Cyber Security Insurance Workshop Report - NPPD/DHS
In November 2012 the National Protection and Programs Directorate of the US Department of Homeland Security released the findings from its Cybersecurity Insurance workshop.
The workshop was delivered in November and engaged with a diverse group of stakeholders to discuss how organisations may better develop an effective connection between the cyber security activities they undertake and the broader topic of insurance. Over 60 participants attended to discuss the issues and opportunities.
Whilst principally US in orientation, this report shows clear synergies with the principle objectives of the Cyber Risk and Insurance Forum. It is clear from a review of the report's contents that there are strong similarities between the US and the UK both in terms of the barriers and the considerable opportunities for development.
It is significant to note the importance that the US Department of Homeland Security places on integration between Cyber Security, Risk Management and Insurance.
From the range and scope of feedback gained we feel it is clear that whilst there is a degree of uncertainty at present, there is a strong realisation that organisations must be considering the bigger picture. The rapidly evolving Digital Economy provides many opportunities and creates value, but without a structured and formal approach to understanding and managing risk there will be many organisations that are adversely affected. In many cases, we feel that the scale and scope of losses could be considerably mitigated if action had been taken to integrate more proactive and effective Cyber Risk Management.
Whilst this is an easy statement to make but, it needs to be qualified somewhat. In order to achieve the kind of capability we are envisaging there needs to be significant development both in terms of market understanding and capability across the fields of Cyber Security, Risk Management and Insurance. Careful consideration needs to be given to what can be developed by each of the stakeholder communities and a connected framework developed to address the points illustrated in the NPPD Report.
We would particularly welcome feedback on this report and please do get in touch with us here
You might also like ...
This Ponemon Institute study examines the costs incurred by 36 UK companies in 11 different industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims as required by law. Results were not hypothetical responses; they represent real cost estimates for activities resulting from actual data loss incidents.
The number of breached records per incident this year ranged from approximately 3,500 records to more than 78,000 records.
In this the the fifth annual benchmark study concerning the cost of data breach incidents for UK-based companies and which was supported by Symantec, the average per capita cost of a data breach has increased from £71 to £79.