{"id":601071,"date":"2023-01-25T06:49:34","date_gmt":"2023-01-25T12:49:34","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/01\/25\/uk-insurers-need-to-up-their-game-on-cyber-gaps-says-pra\/"},"modified":"2023-01-25T06:49:34","modified_gmt":"2023-01-25T12:49:34","slug":"uk-insurers-need-to-up-their-game-on-cyber-gaps-says-pra","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/01\/25\/uk-insurers-need-to-up-their-game-on-cyber-gaps-says-pra\/","title":{"rendered":"UK insurers need to up their game on cyber gaps, says PRA"},"content":{"rendered":"<div id=\"content-header\">\n<h2>Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority<\/h2>\n<\/div>\n<div id=\"content-center\">\n<ul>\n<li><i data-icon=\"1\"><\/i><\/li>\n<li><i data-icon=\"2\"><\/i><\/li>\n<\/ul>\n<div id=\"contributors-block\">\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"Alex Scroxton\">\n\t\t\t\t\t<\/p>\n<p><span>By<\/span><\/p>\n<ul>\n<li>\n\t\t\t\t\t<a href=\"https:\/\/www.techtarget.com\/contributor\/Alex-Scroxton\">Alex Scroxton,<\/a><br \/>\n\t\t\t\t\t\t<span>Security Editor<\/span>\n\t\t\t\t\t\t<\/li>\n<\/ul>\n<p>\n\tPublished: <span>24 Jan 2023 16:30<\/span>\n<\/p>\n<\/div>\n<section id=\"content-body\">\n<p>The Bank of England regulator, <a href=\"https:\/\/www.bankofengland.co.uk\/prudential-regulation\">the Prudential Regulation Authority<\/a> (PRA), has highlighted a number of concerning gaps and limitations in how major insurers model and respond to cyber risk, after conducting a stress test of the sector.<\/p>\n<p><a href=\"https:\/\/www.bankofengland.co.uk\/-\/media\/boe\/files\/prudential-regulation\/letter\/2023\/insurance-stress-test-2022-feedback.pdf?la=en&#038;hash=A680452E3B0B5EA3EA2FC5E470EBEF3B66A58DD5\">The stress test exercise<\/a> saw 17 general insurers and 21 Lloyd\u2019s of London syndicates assess their solvency position against losses arising from cyber incidents. Participants provided an assessment of their ability to prevent, react and respond to cyber attacks.<\/p>\n<p>\u201cWe note that cyber is an evolving peril, and consequently <a href=\"https:\/\/www.techtarget.com\/searchsecurity\/tip\/How-to-find-ransomware-cyber-insurance-coverage\">cyber coverage will continue to develop<\/a>,\u201d\u00a0wrote Charlotte Garden, executive director of insurance supervision at the PRA. \u201cThis exercise has provided us with a wide range of current practices across the market, which will inform future supervision.\u201d<\/p>\n<p>It found that insurers struggled to ascertain the likelihood of cyber incidents \u2013 defined for the purposes of the test as <a href=\"https:\/\/www.computerweekly.com\/news\/252503166\/Insurers-unprepared-for-challenges-of-underwriting-ransomware\">ransomware attacks<\/a>, data leaks and cloud computing outages \u2013 and tended to word their cyber policies too ambiguously.<\/p>\n<p>It warned that current practices could lead to a \u201cmisestimation of scenario impacts for individual insurers\u201d.<\/p>\n<p>Among other things, the exercise found evidence of substantial variance in how insurers assessed risk, which is not necessarily out of the ordinary in a relatively youthful market, but needs to be addressed moving forward.<\/p>\n<p>It also highlighted disparities in the ability of individual insurers and syndicates to identify the implications of contract uncertainty, with a number of parties unable to properly assess the potential impact should key exclusions \u2013 <a href=\"https:\/\/www.computerweekly.com\/news\/252524057\/Lloyds-to-end-insurance-coverage-for-state-cyber-attacks\">such as for nation state attacks<\/a> \u2013 not hold. It warned of untested policy language and contractual uncertainty, and said boards needed to be made better aware of this problem.<\/p>\n<p>The PRA further noted that the percentage of potential claims identified as arising from non-affirmative or silent cover \u2013 where policies are triggered following an incident but where cyber risks have not been explicitly included in them, or exclusionary language is ambiguous on the point \u2013 was reducing, which is in line with the guidance it previously issued.<\/p>\n<p>Finally, it also noted that in general, insurance companies are still materially dependent on reinsurance to <a href=\"https:\/\/www.computerweekly.com\/news\/252529031\/Insurer-Beazley-introduces-catastrophe-bond-to-ease-cyber-risk\">mitigate the impact of cyber incidents<\/a> on their books.<\/p>\n<p>Garden said that moving forward, the PRA would be on-hand to help insurance firms enhance their practices to manage and mitigate the potential damage arising from cyber incidents.<\/p>\n<p>Achi Lewis, area vice-president for EMEA for <a href=\"https:\/\/www.absolute.com\/\">Absolute Software<\/a>, said: \u201cEspecially during periods of economic uncertainty, it is vital that organisations are aware of their cyber resilience, the likelihood of threats, and how to both prevent and respond to attacks.<\/p>\n<p>\u201cThe PRA\u2019s caution is important to prepare firms in the event of a worst-case outcome, with major cyber attacks the cause of significant downtime, data breaches and financial cost.<\/p>\n<p>\u201cRemediation from major attacks can prove costly, often resulting in weeks, months, or even years for a full investigation, restoration and legal procedures to take place, beyond the initial damage of the attack itself,\u201d he said. \u201cIt is therefore essential that all organisations have cyber security as a top priority.\u201d<\/p>\n<\/section>\n<section id=\"DigDeeperSplash\">\n<h4>\n\t\t\t<i data-icon=\"m\"><\/i>Read more on IT risk management<\/h4>\n<ul>\n<li><a id=\"DigDeeperItem-1\" href=\"https:\/\/www.computerweekly.com\/news\/252529031\/Insurer-Beazley-introduces-catastrophe-bond-to-ease-cyber-risk\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/cyber-insurance-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/cyber-insurance-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/cyber-insurance-adobe.jpg 1280w\" alt ><\/p>\n<h5>Insurer Beazley introduces catastrophe bond to ease cyber risk<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-2\" href=\"https:\/\/www.computerweekly.com\/opinion\/Cyber-insurance-The-good-the-bad-and-the-ugly\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/cyber-insurance-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/cyber-insurance-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/German\/article\/cyber-insurance-adobe.jpg 1280w\" alt ><\/p>\n<h5>Cyber insurance: The good, the bad and the ugly<\/h5>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-3\" href=\"https:\/\/www.computerweekly.com\/opinion\/Security-Think-Tank-Ransomware-and-CISOs-balancing-act\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/Security-Think-Tank-hero_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Security-Think-Tank-hero_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/Security-Think-Tank-hero.jpg 1280w\" alt ><\/p>\n<h5>Security Think Tank: Ransomware and CISOs\u2019 balancing act<\/h5>\n<p>\t\t\t\t<\/a><\/li>\n<li><a id=\"DigDeeperItem-4\" href=\"https:\/\/www.computerweekly.com\/news\/252524985\/New-player-pioneers-active-cyber-insurance-for-UK-market\"><br \/>\n\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero Images\/dice-risk-gamble-adobe_searchsitetablet_520X173.jpg\" srcset=\"https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/dice-risk-gamble-adobe_searchsitetablet_520X173.jpg 960w,https:\/\/cdn.ttgtmedia.com\/visuals\/ComputerWeekly\/Hero%20Images\/dice-risk-gamble-adobe.jpeg 1280w\" alt ><\/p>\n<h5>New player pioneers \u2018active cyber insurance\u2019 for UK market<\/h5>\n<div>\n<p><img decoding=\"async\" src=\"https:\/\/cdn.ttgtmedia.com\/rms\/computerweekly\/Alex-Scroxton-CW-Contributor-2022.jpg\" alt=\"AlexScroxton\">\n\t\t\t\t\t\t\t\t\t<\/p>\n<p><span>By: <span>Alex\u00a0Scroxton<\/span><\/span>\n\t\t\t\t\t\t\t<\/p>\n<\/div>\n<p>\t\t\t\t<\/a><\/li>\n<\/ul>\n<\/section>\n<\/div>\n<p><a href=\"https:\/\/www.computerweekly.com\/news\/252529529\/UK-insurers-need-to-up-their-game-on-cyber-gaps-says-PRA\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Elroy Wrona<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority By Alex Scroxton, Security Editor Published: 24 Jan 2023 16:30 The Bank of England regulator, the Prudential Regulation Authority (PRA), has highlighted a number of concerning gaps and limitations in<\/p>\n","protected":false},"author":1,"featured_media":601072,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[24748,30445,46],"tags":[],"class_list":{"0":"post-601071","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-cyber","8":"category-insurers","9":"category-technology"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/601071","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=601071"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/601071\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/601072"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=601071"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=601071"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=601071"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}