Lloyds to end insurance coverage for state cyber attacks

Lloyds to end insurance coverage for state cyber attacks

Insurance market Lloyds of London has indicated it will take the necessary steps to protect its insurance groups from “disastrous” nation-state cyber attacks. Cyber ​​insurance Policies from 31 March 2023.

According to The Wall Street JournalThe change, which first reported the story, will ensure that the scope of cyber insurance policies is made clear to buyers and is being done because Lloyd’s believes the impact of state-sponsored attacks is a “systemic risk”.

The newspaper quoted A notification dated August 16 Written by Tony Chowdhury, Director of Underwriting. Chowdhury said Lloyd’s strongly supports cyber insurance, but the rapidly evolving nature of the threat landscape requires such policies to be managed appropriately.

Chowdhury said that in particular, the ability of state-sponsored threat actors to spread their attacks quickly and easily, and the critical reliance that societies now have on digital infrastructure, means that the losses that “can arise” are likely to be far greater than insurance. able to absorb the market”.

Lloyd’s move reflects a growing trend among cyber insurers to tighten their policy terms. Talking to Computer Weekly In early 2022, Heidi Shay, a principal analyst at Forrester, described a “tightening of the market” that saw, among other things, insurer AXA France Suspend reimbursement for ransomware payments.

In the same article, Simon Gilbert of Insurance Brokerage Elmore Commented: “The main trends we’ve seen in the last 12 months are reductions in indemnity limits – the maximum amount an insurer will pay under a policy – ​​and the rising cost of cyber insurance due to ransomware losses affecting the cyber insurance portfolio of almost every insurer.”

These changes add weight to concerns that companies are finding it increasingly difficult to procure appropriate cyber insurance coverage, because Recent research Produced by Risk Management Specialists Huntsman Security showed

The firm’s CEO, Peter Woollacott, said there were a number of factors, including tighter regulatory controls, rising premiums, increasingly tight underwriting, capacity constraints and Lloyd’s proposed coverage limits.

He warned that the number of companies that won’t be able to afford cyber insurance, end up with inadequate coverage or are denied coverage altogether, could double by the end of 2023.

“With increasing cyber threats and tightening regulations, as well as this reduced access to insurance, many organizations are losing cyber insurance as an important risk management tool,” Ullacott said. “Even those who can still get insurance are paying prohibitively high prices.”

For this reason, security leaders need to be clear about cyber insurance Only one of many levers they can pullAnd should not be used to replace controls that should already be in place, says Tom Venables, practice director of applications and cyber security. Turnkey Consulting.

“One can insure their car, but still obey the speed limit, wear a seatbelt and avoid drinking and driving,” he said. “In other words, despite being insured, they take extra preventative measures to ensure that the risk to the vehicle is kept to a minimum.

“Applying this principle to cyber insurance, security professionals need to focus on understanding the organization’s risk. They need to know what information assets need protection, how those assets can be vulnerable, and what controls are needed to mitigate risk.

“The database itself may have up-to-date patching, but if one is supporting a business-critical application, such as controlling a production line, that may be more important in a ransomware attack.”



Source link

Watch the Dior Spring Summer’23 fashion show #DIORSS23 Basketball Wives star Brooke Bailey announces daughter passes away in car accident Fortnite Season 3 Ends And Season 4 Begins Chrissy Teigen: I Didn’t Have A Miscarriage, I Had An Abortion ‘To Save My Life’ Don’t Worry Darling movie review
%d bloggers like this: