Whilst companies have become increasingly reliant on digital support from third parties, the potential perils of cyber supply chains receive much less attention than other major cyber threats.
This is amongst the conclusions drawn by authors of a whitepaper published by the International Underwriting Association and cyber risk analytics firm, CyberCube.
The two organisations are now urging underwriters to carefully review client business continuity plans to help mitigate the risks.
Thomas Clayton, chair of the IUA’s Cyber Underwriting Group and head of cyber at Zurich Insurance, said: “Most organisations rely on a complex array of external vendors, technologies and suppliers to achieve their business goals. But these relationships come with inherent risks.
“For insurers, there is an urgent need to pay close attention to single points of failure within digital supply chains. Often, theoretically independent supply chains of unrelated businesses can rely on a handful of leading, specialist providers. An outage at one of these providers could disrupt large swaths of industry.”
The whitepaper, Supply Chain Risk in the Cyber Insurance Market, includes a number of case studies highlighting the impacts on supply chains of various cyber attacks. Each case study lists a number of key lessons learned and discusses how losses can be modelled for the threat in question. It also addresses regulatory approaches to cyber modelling and answers points raised by the Prudential Regulatory Authority’s Insurance Stress Test exercise.
Jon Laux, CyberCube’s vice-president of analytics, commented: “While single points of failure cannot be eliminated from re/insurers’ portfolios, understanding their concentration is critical to managing risk accumulations and minimising cyber catastrophe loss potential.
“Those organisations and their brokers that can articulate clearly what their supply chain risk is and measures adopted to mitigate that risk will be in a better position to source cyber insurance cover at the levels required. Overall, any organisation that has a good understanding of their supply chain risk and how this risk may affect their business will improve their operational resilience and reduce threats to the continuity of trade.”
The IUA’s Cyber Underwriting Group was established in 2014 to provide a forum for underwriters offering specialist cyber risk coverage in the London company market. Click here to download the Supply Chain Risk in the Cyber Insurance Market whitepaper.
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE