Coordination of cybersecurity risk management in the U.K. insurance sector.

Paul Klumpes
{"title":"Coordination of cybersecurity risk management in the U.K. insurance sector.","authors":"Paul Klumpes","doi":"10.1057/s41288-023-00287-9","DOIUrl":null,"url":null,"abstract":"<p><p>The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluation of these arrangements. It first provides a descriptive overview of the key U.K. regulatory authorities and the evolution of their efforts over the past decade, as well as the scope for broader collaborations with industry and member-based associations and international organisations. It then evaluates the effectiveness of these efforts by providing a multi-method study of the incidence, nature and evolution of cost of data breaches, investment in computer systems and software intangible assets at risk of cyberattack, and a content analysis of annual reports of both U.K. regulators and a sample of U.K. insurers. The findings suggest that while both the total costs of data breaches and the size of investment in computer systems and software intangibles at risk of cyberattack have gradually increased over time, the degree of engagement with cyber as a reporting issue by both cyber insurers and financial regulators has not. It is concluded that while these efforts have been apparently successful in avoiding a large-scale, systemic cyberattack on the U.K. insurance industry, there are significant gaps and overlaps in the system of cyber regulatory oversight.</p>","PeriodicalId":75009,"journal":{"name":"The Geneva papers on risk and insurance. Issues and practice","volume":"48 2","pages":"332-371"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9912230/pdf/","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Geneva papers on risk and insurance. Issues and practice","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1057/s41288-023-00287-9","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

The increasing threat of cyberattacks has resulted in increased efforts by both the U.K. government and regulatory authorities to coordinate efforts to influence cybersecurity risk management practices in the U.K. insurance sector, focusing on cyber risk underwriters. This paper provides an evaluation of these arrangements. It first provides a descriptive overview of the key U.K. regulatory authorities and the evolution of their efforts over the past decade, as well as the scope for broader collaborations with industry and member-based associations and international organisations. It then evaluates the effectiveness of these efforts by providing a multi-method study of the incidence, nature and evolution of cost of data breaches, investment in computer systems and software intangible assets at risk of cyberattack, and a content analysis of annual reports of both U.K. regulators and a sample of U.K. insurers. The findings suggest that while both the total costs of data breaches and the size of investment in computer systems and software intangibles at risk of cyberattack have gradually increased over time, the degree of engagement with cyber as a reporting issue by both cyber insurers and financial regulators has not. It is concluded that while these efforts have been apparently successful in avoiding a large-scale, systemic cyberattack on the U.K. insurance industry, there are significant gaps and overlaps in the system of cyber regulatory oversight.

Abstract Image

Abstract Image

Abstract Image

查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
英国保险业网络安全风险管理的协调。
网络攻击的威胁日益增加,导致英国政府和监管机构加大了协调努力,以影响英国保险业的网络安全风险管理实践,重点是网络风险承销商。本文对这些安排进行了评价。它首先提供了英国主要监管机构的描述性概述,以及他们在过去十年中努力的演变,以及与行业、会员协会和国际组织更广泛合作的范围。然后,通过对数据泄露的发生率、性质和成本演变、面临网络攻击风险的计算机系统和软件无形资产投资的多方法研究,以及对英国监管机构和英国保险公司样本的年度报告进行内容分析,评估这些努力的有效性。调查结果表明,尽管随着时间的推移,数据泄露的总成本以及面临网络攻击风险的计算机系统和软件无形资产的投资规模都在逐渐增加,但网络保险公司和金融监管机构将网络作为一个报告问题的参与程度却没有增加。结论是,尽管这些努力显然成功地避免了对英国保险业的大规模系统性网络攻击,但网络监管体系中存在重大漏洞和重叠。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Microinsurance research: status quo and future research directions Investment in big data analytics and loss reserve accuracy: evidence from the U.S. property-liability insurance industry Actuarial premium calculation for beekeeping insurance in Turkiye Discretionary decisions in capital requirements under Solvency II Technology investment and insurer efficiency
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1