Canadian Underwriter

Engineering insurers’ working group calls for ‘greater risk dialogue’ on cyber threats

October 4, 2016   by Canadian Underwriter

Print this page Share

Cyber insurance coverage “should not replace” information technology security measures, and cyber risk can have an effect across engineering projects, the International Association of Engineering Insurers (IMIA) warned Tuesday.

Cyber security concept with lock“The perception that cyber events do not cause physical damage is being challenged,” stated Alexander Schmidl, the chair of an IMIA working group, in a release. “Such damage from cyber risks is a reality and is an issue for all lines of engineering insurance.”

IMIA is holding its conference in Doha, Qatar. The conference – which finishes Oct. 5 – is sponsored by Qatar Central Bank and hosted by Qatar General Insurance and Reinsurance Company (QGIRCO).

In addition to cyber and war and terrorism risks, delegates to the conference “will be discussing cost overrun and project financing, natural catastrophe modelling and the latest developments in boiler technology,” IMIA stated.

“The insurance industry is making important strides with insurers and brokers offering targeted cyber risk consulting and tailored solutions,” stated Schmidl. “But there needs to be greater risk dialogue and analysis of the threat as part of the risk management process. Keeping risk management at a strategic level is key as a cyber insurance solution should not replace solid IT security standards.”

The IMIA specialist working group reported to IMIA members at the conference. The working group was established “to identify the challenges from cyber risks and how they apply to engineering insurance lines.”

The conference “provides a forum for sharing current knowledge and best practice affecting the sector developed by the Association’s expert working groups,” IMIA noted.

The IMIA working group “highlighted the challenges inherent in the pricing of engineering insurance in relation to cyber threats,” IMIA reported.

“Traditional engineering lines pricing is usually retrospectively derived from loss and exposure data covering areas such as loss frequency, exposure data and the severity and distribution of losses,” Schmidl stated. “To create an effective cyber pricing model for engineering lines will required increased focus on collating cyber loss data in all these areas.”