The ICO is looking again for a cyber risk insurer after a first failed attempt and with the same budget

And he has done it with the same conditions as on the first occasion. The budget kept by the ICO to finance the coverage of this service for next year is 99.800 euros, the same amount that you put as a limit in the previous attempt. The ICO expects the offers to reach it throughout this week.

With this type of insurance, the ICO seeks to protect itself against potential losses caused by cyberattacks, cybersecurity breaches or identity theft, either due to activity interruption, possible fines or hypothetical customer claims for privacy violations, among others.

José Carlos García de Quevedo, president of the ICO, and Arturo Criado, editor-in-chief of Invertia.

José Carlos García de Quevedo, president of the ICO, and Arturo Criado, editor-in-chief of Invertia.

He hopes, thus, to have better luck than last July, when he had to declare the contest void on his first attempt. After three years in which the insurer AIG Europe had been offering this service (in the last two, even, being the only company that submitted an offer), this time he did not receive an offer, not even from this company.

Industry sources reason that the contest was deserted because cyber risks are relatively new and have a high accident rate which, in fact, is on the rise. This issue requires a very important technical development.

High accident rate

“The accident rate is beginning to be seen and is high,” explain these sources to EL ESPAÑOL-Invertia, so the technical areas of insurance companies are finding it difficult to design a product that is profitable for them. Some directly only offer this type of insurance to small businesses.

However, the need for the financial sector to protect itself against cyber risks is increasing. This has been made clear on several occasions by the supervisors and, precisely, the Basel Committee.

“Cyber ​​threats and incidents such as attacks by ransomware have emerged as a growing concern for the banking sector in recent years, posing risks to the safety and soundness of individual banks and the stability of the financial sector, “the Committee stated, adding that these concerns “have intensified” after the arrival of Covid-19.

In fact, according to the Global Risk Report of the Global Economic Forum, cyberattacks currently represent the seventh most likely risk and the eighth with the most impact. “Operational technologies are at increasing risk because cyberattacks could cause more traditional, kinetic impacts as technology spreads to the physical world,” the report added.

Criteria of acceptance

The contract now republished by the ICO contemplates that the minimum compensation limit to which the insurer must commit per claim is five million euros, although another may be established sublimate for losses arising from an event of ransomware, according to the specifications of the contract.

The possibility of increasing the limit, as well as offering the aforementioned sublimate They give points to be the chosen insurer, although the most important criterion to win the contest is the economic offer (40 points).

As part of the sector, concern about cybersecurity also hangs over the ICO, which has become a key player in managing the pandemic crisis. He has been in charge of managing, together with the bank, 140 billion in State guarantees made available by the Government so that credit flows to the companies hardest hit by the sanitary restrictions that were put in place after the arrival of Covid-19.

Leave a Comment