|
The new Cyber Insurance Working Group was launched to provide a forum for discussions on a minimum standard, explained NCC. According to its participants, such a standard would benefit both insurers and buyers. Insurers providing security cover would benefit from being able to demand a specific, structured demonstration of commitment and integrity. In turn, businesses implementing the standard will benefit from a strengthened infrastructure and cyber risk mitigation, they argue.
Rob Cotton, CEO at NCC Group, explained his company’s thinking on the subject. “This is the culmination of an ongoing campaign from NCC Group. Too many businesses see cyber insurance as a means of mitigating risk in itself, but having adequate information security measures in place both reduces the premium costs and lowers the risk of suffering a serious cyber attack.”
They said the group will meet regularly to drive the development of a framework of recommended information security practices and policies, including adequate business continuity plans and corporate information security policies.
Jacob Ingerslev, European Underwriting Director, Technology and Cyber Risks at CNA Europe, commented: “This is a great opportunity for us to participate in a working party approach to formulate a minimum standard for information assurance in the cyber insurance market. A standard is badly needed, and looks set to become a legal requirement in the future—we are looking to get ahead of the curve and be part of the force shaping the market.”