Nos derniers articles

This study on the insurance sector’s digital transformation highlights a paradox: adopting technologies like cloud computing, AI, and IoT enhances efficiency but increases cybersecurity risks. A survey of 150 professionals and interviews with 15 executives show a strong correlation (r = .78, p < .01) between digital technology use and security incidents, with phishing (88%), cloud misconfigurations (45%), and IoT vulnerabilities (25%) prevalent. Traditional defenses score high (e.g., network perimeter: 4.1/5), but IoT and software supply chain security lag (2.4–2.7/5). Cyber insurance now uses dynamic risk assessments, with 90% of underwriters employing external security ratings and 75% applying surcharges for high-risk technologies.

The paper 𝙏𝙝𝙚 𝙍𝙚𝙜𝙪𝙡𝙖𝙩𝙞𝙤𝙣 𝙤𝙛 𝘿𝙖𝙩𝙖 𝙋𝙧𝙞𝙫𝙖𝙘𝙮 𝙖𝙣𝙙 𝘾𝙮𝙗𝙚𝙧𝙨𝙚𝙘𝙪𝙧𝙞𝙩𝙮 by Jasmin Gider (Tilburg University - Tilburg University School of Economics and Management), Luc Renneboog (Tilburg University - Department of Finance), and Tal Strauss (European Central Bank ECB) compares and contrasts the regulatory landscapes of data privacy and cybersecurity in the EU and the US. It outlines the fragmented nature of US regulations, often relying on state-specific laws and sectoral approaches, in contrast to the EU's more unified framework like 𝗚𝗗𝗣𝗥 and 𝗡𝗜𝗦 Directives. The text details the increasing costs and frequency of cyber incidents, emphasizing the insufficient mandatory disclosure requirements in both regions. Furthermore, it identifies gaps in current legislation and ongoing efforts, such as the 𝗘𝗨'𝘀 𝗖𝘆𝗯𝗲𝗿 𝗥𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲 𝗔𝗰𝘁 and the US.'s 𝗖𝗜𝗥𝗖𝗜𝗔, to enhance 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗿𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲 and address underinvestment in 𝗰𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆.

Despite tech advances, human errors fuel cybersecurity breaches, with 2023 data breach costs averaging $9.48 million. Ineffective education and policies fail to curb threats. This paper, citing executive interviews and research, urges balanced communication to warn users and boost their cybersecurity confidence without causing excessive fear.

Amid growing cyber threats, research on cyber insurance risk has been limited by data constraints. This paper addresses this gap by utilizing overlooked public data from U.S. state Attorneys General, offering insights into the actual scope of cyber insurance risk. The data, derived from mandatory data breach reporting, provides valuable information for pricing, reserving, underwriting, and experience monitoring in the cyber insurance industry.