The above overview necessitates the govt to roll out

extensive cyber security policy and dispute resolution mechanism

for such crimes. so as to satisfy the present needs, wherein the

interest of the buyer and therefore the banks got to be protected this

can be through a responsive corporate governance in cyber

security issues, a penetration test whereby bank must make

an assessment of its vulnerability and impact assessment just in case

of breach. The institutional policy must draw a policy for a

minimum of three years ahead and must have inclusive methods

whereby the buyer is additionally conscious of the risks.

Meanwhile, a brief term need based strategy must be evolved

as the above advised can see the sunshine only after few years after a

lot of trial and error. One such strategy whereby the liability of

banks might be shielded from such ever increasing sophisticated

cyber-attacks may be a holistic approach to cyber risk management by

developing cyber policy for banking businesses,

wherein the danger is periodically assessed and a personalized/

custom made insurance is bought by the bank counting on its

risk profile whereby first-party loss like business interruption,

restoration of the devices and crisis communication costs

and third-party loss, including protect data breaches, network

interruption and notification expenses are met. Since the hosts of

cyber-attacks are often unknown it becomes difficult to determine

liability and lots of a times the host is beyond our geographical

borders by which extraterritorial law is applied and further delays

the damage resolution. If Indian banks adopt this, it's going to help

their businesses and therefore the economy to develop a robust risk

management culture and Cyber maturity. This brings another

question; whether any devices exist already within the system that

protects banks from such liability and if not then what the rationale

behind the organizations’ inability to simply accept this novel precaution

is.

Nuances of cyber security insurance and its need

Cyber security issues have a multiplying future, so when it’s

known, we must not only acknowledge the matter but decide to

react proactively before being victimized and therefore the lone one stop

Published in Articles section of www.manupatra.com

Bharati Law Review, April – June, 2017 17

solution to satiate the matter within the current set of facts is cyber

security insurance . before banks buying such products,

there is need that the cyber insurance In India market develops policies to

meet the stress of Indian financial institutions. this may cause

cyber hygiene. Currently, a couple of general insurance

companies offer cyber security insurance in India (HDFC Ergo,

Tata AIG and ICICI Lombard) and their yearly premium amount is

too high. Eventually this keeps mid and little segment

institutions away, creating a fragile cyber ecosystem. This is

where regulators got to intervene and possibly create a public

private partnership and develop cyber insurance products that are

overreaching. additionally to the present , the changing market

requirements and pace at which market operations are expanding,

keeping up with them, meeting regulation targets and policy

target of the depository financial institution and therefore the Federal Reserve Bank of India are

all challenges which inhibit a depository financial institution from developing a

cyber security strategy. Banks do their bit by making

significant investments within the state-of-the-art security

technologies including high grade encryption, multi-factor

authentication (including voice biometrics), secure coding

platforms, data leakage prevention systems and digital rights

management solution so as to safeguard the customer data7

but still this falls short because it involves quite only one

bank. The market is interconnected and interdependent which

requires an organized and feasible response to the present global

challenge. Banks got to be motivated to adopt such policies as

part of their system. Not mere extrinsic pressure of the regulator

to adopt them out of compulsion but that require to be made aware

of the result or what's at stake when a cyber security breach

occurs and therefore the customers data becomes vulnerable and

company’s model goes on the general public platform like financial

and reputational risk, privacy breach, loss of business, costs of

such privacy breach on financial interest, loss of client confidence,

costs to wash up the system, damage to the brand and

reputation.

Cyber security insurance being a tool to transfer liability

and risk must be such it must not only cover the insured

liability but even the third party rights. As on today generally

these policies give the subsequent coverage:


7 DNA. (2017). what’s cyber insurance and why you'll need it | Latest

News & Updates at Daily News & Analysis. [online] Available at

http://www.dnaindia.com/money/report-what-s-cyber-liablity-insurance-andwhy-you-may-need-it-2136556 [Accessed 24 Jan. 2017].

Published in Articles section of www.manupatra.com

Bharati Law Review, April – June, 2017 18

Data breach/privacy crisis management cover. For

example, expenses associated with the management of an

incident, the investigation, the remediation, data subject

notification, call management, credit checking for data

subjects, legal costs, court attendance and regulatory

fines.

Multimedia/media liability cover. Third-party damages

covered can include specific defacement of website and

intellectual property rights infringement.

Extortion liability cover. Typically, losses thanks to a threat of

extortion, professional fees associated with handling the

extortion.

Network security liability. Third-party damages as a result

of denial of access, costs associated with data on third-party

suppliers and costs associated with the theft of knowledge on thirdparty systems.

These areas aren't absolute but ever evolving. This must be

highlighted and banks should be made aware that their

traditional insurance (e.g., commercial general liability and D&O)

likely will fail to hide the quantum of liability that a cyber breach

possesses to get . Some coverage could also be found during a bank's

financial institution bond or D&O (Directors & Officers Liability)

policies but these are insufficient.

Mere purchase of such a policy isn't an end in itself. Banking

companies got to first develop a cyber security preparedness

assessment and a checklist on what's the corporate cyber

profile and therefore the quite risks, losses and therefore the limits of an equivalent and

extent of banking operations must assessed and make sure that

they are going for a policy which meets the necessity of the corporate

as the ultimate aim to scale back the banks liability just in case of breach

with lesser damage to name .8

Along with this, techno-legal compliance requirements customized

for India got to be developed by the regulator (RBI) and therefore the list of

potential cyber risks followed by a techno legal vetting keeping the

regulators requirement, company cyber profile and economic

feasibility before signing the policy. An improper cyber insurance

policy that doesn't cover the cyber risks entirely and leaves scope

for ambiguity and legal complications while claiming the insured

Comments

Post a Comment

Popular posts from this blog

Get The Best Cyber Insurance In India

  Retail Cyber Insurance In India , as the name says is an insurance policy that has been designed to ensure financial safety of individuals from digital frauds carries out through phishing, malware or sim-jacking. Annual premium varies depending on the protection cover you are taking. Premium is not subject to the age of policy holder as it is in the case of life or health insurance. Some plans not only cover monetary losses but also provide cover against legal defence cost. They also cover third party loss as cyber data breach of an individual may lead to monetary loss of others too.
Read more

CYBER LIABILITY INSURANCE

  The frequency of cyber-attacks on financial institutions across the world has drastically increased. There are varied reasons for his or her increase and despite an equivalent we haven’t been keen of the problems that this might cause . Cyber security breaches have been a weapon of state warfare, terrorism, hacktivism and other kinds of criminal breaches which we are unaware of. the straightforward and affordable access to technology has led to extend in both perpetrators and therefore the prey, increase in width of those attacks easiest, being the financial institutions. to intensify this further we have an enormous parallel black market to assuage which is relieved by huge demand of the large data of which the financial institutions are one stop repository. This brings us to crux of the aim of this paper which begins with an issue . is that the Indian financial services industry’s making enough efforts to stop cyber-crime, protect consumers and therefore the organization from s...
Read more

Can My Clients Count on CGL Insurance for Cyber Exposures?

  In general, Commercial General Liability (CGL) insurance may be a must-have for any business. CGL offers protection from loss thanks to injuries or property damage that occur on the premises. However, while CGL is taken into account comprehensive business insurance, it doesn't cover all kinds of risk. Despite the upsurge in incidents in recent years, CGL policies don't typically cover cyber exposures. Because of this coverage gap for cyber incidents, businesses must acquire cyber liability coverage as a separate policy. Still, there's excellent news . Cyber policies are relatively inexpensive to take care of , yet they supply enough protection to save lots of your clients thousands, or maybe many dollars within the event of an event . Read on to find out exactly how CGL insurance works and why your clients should prioritize getting a further cyber policy. What Damages are Covered by a CGL Policy? Commercial general insurance protects your clients’ business from loss thank...
Read more