ENISA, the European Network and Information Security Agency, is currently calling on insurance providers to make cybersecurity a key policy. At the same time, security experts believe that the agency might struggle to have this idea regulated.
The report from ENISA reveals that both businesses and consumers will benefit from the better protection for their PCs and information in case the cyber insurance market is kick started. While cyber security is an important concern for EU and national policy makers, for some reason insurance providers across the region generally can’t comprehensively address digital risk in their policies. The reason might hide in a range of obstacles the industry faces, including a lack of actuarial information on the extent of the risk, along with the uncertainty about what kind of risk they should insure against.
When trying to address these problems, the outfit made 4 recommendations: for example, it points out that a collection of information in cyber insurance in the region, including the types of risk insured, premiums paid and levels of payouts to define future trends, will help to see which holes should be filled. Then, if one takes a look at how incentives could encourage the businesses to enhance their information security, this will also help reduce the risk and financial liability in the event of data protection regulations breach.
Finally, the outfit issued recommendations for an agreed framework in order to help companies put a measurable value on their data. ENISA explains that this work could be assisted by privacy and data security advisors, alongside with the underwriters and the European Commission. The outfit itself is also ready to provide further support.
This proposal is mostly regarded as a good idea, because there are indeed far too many loopholes right now. This means that when it comes to getting money back or reimbursing companies for this kind of loss, there will be a long time frame that sometimes leads to no money or support at all. Still, although the outfit has good intentions, the strategy wouldn’t be as straight forward as implementing the policy and demanding businesses to comply. At least, setting up such insurance policies is very complicated and costly.
The report from ENISA reveals that both businesses and consumers will benefit from the better protection for their PCs and information in case the cyber insurance market is kick started. While cyber security is an important concern for EU and national policy makers, for some reason insurance providers across the region generally can’t comprehensively address digital risk in their policies. The reason might hide in a range of obstacles the industry faces, including a lack of actuarial information on the extent of the risk, along with the uncertainty about what kind of risk they should insure against.
When trying to address these problems, the outfit made 4 recommendations: for example, it points out that a collection of information in cyber insurance in the region, including the types of risk insured, premiums paid and levels of payouts to define future trends, will help to see which holes should be filled. Then, if one takes a look at how incentives could encourage the businesses to enhance their information security, this will also help reduce the risk and financial liability in the event of data protection regulations breach.
Finally, the outfit issued recommendations for an agreed framework in order to help companies put a measurable value on their data. ENISA explains that this work could be assisted by privacy and data security advisors, alongside with the underwriters and the European Commission. The outfit itself is also ready to provide further support.
This proposal is mostly regarded as a good idea, because there are indeed far too many loopholes right now. This means that when it comes to getting money back or reimbursing companies for this kind of loss, there will be a long time frame that sometimes leads to no money or support at all. Still, although the outfit has good intentions, the strategy wouldn’t be as straight forward as implementing the policy and demanding businesses to comply. At least, setting up such insurance policies is very complicated and costly.
No comments:
Post a Comment