General Insurance Article - No one size fits all approach works for cyber resilience


Insurance Europe has published its response to a consultation by the European Commission on its proposal for a digital operational resilience framework for financial services.

 While welcoming efforts to increase resilience in the financial sector, Insurance Europe stressed that cyber risks faced by companies differ greatly from one industry to another. As such, a one-size-fits-all approach to the entire financial sector will not succeed.

 The Commission should engage in a fact-finding exercise to identify areas where the framework could add value, taking due account of the various needs of different financial services industries. This exercise should also take account of the many existing national initiatives that aim to enhance cyber and information security in financial services companies.

 Importantly, any measures to increase cyber resilience must be proportionate, not only to the type, size or financial profile of a company, but also to the risks it is exposed to and the systems and services that need to be protected and maintained. A risk-based approach to cyber resilience, distinguishing between critical and less critical functions, is therefore required.

 Finally, in order to avoid regulatory duplication and/or overload, care needs to be taken to ensure that the Commission’s work is carried out in close coordination with similar initiatives, such as EIOPA’s guidelines on outsourcing to cloud service providers and its draft guidelines on ICT security and governance.

Back to Index


Similar News to this Story

Cyber Insurance is next big product for commercial brokers
UK brokers believe that cyber insurance is the new or emerging commercial insurance product with the most growth potential. Significantly low cyber in
Davies names Richard Barke as CEO of Insurance Solutions
Davies, the leading specialist professional services and technology firm serving insurance and highly regulated markets, has announced the promotion o
Incident response planning is a key cybersecurity control
Despite being focused on post-breach activities, cyber incident response planning has emerged as a key cybersecurity control in reducing an organizati

Site Search

Exact   Any  

Latest Actuarial Jobs

Actuarial Login

Email
Password
 Jobseeker    Client
Reminder Logon

APA Sponsors

Actuarial Jobs & News Feeds

Jobs RSS News RSS

WikiActuary

Be the first to contribute to our definitive actuarial reference forum. Built by actuaries for actuaries.