Cyber ​​risks: ways to protect companies

© Viacheslav Iakobchuk

54%: this is the share of French companies that would have been the subject of a cyberattack in 2021, a constant increase in recent years.

The digitization of the economy generates new risks for businesses, particularly cyber risk.

Consult the report of the Directorate General of the Treasury: the development of cyber risk insurance

Increasing cyber risks and companies with little insurance against this threat

The dependence of the economic fabric on digital technology has facilitated the multiplication of new risks of cyber origin, in particular cyberattacks. The health crisis has further accelerated this trend, through the adoption of new ways of working and consuming.

Today we see an increase in cyberattacks, whether in volume, frequency or complexity. Cyberattacks today are likely to threaten the survival of a company. Resilience to cyber risk is therefore a major issue of sovereignty.

Despite this situation, this risk is still relatively uninsured. In fact, it represents only nearly 3% of damage insurance contributions for professionals.

This observation is the result of two factors: a difficulty in understanding cyber risk for companies (especially the smallest ones) on the one hand, and on the other hand difficulties in estimating its impacts for insurance players, especially during large-scale incidents.

Concrete actions proposed to develop insurance solutions and strengthen cyber risk prevention

The report proposes concrete and credible actions around four axes:

Clarify the legal framework for cyber risk insurance

Around this axis several aspects are concerned: the clarification of the clauses of traditional contracts, the dissemination of good practices for the drafting of contracts, the improvement of the information of the insured on the extent of their guarantees or the obligation to filing of a complaint by the victim to allow the insurability of a cyber-ransom.

Promote better measurement of cyber risk

The objective is to have as much data as possible on this risk in order to enable players to better predict and take into account their exposure. To do this, the creation of a cyber threat observatory, or the transmission of information between insurers within a dedicated data sharing platform, are encouraged.

Improve risk sharing between policyholders, insurers and reinsurers

Here, several avenues are addressed such as the promotion of innovative solutions in insurance or the development of self-insurance solutions.

Increase efforts to raise companies’ awareness of cyber risk

In the recommendations, the report proposes to develop cooperation between public and private actors in the territories to raise awareness of the local economic fabric, the training of insurance professionals, without forgetting the definition of shared safety standards.

Consult the report of the Directorate General of the Treasury: the development of cyber risk insurance

In order to rapidly implement these guidelines, a task force dedicated to cyber risk insurance, involving the players concerned will be put in place by the end of September.

Leave a Comment