The Insurance Regulatory and Development Authority of India’s (IRDAI) plan to standardize cyberinsurance product is expected to give impetus to its growth in the country, according to GlobalData, a leading data and analytics company.
There has been a significant rise in cyber attacks and data security incidents since the outbreak of the COVID-19 pandemic. The IRDAI has passed an order on 19th October 2020 to constitute a working group to evaluate critical issues involving the legal aspects of cyber insurance. This group will examine incidents involving cyber security and possible insurance coverage for cyber attacks. It will also study the feasibility of developing a standard cyber insurance policy.
Epsa Kaithwar, Insurance Analyst at GlobalData, comments: “With growing number of businesses increasing their dependence on technology and working remotely due to the pandemic, several organizations have become highly vulnerable to cyber attacks. This has led to an increase in the demand for cyber insurance policies.”
According to the Indian Computer Emergency Response Team (CERT-In), the number of cyber attack incidents in India increased from 50,362 in 2016 to 394,499 in 2019. It is expected to increase by more than 100% in 2020, with 696,938 cyber security incidents already reported as of August 2020.
The demand for cyber insurance policies is gaining traction in India. In July 2020, HDFC Bank Ltd. and State Bank of India disclosed having a US$100m cyber risk cover.
At present, there are no cyber insurance specific product regulations and there is no standard cyber insurance policy in India. Cyber cover is typically offered as a highly customized policy; as general liability policies do not cover cyber risks.
Ms Kaithwar concludes: “The tedious purchasing and claim settling process has led to low sales of cyber insurance policies in India. Introduction of structured policy and regulation is expected to simplify product offerings, which will support cyber insurers growth over the coming years.”
IE Comment; It is good news that IRDAI has a working group looking at the problem. India is a country rapidly moving from a traditional agency selling of insurance to a tech based, essentially online service. They are mistaken if they believe that a standard set of cyber insurance policy T&Cs can be written. It’s the nature of the threat that it constantly changes and evolves as hackers find new ways, new devices and events like pandemics to exploit.
With tensions rising between India and China, IRDAI would do well to work with the world’s leading cyber insurance and insurtech specialists on creating an incubator system to spot threats, test products and pool knowledge. The next major conflict of the 2020s may be won or lost before any shots are fired.