A recent report published by the International Underwriting Association (IUA) and CyberCube has shed light on the increasing significance of supply chain risks within cyber insurance. It underscores the need for underwriters to scrutinize their clients’ business continuity plans. All while providing a comprehensive checklist for assessing an organization’s cyber supply chain.
In a digital landscape where businesses are becoming increasingly dependent on third-party digital support, the report emphasizes that supply chain risks have not received the attention they deserve. This is especially the case when compared to other major cyber threats like war risks. To navigate this evolving landscape, the report encourages a heightened focus on risk management. This approach can enable insurers, brokers, and clients to determine the appropriate levels of coverage. Thus, ensuring an effective response to potential claims.
Thomas Clayton, Chair of the IUA’s Cyber Underwriting Group and Head of Cyber at Zurich Insurance notes that most organizations rely on a complex web of external vendors, technologies, and suppliers. However, these relationships are not without their inherent risks. He underscores the urgency of identifying single points of failure within digital supply chains, often linking unrelated businesses through a handful of specialist providers. An outage at one of these providers could disrupt entire industries, he warns.
“Mitigate That Risk”
Jon Laux, CyberCube’s VP of Analytics, highlights that while it may be impossible to completely eliminate single points of failure from insurers’ portfolios, understanding their concentration is crucial for managing risk accumulations and minimizing the potential for catastrophic cyber losses. Organizations and brokers that articulate their supply chain risk and the measures taken to mitigate it will be better positioned to secure cyber insurance coverage. This not only improves operational resilience but also minimizes threats to the continuity of trade.
Jon Laux, CyberCube’s VP of Analytics, said, “Those organisations and their brokers that can articulate clearly what their supply chain risk is and measures adopted to mitigate that risk will be in a better position to source cyber insurance cover at the levels required.”
The IUA and CyberCube report also includes several case studies that demonstrate the impact of various cyber attacks on supply chains. These case studies offer lessons learned and discuss approaches for modeling losses related to specific threats.
Additionally, the report delves into regulatory aspects of cyber modeling. It also addresses points raised by the Prudential Regulatory Authority’s Insurance Stress Test exercise. It further explores the divergent approaches taken by different cyber loss models.
The full report, titled ‘Supply Chain Risk in the Cyber Insurance Market,’ is available for download on the IUA website.
For more information, visit www.iua.co.uk/cyber and www.cybcube.com.
Source: Cyber Supply Chain Risks Highlighted by IUA and CyberCube Report
Other News: Supply Chain, Logistics and Cyber Insurance(Opens in a new browser tab)