Home
Our Services
Free resources
- Privacy Research
  Free to use data privacy research
  Key Capabilities
  Latest privacy news tracking
  Product versions
  Latest privacy news tracking
  Track the latest news, breaches and fines
  Key features
  Tracks the latest breaches and fines
  View by industry
  View by breach method
  View by privacy topic
  Links to original articles
  Free to use
  
  Learn more »
  Latest Threat Intelligence
  Product versions
  Latest Threat Intelligence
  Track the Common Vulnerability Exposures (CVEs)
  Key features
  Tracks the latest vulnerabilities
  View by company
  View by breach method
  Links to NVD
  Free to use
  
  Learn more »
  Breach modelling and ROI calculator
  Product versions
  Breach modelling and ROI calculator
  Model what a breach would look like for you in your industry and use this to calculate your return on investment
  Key features
  Model your breach
  Assess the severity
  Compare by industry
  Breakdown costs
  Export to your business plan
  Free to use
  
  Learn more »
Privacy news
Company
- About Us
- FAQ
- Contact Us

Cyber attacks set to become ‘uninsurable’, says Zurich chief

Please use the sharing tools found via the share button at the top or side of articles. Copying articles to share with others is a breach of FT.com T&Cs and Copyright Policy. Email [email protected] to buy additional rights. Subscribers may share up to 10 or 20 articles per month using the gift article service. More information can be found at https://www.ft.com/tour.
https://www.ft.com/content/63ea94fa-c6fc-449f-b2b8-ea29cc83637d

Cyber attacks set to become ‘uninsurable’, says Zurich chief
There is growing concern among industry executives about large-scale strikes

The chief executive of Zurich Insurance praised the US government’s steps to discourage ransom payments to cyber attackers © Arnd Wiegmann/Reuters
Cyber attacks set to become ‘uninsurable’, says Zurich chief on twitter (opens in a new window)
Cyber attacks set to become ‘uninsurable’, says Zurich chief on facebook (opens in a new window)
Cyber attacks set to become ‘uninsurable’, says Zurich chief on linkedin (opens in a new window)
Save
current progress 90%
Ian Smith, Insurance Correspondent DECEMBER 26 2022
140
Print this page
Receive free Insurance updates
We’ll send you a myFT Daily Digest email rounding up the latest Insurance news every morning.

The chief executive of one of Europe’s biggest insurance companies has warned that cyber attacks, rather than natural catastrophes, will become “uninsurable” as the disruption from hacks continues to grow.

Insurance executives have been increasingly vocal in recent years about systemic risks, such as pandemics and climate change, that test the sector’s ability to provide coverage. For the second year in a row, natural catastrophe-related claims are expected to top $100bn.

But Mario Greco, chief executive at insurer Zurich, told the Financial Times that cyber was the risk to watch.

“What will become uninsurable is going to be cyber,” he said. “What if someone takes control of vital parts of our infrastructure, the consequences of that?”

Recent attacks that have disrupted hospitals, shut down pipelines and targeted government departments have all fed concern about this expanding risk among industry executives.

Focusing on the privacy risk to individuals was missing the bigger picture, Greco added: “First off, there must be a perception that this is not just data . . . this is about civilisation. These people can severely disrupt our lives.”

Spiralling cyber losses in recent years have prompted emergency measures by the sector’s underwriters to limit their exposure. As well as pushing up prices, some insurers have responded by tweaking policies so clients retain more losses.

There are exemptions written into policies for certain types of attacks. In 2019, Zurich initially denied a $100mn claim from food company Mondelez, arising from the NotPetya attack, on the basis that the policy excluded a “warlike action”. The two sides later settled.

In September, Lloyd’s of London defended a move to limit systemic risk from cyber attacks by requesting that insurance policies written in the market have an exemption for state-backed attacks.

At the time, a senior Lloyd’s executive said the move was “responsible” and preferable to waiting until “after everything has gone wrong.” But the difficulty of identifying those behind attacks and their affiliations makes such exemptions legally fraught, and cyber experts have warned that rising prices and bigger exceptions could put off people buying any protection.

Greco said there was a limit to how much the private sector can absorb, in terms of underwriting all the losses coming from cyber attacks. He called on governments to “set up private-public schemes to handle systemic cyber risks that can’t be quantified, similar to those that exist in some jurisdictions for earthquakes or terror attacks”.

In September, the US government called for views on whether a federal insurance response to cyber was warranted, which could be part of, or outside, its current public-private insurance programme for acts of terrorism.

Recommended

The Big Read
How North Korea became a mastermind of crypto cyber crime

A report from the US Government Accountability Office in June highlighted the potential of cyber incidents to “spill over” to other linked firms. It said examples such as the Colonial Pipeline hack, which created temporary gasoline shortages in the south-east US, demonstrated “the possibility that a single cyber incident could ripple across critical infrastructure with catastrophic consequences”.

Greco also praised the US government’s steps to discourage ransom payments. “If you curb the payment of ransoms, there will be fewer attacks.”

Read the original article 26 Dec 2022

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

Cyber attacks set to become ‘uninsurable’, says Zurich chief