Titled Closing the Cyber Risk Protection Gap, the report stresses the importance of innovative solutions to address the widening gap between cyber risks and insurance coverage, particularly for small and medium-sized businesses that are often uninsured or underinsured.
As cyber threats evolve rapidly, traditional insurance and risk management solutions struggle to keep pace. The whitepaper cites mass malware and cloud outages as examples of cyber incidents that are currently insurable to a limited extent, while events such as critical infrastructure failure remain largely uninsurable.
John Doyle, President & CEO of Marsh McLennan, commented: “The growing threat of cyber risks demands collective action to close the protection gap. The insurance industry and public sector must collaborate to better understand the spectrum of insurable and uninsurable cyber events. Together, we can develop innovative solutions and establish robust public-private partnerships to protect society and the economy from potentially catastrophic cyber events.”
Mario Greco, Group CEO of Zurich Insurance Group, added: “Cyberattacks pose a serious risk to societal and economic stability. While insurers can offer some protection, large-scale cyber events present substantial risks that the private sector cannot bear alone. Strong public-private partnerships are essential to enhancing cyber resilience and addressing the protection gap.”
The whitepaper calls for the establishment of a common framework for data sharing and collaboration between the insurance industry and the public sector. It suggests that robust incentives, alternative strategies to regulation, and methods for measuring and managing catastrophic cyber risk could help sustain the broader economy and enable the insurance market to provide more comprehensive protection against severe financial risks.