Cyber risks becoming dangerous for business growth – insurance supervisors warn
The growing incidence of cyber risks in all sectors of the global economy including insurance and what business stand to lose if not checked has again attracted the attention of insurance supervisors.
They believe that cyber risks have grown and cyber criminals have become increasingly sophisticated, noting that cyber security incidents can harm the ability to conduct business, compromise the protection of commercial and personal data, and undermine confidence in the sector.
The International Association of Insurance Supervisors (IAIS), which Nigeria is a member also noted that the level of awareness of cyber threats and cyber security within the insurance sector, as well as supervisory approaches to combat the risks vary across jurisdictions.
These factors prompted the IAIS to consider the area of cyber security in the insurance sector, including the involvement of insurance supervisors in assessing and promoting the mitigation of cyber risk.
While many of the most widely publicised cyber security incidents involving consumer data have affected retailers, companies in the financial services sector, including insurers, have been victimised as well.
According to a report published this August by the IAIS titled “Issues Paper On Cyber Risk To The Insurance Sector” all insurers, regardless of size, complexity, or lines of business, collect, store, and share with various third-parties (e.g., service providers, intermediaries, and reinsurers) substantial amounts of private and confidential policyholder information, including in some instances sensitive health-related information.
It noted that protection of the confidentiality, integrity, and availability of insurers’ data is of fundamental importance because information obtained from insurers through cyber crime may be used for financial gain through extortion, identity theft, misappropriation of intellectual property, or other criminal activities. “Inadvertent or intentional exposure of private data can potentially result in severe and lingering harm for the affected policyholders, as well as reputational damage to insurer sector participants. Similarly, malicious cyber attacks against an insurer’s critical systems may impede its ability to conduct business.”
The insurance sector faces cyber risk from both internal and external sources, including through interconnections with third parties. Insurance sector cyber security incidents may result in severe and lingering harm for the policyholders affected and significant legal, regulatory, and operational costs, including reputational damage. Moreover, the insurance sector as a whole may be affected by a loss in public trust. Because of the growing frequency and severity of cyber security incidents on all commercial entities, cyber resilience must be achieved by all insurers, regardless of size, specialty, domicile, or geographic reach.
The International Association of Insurance Supervisors (IAIS) is a voluntary membership organisation of insurance supervisors and regulators from more than 200 jurisdictions in nearly 140 countries. The mission of the IAIS is to promote effective and globally consistent supervision of the insurance industry in order to develop and maintain fair, safe and stable insurance markets for the benefit and protection of policyholders and to contribute to global financial stability.
Established in 1994, the IAIS is the international standard setting body responsible for developing principles, standards and other supporting material for the supervision of the insurance sector and assisting in their implementation. The IAIS also provides a forum for Members to share their experiences and understanding of insurance supervision and insurance markets.
Modestus Anaesoronye