On 10 May, UK partner Simon Cooper spoke on cyber risk at the DIFC Insurance Association seminar in Dubai.
The presentation covered the complex nature of cyber risks together with issues for insureds and for insurers/reinsurers, from both a UK and Middle East perspective. It dealt with the wide ranging cast of perpetrators, from state actors, terrorists, hacktivists and pressure groups through to criminals and employees, across the vast scale and many forms of cyber attacks, from hacking, denial of service and distributed denial of service through to ransomware, extortion and accident.
The presentation addressed the adverse financial and reputational impact on all areas of business and all sizes of company and it emphasised that cyber risk is an operational issue and not an IT issue. In examining whether cyber insurance can solve the problem, Simon explained the challenges presented by the diversity of definition of key terms, disclosure and notification requirements and strict compliance standards, the lack of reliable data and ever changing risk, the interface between cyber cover and other policies, aggregation, silent cyber cover and exclusion clauses that can be too narrow or too wide.
He also underlined the huge potential for growth, and the scope for new clauses together with the need for improved risk management and prevention, education and training, and the possibility of government intervention in the event of catastrophic uninsurability. The subject of cyber risk is of obvious interest to the DIFC Insurance Association and the event was well attended by a good number of the association’s members.