BMA wants insurers to boost cyberdefences
All Bermudian-based insurance companies could soon be required to report cyber events that affect their operations to the Bermuda Monetary Authority.
The potential vulnerability of insurance companies to such attacks has been investigated by the regulator.
The BMA has identified areas of concern in its Bermuda Insurance Sector Operational Cyber Risk Management 2019 report, and said operational cyber-risk is a “critical risk” and that it expects directors of insurance companies to ensure “prudent policies, procedures and controls are in place” with regards to cyber-risk.
The regulator said a growing number of Bermudian-registered insurance companies have improved their resilience to cyber attacks. However, it has identified areas that need further improvement, including board-approved operational cyber-risk strategy and policy, and “tabletop testing” of security incident response plans.
The BMA said 77 per cent of commercial insurers have operational cyber-risk insurance in place, however, a “lower than expected” 68 per cent reported having the best practice “three lines of defence” model in place — the lines of defence being operational control owner, risk function, and audit.
In addition, the BMA found that only 66 per cent of commercial insurers reported having data loss prevention controls in place. It said: “This is a lower percentage than expected; incidents resulting in data breach often lead to both financial loss and reputational damage.”
The regulator is currently consulting for the introduction of an Operational Cyber Risk Management Code of Conduct to be applied to all insurance entities. It will set out the BMA’s expectations for companies to demonstrate prudent cyber-risk management process and technical controls.
The code is expected to come into effect in January 2021, with enforcement starting six months later.
The BMA said it is also looking to introduce a cyber-reporting event requirement for all insurance companies as part of its legislative agenda for this year.
Positive Covid-19 tests up to 27
Arrests made after restaurant burglary
Woman cyclist injured in crash
Social-distancing impacts wedding industry
Seniors reflect on Covid-19 pandemic
Get in tune with your whole body
Burt to residents: do your part
A mother’s concern over enforced separation
Wake up and pay attention!
Caines: curfew will keep us safe
Bermudians abroad managing the new normal
Limit on imported medical cannabis increased
Take Our Poll