The chief executive of one of Europe’s largest insurance companies has warned that cyber attacks, rather than natural disasters, will become “uninsurable” as the hacks continue.
Insurance regulators have become increasingly vocal in recent years about natural disasters, such as disease and climate change, for example. have the ability of the group to issue the insurance. For the second year in a row, natural disaster-related costs are expected to exceed $100bn.
But Mario Greco, CEO of Zurich insurance, told the Financial Times that cyber is the risk to watch.
“What is going to be uninsurable is going to be cyber,” he said. “But what if one important part of our infrastructure is controlled, the implications of that?”
Recent attacks have disrupted hospitals, close the pipe and the relevant government departments have all fed concerns about this increased risk among business entities.
Focusing on the risk of individuals missing the big picture, Greco added: “First, there must be an idea that is not just information . . . this is about the government. These people can really disrupt our lives.”
Many of the losses on the Internet in recent years have been caused by this interventional procedures by the group’s investors to limit their exposure. In addition to the increase in prices, some insurers have responded by adjusting policies to keep the losses high.
There are exceptions written into the policy for certain types of attacks. In 2019, Zurich initially rejected a $100 million payment from food company Mondelez, arising out of the NotPetya attack, on the basis that the policy does not include “critical activity”. Later both sides were settled.
In September, Lloyd’s of London protected a move to limit the risk of cyber attacks by requiring insurance policies written in the market to have an exception for state attacks.
At the time, a senior Lloyd’s official said the move was “reasonable” and better than waiting until “after everything went wrong.” But the difficulty of identifying those behind the attacks and their networks makes such exemptions mandatory, and cyber experts have warned that rising costs and more exemptions will can stop people buying any security.
Greco said there is a limit to how much the private sector can use, in terms of justifying all the losses that come from cyber attacks. He called on governments to “set up private-public plans to deal with immeasurable cyber risks, similar to what some authorities have for earthquakes or terrorist attacks”.
In September, the U.S. government called for comments on whether the federal government’s online insurance response system, which could be part of, or outside of, its insurance program. of the independent government for terrorism.
A report from the US Government Accountability Office in June revealed the possibility of unexpected cyber attacks on other network companies. It said examples like the Colonial Pipeline hack, which caused temporary gasoline shortages in the southeastern US, showed “the potential for a single cyber attack to blow up serious developments and dangerous incidents”.
Greco also praised the US government’s efforts to stop paying the price. “If you stop paying the prices, there will be fewer attacks.”