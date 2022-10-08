Zahoor Asher

Cyber attacks reached unprecedented levels in 2021, increasing by 105% according to a report. No industry is immune to their impact, supply chains.

As more and more companies realize that they need a better way to manage costs, protect themselves from cyber attacks and recover if necessary, the popularity of cyber insurance has exploded. Unlike traditional insurance policies, cyber insurance protects businesses from data breaches, cyber attacks such as violations and terrorist acts, among other events.

Although these policies have proven popular with insurers, the industry is not without growth difficulties. In 2021, the average payment of ransomwares increased by 78 % , reaching $ 541,010, while average demand for ransomwares increased by 144% to $ 2.2 million. This demand has led to a decrease in the supply of cyber insurance offers, with providers seeking to compensate for these losses or completely refusing to enter the market.

In fact, cyber premiums - insurance have increased by 92% year-on-year in 2021, leaving companies vulnerable to cyber - potentially catastrophic emergencies. With bonuses supposed to remain high and increasingly strict criteria, the time has come for an industry standard detailing what companies need to do to be insured.

An industry-wide cyber insurance standard will ensure that businesses can protect themselves from cyberattacks. A simple way to do this is to adopt a standard framework, like NIST - CSF . Managers such as NIST - CF provide a model of best practice, forcing companies to constantly update and check their systems, which guarantees that they will always be properly equipped to manage cyber risks.

Although each organization is different in terms of risk, a standardized framework makes it easier for companies to guarantee the security of their networks. As a frame of reference, NIST - CF is more easily accessible than other complex frames. Having this as an industry standard means that those who need insurance can get it or take the necessary steps to get it without sacrificing the guarantees necessary to interact in today's cyber environment.

The requirement for cyber - insurance will also force complacent companies to act. Even in the current environment of constant attack, some organizations refuse to make the investments necessary to protect themselves. Making cyber - insurance compulsory will require these organizations to have at least a solid basis of security controls to improve the overall hygiene of cybersecurity. These late adopters represent a sustained risk which affects the vertical sectors and the taxonomies they represent.

A standard industry framework will help mitigate some of this risk as it provides a standard framework that insurers can use when assessing potential customers. By having a basic checklist that users must reach before subscribing to a policy, insurers would understand the current cybersecurity structure of a business and would know that an organization is protected from certain risks. It would also help speed up the integration process, allowing companies to get insurance faster.

Although some attacks are inevitable, establishing an industry-wide framework would help solve some of the current industry problems and generate more opportunities for organizations to protect their assets.

As the cyber - insurance industry continues to evolve, a standard industry framework will serve as an essential guide for businesses and insurers. It provides clear guidelines on what companies need to do to be insured and serves as a checklist for insurers to assess potential customers.

This in turn will help reduce the impact of cyber attacks and create a more sustainable insurance market for providers.