XL Catlin launches cyber insurance in Asia-Pacific

Bermuda-based insurer XL Catlin has unveiled a cyber and data protection insurance policy for Asia-Pacific.

The policy covers business interruption and associated extortion demands arising from a network compromise, as well as both the first-party incident response costs and third-party liability.

The first-party costs include notification, forensic investigation and public relations support, while the potential liability covered under the policy includes legal action from any clients regarding data breaches possible regulatory action.

It also offers coverage for liability associated with media exposures such as copyright infringement, trademark infringement, invasion of privacy and false advertising, in both offline and online content as well as social media.

The launch comes as cyber risk continues to be recognised as a growing concern and a top ten emerging exposure around the globe.

However, whereas the US still dominates the market in terms of cyber insurance adoption, there is still a relatively low level of adoption among Asia-Pacific businesses.

“We know there is a real need for this policy across Asia-Pacific because as technology and digital connectivity evolve, companies are finding themselves exposed to new and more sophisticated cyber attacks,” said Timothy Powell, regional manager, international financial lines for XL Catlin’s insurance business in Asia-Pacific.

“No company is fully secure, no matter how superior its cyber defence mechanisms are. They must proactively embed cyber risk management in their strategies and operations to combat the unrelenting threat of cyber attacks,” added Mr Powell.

A report by Juniper Research estimates that the global cost of data breaches will have quadrupled between 2015 and 2019, to $2.1trn. Plus there is a rapidly changing legal environment in Asia-Pacific, driving the need for companies to look more closely at their cyber exposures, said David Guest, country manager for Singapore, insurance.

“Many countries across Asia, including China, Japan, Malaysia, South Korea and Taiwan have recently stepped up their approach, by introducing new laws or implementing more exacting standards for data and network protection,” he said.

For example, Australia passed a new law in February this year requiring the mandatory notification of a data breach, and companies need to comply with this new Act within 12 months. Singapore and Hong Kong, two countries with relatively mature cyber and data protection regulatory frameworks in place, are considering similar provisions.

“With increasingly stringent regulations as well as the financial and reputational fall-out of a cyber incident, companies need to have a robust risk management strategy and the right insurance solution to protect themselves against cyber risks,” said Robin Johnson, XL Catlin’s country manager for Australia.

Back to top button