A global cyber security risk could potentially cost the insurance industry multiples of what a nuclear loss would cost, says A.M. Best, in a report.
Recent research indicates that a “total realistic probable maximum loss” for a cyber security risk globally is now about $31 billion, says the Oldwick, New Jersey-based rating agency in its report.
While that is within the reinsurance capacity for a single-event risk of $100.8 billion, it is “well above” that of $4.6 billion for a nuclear loss, says the report, which is dated Nov. 24, but was widely distributed Monday.
“Effective risk management will require a holistic approach where a company's technology, people, and processes diligently work in concert to minimize cyber-security risk” says the report, “A.M. Best's View on Cyber-Security Issues and Insurance Companies.”
The report discusses Best's approach to evaluating cyber security. “A.M. Best expects insurers to provide detailed information on their specific cyber-security insurance policies and through the utilization of various techniques be able to aggregate such exposures and arrive at a potential loss estimate in the foreseeable future,” the report says.
WASHINGTON — Cyber security is “arguably the single most important issue” facing the insurance industry, according the chair of the National Association of Insurance Commissioners' Cybersecurity Task Force.