Cargando…

Coordination of cybersecurity risk management in the U.K. insurance sector

The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluati...

Descripción completa

Detalles Bibliográficos
Autor principal: Klumpes, Paul
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Palgrave Macmillan UK 2023
Materias:
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9912230/
https://www.ncbi.nlm.nih.gov/pubmed/36789275
http://dx.doi.org/10.1057/s41288-023-00287-9
_version_ 1784885161207267328
author Klumpes, Paul
author_facet Klumpes, Paul
author_sort Klumpes, Paul
collection PubMed
description The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluation of these arrangements. It first provides a descriptive overview of the key U.K. regulatory authorities and the evolution of their efforts over the past decade, as well as the scope for broader collaborations with industry and member-based associations and international organisations. It then evaluates the effectiveness of these efforts by providing a multi-method study of the incidence, nature and evolution of cost of data breaches, investment in computer systems and software intangible assets at risk of cyberattack, and a content analysis of annual reports of both U.K. regulators and a sample of U.K. insurers. The findings suggest that while both the total costs of data breaches and the size of investment in computer systems and software intangibles at risk of cyberattack have gradually increased over time, the degree of engagement with cyber as a reporting issue by both cyber insurers and financial regulators has not. It is concluded that while these efforts have been apparently successful in avoiding a large-scale, systemic cyberattack on the U.K. insurance industry, there are significant gaps and overlaps in the system of cyber regulatory oversight.
format Online
Article
Text
id pubmed-9912230
institution National Center for Biotechnology Information
language English
publishDate 2023
publisher Palgrave Macmillan UK
record_format MEDLINE/PubMed
spelling pubmed-99122302023-02-10 Coordination of cybersecurity risk management in the U.K. insurance sector Klumpes, Paul Geneva Pap Risk Insur Issues Pract Article The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluation of these arrangements. It first provides a descriptive overview of the key U.K. regulatory authorities and the evolution of their efforts over the past decade, as well as the scope for broader collaborations with industry and member-based associations and international organisations. It then evaluates the effectiveness of these efforts by providing a multi-method study of the incidence, nature and evolution of cost of data breaches, investment in computer systems and software intangible assets at risk of cyberattack, and a content analysis of annual reports of both U.K. regulators and a sample of U.K. insurers. The findings suggest that while both the total costs of data breaches and the size of investment in computer systems and software intangibles at risk of cyberattack have gradually increased over time, the degree of engagement with cyber as a reporting issue by both cyber insurers and financial regulators has not. It is concluded that while these efforts have been apparently successful in avoiding a large-scale, systemic cyberattack on the U.K. insurance industry, there are significant gaps and overlaps in the system of cyber regulatory oversight. Palgrave Macmillan UK 2023-02-10 2023 /pmc/articles/PMC9912230/ /pubmed/36789275 http://dx.doi.org/10.1057/s41288-023-00287-9 Text en © The Author(s) 2023 https://creativecommons.org/licenses/by/4.0/Open AccessThis article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) .
spellingShingle Article
Klumpes, Paul
Coordination of cybersecurity risk management in the U.K. insurance sector
title Coordination of cybersecurity risk management in the U.K. insurance sector
title_full Coordination of cybersecurity risk management in the U.K. insurance sector
title_fullStr Coordination of cybersecurity risk management in the U.K. insurance sector
title_full_unstemmed Coordination of cybersecurity risk management in the U.K. insurance sector
title_short Coordination of cybersecurity risk management in the U.K. insurance sector
title_sort coordination of cybersecurity risk management in the u.k. insurance sector
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9912230/
https://www.ncbi.nlm.nih.gov/pubmed/36789275
http://dx.doi.org/10.1057/s41288-023-00287-9
work_keys_str_mv AT klumpespaul coordinationofcybersecurityriskmanagementintheukinsurancesector