View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 20, 2023

Pool Re terrorism reinsurance scheme could be extended to cover cyberattacks

The fund which can be used to bail out insurers faced with big terrorism-related bills could be extended.

By Claudia Glover

State-sponsored and war-related cyberattacks could be included in the UK’s terrorism reinsurance scheme to guarantee victims receive payments. Such incidents are often not covered by standard cyber insurance policies, leaving victims out out pocket.

The Treasury is being lobbied to provide support to insurance companies covering cyberattacks (pic: William Barton/Shutterstock)

Insurance industry leaders have reportedly kicked off talks with the Treasury to discuss whether government-backed terrorism emergency fund Pool Re might be tweaked to cover these two types of cyberattack. The Treasury has yet to take a position on the matter, according to the FT, which first reported the talks.

Pool Re, or Pool Reinsurance was founded in 1993 by the UK insurance industry in cooperation with the government, in the wake of the IRA bombing of the Baltic Exchange in 1992. Its members comprise most insurers in the UK. Membership provides a guarantee that the insurance policy for an act of terrorism can be covered regardless of how high the policy may be, thanks to the government’s backing.

Pool Re could cover state-sponsored cyber crime

The insurance industry is struggling to adapt to the growing threat posed to businesses by cybercrime. A rapid increase in the number of incidents has led to growing demand for cyber insurance, but many insurers are not keen to provide policies that could leave them facing a hefty bill.

As such, premiums are on the rise. Research from security company Panaseer shows that 82% of insurers believe that prices will continue to rise for the next two years. “Increasingly sophisticated threat actors and costly ransomware attacks are having the biggest impact on rising premiums,” the report says.

Industry body the Lloyd’s Market Association (LMA) sought to mitigate part of this risk through the drafting of four clauses designed to protect insurance companies from excessive liability. When implemented they exclude coverage of any damage caused by “war or a cyber operation that is carried out in the course of war,” including “retaliatory cyber operations between any specified states,” reads one of the clauses. It goes on to list the countries China, Japan, Russia, France, Germany, America and the UK.

As the cost of breaches mounts, companies are questioning why they aren’t entitled to compensation, but without some sort of government backing from Pool Re or another, the cyber insurance market will not have the means to cover the cost. “They don’t have enough money for everyone. The amount of money necessary to cover the potential clients is too great,” said Andrea Rebora, cybersecurity associate at PwC and a PhD candidate at Kings College London, told Tech Monitor last year. “It’s an absurd amount of money.”

Content from our partners
Sherif Tawfik: The Middle East and Africa are ready to lead on the climate
What to look for in a modern ERP system
How tech leaders can keep energy costs down and meet efficiency goals

If there is a large scale cyber event that effects numerous companies, it may therefore be up to the government to foot the bill, argued Lori Bailey, chief insurance officer at Corvus Insurance:“If there is some sort of large-scale cyber event, could the private sector and the insurance industry withstand that? Ultimately I think it would take something from the public sector in order to manage any kind of large-scale catastrophe,” she said.

Read more: Data and digital transformation budgets hit by cost of cyberattacks

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU