Page 21 - Risk Management Bulletin April -June 2021
P. 21
RMAI BULLETIN APRIL TO JUNE 2021
Cyber Insurance is a comprehensive insurance solution Y Business Interruption
for banks covering first-party costs and third-party
Y Cyber Theft
liability risks arising from a cyber-event.
Some of the insurance companies providing cyber
First-party Coverage insurance services in India are Tata AIG, ICICI Lombard,
Bajaj Allianz, HDFC ERGO and New India Assurance.
First-party covers provide protection to the bank in the
event of a loss whether caused by itself or someone Barriers to Growth
else. When a bank experiences a cyber-attack or a data Although the concept of cyber insurance looks
breach, the following events/occurrences can be appealing yet there are certain roadblocks to its full
covered under insurance: implementations for both insurer and the insured. The
Y Employee Theft Coverage
major problems are:
Y Premises Coverage Y Lack of a privacy law in India
Y Transit Coverage Y Industry specific risk
Y Computer Fraud Coverage Y Lack of historical data
Y Depositor's Forgery Coverage Y Cost burden in adopting a cyber-insurance cover
Y Forensic Investigation Y Underlying complexity of calculating premium,
Y Business Interruption assessment of third party loses, detecting
fraudulent claims
Y Computer Data Loss and restoration
Y Difficulty to predict probability of occurrence and
Y Extortion
impact of the risk
Third-party Coverage Y Having to customize policy covers and premiums
Third-party coverage provide protection to the bank for each industry
against the claims of third party. When a bank
Y Lack of predefined standards, metrics of cyber risk
experiences a cyber -attack or a data breach, the insurance
following events/occurrences can be covered under
insurance: Y Ambiguity over the scope and coverage of policies
Y Litigation and Regulatory Y Absence of a single comprehensive insurance
Y Regulatory Response cover (presence of multiple covers and policies by
different insurers)
Y Notification Costs
Y Crisis management The Future Course of Action
Y Credit Monitoring Looking at the barriers of growth of demand in the
cyber insurance and understanding the gravity it is
Y Media Liability
important that the onus of creating space for the cyber
Y Privacy Liability
insurance in market lies with the stakeholders who are
getting affected directly or indirectly. So stakeholder
In India, the concept is still at a very nascent stage. As
wise action points are as follows:
per industry reports, there has been a 40 % rise in
cyber insurance policies in 2018 as compared to 2017 o Regulators/Govt. Bodies
which is indicating that customers are becoming more A. Creating awareness and ecosystem skills in
aware of the threats being faced by them in the cyber cyber insurance policies by running awareness
space and that the major threats that the corporations programs. Incentivizing various organizations
are facing is coming from cyber criminals and the through direct intervention or providing
integrity of the valuable data of their clients is being procurement benefits, providing toolkits and
put on stake and risk. The major areas covered by the checklists.
policy issued in India include: B. Introducing cyber insurance as a measure to
Y 1st Party Expenses mitigate risks through National IT and Security
Y Privacy and Data Liability Policy.
19
