendation from IRDAI

Last month, cybercriminals allegedly hacked the servers of a major Cooperative Bank and transferred over Rs 12 crore to different accounts. According to a bank official, the bank’s funds are insured against cyber-attack.

Cyberattacks in India are rising amidst the coronavirus pandemic. It rose by a whopping 300% in 2020, according to data from India’s Computer Emergency Response Team (CERT-In). Cyber activities such as phishing, malware, and ransomware grew from fewer than 5,000 per week in February 2020 to more than 2 lakh per week in late April 2021, according to the Financial Services Information Sharing and Analysis Center (FS-ISAC).

The Insurance Regulatory and Development Authority of India (IRDAI) took note of the rising cyber incidents and in October 2020, constituted a working group to examine the need for a standard cyber liability insurance product. Almost a year later, in its 8th September 2021 circular, the IRDAI said, the working group, after conducting wide consultations with various stakeholders, and internal deliberations concluded that standardisation of policy wording is not desirable because of the evolving nature of legislative frameworks in dealing with cyber risk, fast-growing digital ecosystem, increasing interconnectedness globally and complexity of IT systems, and the emergence of new risks.

The circular, however, advised general insurers to be guided by the model policy wordings for Personal Cyber Insurance cover and common reference framework provided on cyber insurance policies and coverages given in the guidance documents.

The circular and the guidance documents provide a common reference framework and policy wording guidance to facilitate insurers in developing cyber insurance products that protect against evolving cyber risks.

Cyber insurance coverage can help prevent small and large business houses from suffering financial losses incurred because of cyberattacks or data breaches. It can also cover credit monitoring fees, legal fees, fines, and other unexpected expenditures

The average cost of a data breach, according to IBM and the Ponemon Institute, is $3.86 million. The time it takes to discover and address a breach is quite long and can take upto one full year in many instances. A cyber insurance policy can also cover for incident response, involving a panel of security forensic experts, lawyers, PR agencies. It can also help in covering business interruption losses. The insurance further provides assistance to notify parties that have been affected and in some cases also extends cover for fines and penalties.

Whether you are looking to keep pace with the industry, hone your skillset, or develop a new skillset in banking and insurance, IRA can help. Check out our upcoming training sessions. Learn from banking and insurance industry experts in real-time!

References:

1.     Order (irdai.gov.in)
2.     Circular (irdai.gov.in)