Cyber Security Insurance Workshop Report - NPPD/DHS
In November 2012 the National Protection and Programs Directorate of the US Department of Homeland Security released the findings from its Cybersecurity Insurance workshop.
The workshop was delivered in November and engaged with a diverse group of stakeholders to discuss how organisations may better develop an effective connection between the cyber security activities they undertake and the broader topic of insurance. Over 60 participants attended to discuss the issues and opportunities.
Whilst principally US in orientation, this report shows clear synergies with the principle objectives of the Cyber Risk and Insurance Forum. It is clear from a review of the report's contents that there are strong similarities between the US and the UK both in terms of the barriers and the considerable opportunities for development.
It is significant to note the importance that the US Department of Homeland Security places on integration between Cyber Security, Risk Management and Insurance.
From the range and scope of feedback gained we feel it is clear that whilst there is a degree of uncertainty at present, there is a strong realisation that organisations must be considering the bigger picture. The rapidly evolving Digital Economy provides many opportunities and creates value, but without a structured and formal approach to understanding and managing risk there will be many organisations that are adversely affected. In many cases, we feel that the scale and scope of losses could be considerably mitigated if action had been taken to integrate more proactive and effective Cyber Risk Management.
Whilst this is an easy statement to make but, it needs to be qualified somewhat. In order to achieve the kind of capability we are envisaging there needs to be significant development both in terms of market understanding and capability across the fields of Cyber Security, Risk Management and Insurance. Careful consideration needs to be given to what can be developed by each of the stakeholder communities and a connected framework developed to address the points illustrated in the NPPD Report.
We would particularly welcome feedback on this report and please do get in touch with us here
You might also like ...
This is the third Cost of Cyber Crime study from the Ponemon Institute, sponsored by HP Enterprise Security. This years study has a distinctly international flavour with nearly 200 organizations across various industry sectors being represented. Cyber attacks generally refer to criminal activity conducted via the Internet.
The attacks featured include stealing an organization’s intellectual property, confiscating online bank accounts, creating and distributing viruses on other computers, posting confidential business information on the Internet and disrupting a country’s critical national infrastructure. Consistent with the previous two studies, the loss or misuse of information is the most significant consequence of a cyber attack. Based on these findings, organizations need to be more vigilant in protecting their most sensitive and confidential information.