Wednesday, May 4, 2016

The cyber insurance services launches on Spain

The cyber-insurance sector is currently expanding worldwide and also on Spain, according a recent study calle "Cyber-insurance, the Spain cyberisk transference", made by the THIBER's Think Tank. According to INCIBE numbers, on Spain the product business volume is 500 million euros per year, with an 12% increase each year. By the moment it had been focused to big companies, but now  it started to be focused on SMEs.

The cyber-insurance market is adapting its offer to the particular realities and needs of small and medium-sized enterprises, ensures the study "Cyber-insurances, the Spain cyberisk transference". The sector's distinctive characteristics, which should be noticed by the insurer, would be: "a limited experience in the management of these risks, a growing exposure to cyberattacks and the need of following a regulatory framework increasingly strict in data protection matters".

The THIBER study begins with a prologue written by the OTAN ex general secretary, Javier Solana, who ensures: "Today we don't question if cybermenaces could impact on companies. The question we have to say is, simply, when it will happen and if the organization will count with the proper mechanisms to face it". It is interesting highlight that Solana was one of the first European politicians who admitted they have been "cyberspied".

Solana says the cyberisk coverage are "first order defense measures which, with the workers awareness and the corporate cybersecurity increase, will had a great effect on the Spanish market". And he finishes: "The current document, the first focused on the national market, will serve as an analysis tool for the insured and as a reference of the common new work measures to improve the corporate management and the general resilience against cybernetic incidents".

The study reviews the origins and the present panorama of the cyber-insurance in the World as well as in Spain, it explains what it is, how are the basic coverages and what doesn't cover a cyber-insurance, also to whom and what needs are focused. It offers also a case, as the multimillionaire data robbery to the north American company Target, to show how it was managed an insurance with a cyberisk coverage.

The chapter "Recommendations to make the contract" is particularly interesting for a company which wants to sign one of this insurances, with advices like "Identify correctly the needed reach of the coverage to contract a) Insured subjects b) Temporal scope c) Territorial scope or "Attention to definitions and exclusions".

Finally, the study proposes some actions of the public administration regarding to cyber-insurances, as would be " request as obligatory basic contraction principle for the Administration dispose of cyberisk insurance coverage with a scope of coverages relevant for the service given" and also creating a public company list "certified" by a cyber-insurance, as countries like United Kingdom or Australia  have made .


Post a Comment