Cyber risks becoming dangerous for business growth –supervisors warn

The growing incidence of cyber risks in all sectors of the global economy including insurance and what business stand to lose if not checked has again attracted the attention of insurance supervisors.

They believe that cyber risks have grown and cyber criminals have become increasingly sophisticated, noting that cyber security incidents can harm the ability to conduct business, compromise the protection of commercial and personal data, and undermine confidence in the sector.

The International Association of Insurance Supervisors (IAIS), which Nigeria is a member also noted that the level of awareness of cyber threats and cyber security within the insurance sector, as well as supervisory approaches to combat the risks vary across jurisdictions.

These factors prompted the IAIS to consider the area of cyber security in the insurance sector, including the involvement of insurance supervisors in assessing and promoting the mitigation of cyber risk.

While many of the most widely publicised  cyber security incidents involving consumer data have affected retailers, companies in the financial services sector, including insurers, have been victimised as well.

According to a report published this August by the IAIS titled “Issues Paper On Cyber Risk To The Insurance Sector” all insurers, regardless of size, complexity, or lines of business, collect, store, and share with various third-parties (e.g., service providers, intermediaries, and reinsurers) substantial amounts of private and confidential policyholder information, including in some instances sensitive health-related information.

It noted that protection of the confidentiality, integrity, and availability of insurers’ data is of fundamental importance because information obtained from insurers through cyber crime may be used for financial gain through extortion, identity theft, misappropriation of intellectual property, or other criminal activities. “Inadvertent or intentional exposure of private data can potentially result in severe and lingering harm for the affected policyholders, as well as reputational damage to insurer sector participants. Similarly, malicious cyber attacks against an insurer’s critical systems may impede its ability to conduct business.”