Thursday, 17 February 2022
The cyber landscape is evolving rapidly, with digitalisation expanding the range of threats and vulnerabilities. This process is amplified by shifts in working and business practices brought on by COVID-19, some of which are likely to persist indefinitely. Ransomware and supply chain attacks in particular have become more prolific since the onset of the pandemic and with them wider recognition of the potential for large-scale economic disruption from malicious cyber incidents.
Recent cyberattacks have underscored a long-standing issue for cyber insurers: how much protection can and should insurance provide when the perpetrators of such attacks are linked to nation states? Traditional policy exclusions for war or war-like incidents fail to adequately capture situations where nation states are suspected of being behind an attack or at least providing a safe harbour for the cyber adversaries, especially if the motives for the attack are unclear.
A series of three reports by The Geneva Association and the International Forum of Terrorism Risk (Re)Insurance Pools (IFTRIP) examined the insurability of such Hostile Cyber Activity (HCA), those malicious incidents beyond cyber terrorism but not involving cyber warfare. These studies aim to bring clarity to insurance contract language used to describe and attribute cyberattacks and lay out the features of feasible public-private insurance solutions to cover potential losses that may exceed levels that can safely and sensibly be absorbed by the re/insurance sector alone.
This Risk Conversations webinar gathered leading experts to discuss the themes highlighted across the three reports and how stakeholders can and should respond to the urgent need for greater societal protection from mounting extreme HCA risks.