Cargando…
Coordination of cybersecurity risk management in the U.K. insurance sector
The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluati...
Autor principal: | |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
Palgrave Macmillan UK
2023
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9912230/ https://www.ncbi.nlm.nih.gov/pubmed/36789275 http://dx.doi.org/10.1057/s41288-023-00287-9 |
_version_ | 1784885161207267328 |
---|---|
author | Klumpes, Paul |
author_facet | Klumpes, Paul |
author_sort | Klumpes, Paul |
collection | PubMed |
description | The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluation of these arrangements. It first provides a descriptive overview of the key U.K. regulatory authorities and the evolution of their efforts over the past decade, as well as the scope for broader collaborations with industry and member-based associations and international organisations. It then evaluates the effectiveness of these efforts by providing a multi-method study of the incidence, nature and evolution of cost of data breaches, investment in computer systems and software intangible assets at risk of cyberattack, and a content analysis of annual reports of both U.K. regulators and a sample of U.K. insurers. The findings suggest that while both the total costs of data breaches and the size of investment in computer systems and software intangibles at risk of cyberattack have gradually increased over time, the degree of engagement with cyber as a reporting issue by both cyber insurers and financial regulators has not. It is concluded that while these efforts have been apparently successful in avoiding a large-scale, systemic cyberattack on the U.K. insurance industry, there are significant gaps and overlaps in the system of cyber regulatory oversight. |
format | Online Article Text |
id | pubmed-9912230 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2023 |
publisher | Palgrave Macmillan UK |
record_format | MEDLINE/PubMed |
spelling | pubmed-99122302023-02-10 Coordination of cybersecurity risk management in the U.K. insurance sector Klumpes, Paul Geneva Pap Risk Insur Issues Pract Article The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluation of these arrangements. It first provides a descriptive overview of the key U.K. regulatory authorities and the evolution of their efforts over the past decade, as well as the scope for broader collaborations with industry and member-based associations and international organisations. It then evaluates the effectiveness of these efforts by providing a multi-method study of the incidence, nature and evolution of cost of data breaches, investment in computer systems and software intangible assets at risk of cyberattack, and a content analysis of annual reports of both U.K. regulators and a sample of U.K. insurers. The findings suggest that while both the total costs of data breaches and the size of investment in computer systems and software intangibles at risk of cyberattack have gradually increased over time, the degree of engagement with cyber as a reporting issue by both cyber insurers and financial regulators has not. It is concluded that while these efforts have been apparently successful in avoiding a large-scale, systemic cyberattack on the U.K. insurance industry, there are significant gaps and overlaps in the system of cyber regulatory oversight. Palgrave Macmillan UK 2023-02-10 2023 /pmc/articles/PMC9912230/ /pubmed/36789275 http://dx.doi.org/10.1057/s41288-023-00287-9 Text en © The Author(s) 2023 https://creativecommons.org/licenses/by/4.0/Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) . |
spellingShingle | Article Klumpes, Paul Coordination of cybersecurity risk management in the U.K. insurance sector |
title | Coordination of cybersecurity risk management in the U.K. insurance sector |
title_full | Coordination of cybersecurity risk management in the U.K. insurance sector |
title_fullStr | Coordination of cybersecurity risk management in the U.K. insurance sector |
title_full_unstemmed | Coordination of cybersecurity risk management in the U.K. insurance sector |
title_short | Coordination of cybersecurity risk management in the U.K. insurance sector |
title_sort | coordination of cybersecurity risk management in the u.k. insurance sector |
topic | Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9912230/ https://www.ncbi.nlm.nih.gov/pubmed/36789275 http://dx.doi.org/10.1057/s41288-023-00287-9 |
work_keys_str_mv | AT klumpespaul coordinationofcybersecurityriskmanagementintheukinsurancesector |