Follow Us

Follow us on Twitter  Follow us on LinkedIn
 

28 August 2018

GFIA: Concerns over IAIS cyber-security paper


The GFIA has warned against the introduction of potentially restrictive measures as part of the supervision of insurer cybersecurity. The GFIA says these could limit the ability of insurers and supervisors to innovate in the face of rapidly changing cyber threats, and such inflexible supervision could rapidly become obsolete and introduce vulnerabilities.

The Global Federation of Insurance Associations (GFIA), in its response to an International Association of Insurance Associations (IAIS) consultation on its application paper on the supervision of insurer cybersecurity, says that while countries have different approaches to privacy and cybersecurity risks, it believes that harmonisation and coordination among international governing bodies is, to the extent possible, important. But it warns: “It is also inappropriate to regulate through or prescribe/proscribe particular technologies. Technology development is fast moving and what is appropriate/inappropriate today may be obsolete tomorrow. More outcomes-focused guidance would be appropriate as a result.”

Limiting cyber intrusions and their consequences is a shared goal of the public and private sector, and through future collaboration, according to the GFIA, can help foster resilience and avoid potential unintended consequences from regulatory and standard-setting frameworks.

In its response, the GFIA says it “respectfully recommends that the elements of proportionality and risk-based approaches be more prominently reflected in the text, particularly before every list of specific measures outlined in the application paper”, adding: “[The] GFIA is of the view that this approach would reflect the IAIS’s intent, but it should be made abundantly clear that every measure in the paper is an example and not a recommended prescriptive mandate.”

GFIA_response

Article on Commercial Risk (subscription required)



© GFIA - Global Federation of Insurance Associations


< Next Previous >
Key
 Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information



Add new comment