The most fundamental problem of our age is undoubtedly ensuring our digital security. Our mobile phones, computers and the internet, which are indispensable for each of us, both open the doors of the world to us and make us vulnerable to cyber attacks.
According to global research reports, cyber attacks and business interruptions came to the fore as the biggest risks worldwide, especially during the pandemic process. In 2019, the annual damage caused by cyber security attacks worldwide was 3 trillion dollars. By the end of 2022, when Covid-19 has still not lost its effect, the total cost of losses due to cyber attacks reached 6 trillion dollars annually.
It is predicted that this figure will reach 10.5 trillion dollars per year by 2025. Unfortunately, Turkey also had its share of this risk. Sharing the data obtained from the WatchGuard Threat Laboratory, IBS Insurance and Reinsurance Brokerage CEO Murat Çiftçi pointed out that there were 627 thousand 31 malware attacks in Turkey in 2021.
“More likely than fire”
According to Çiftçi, the risk of being subjected to a cyber attack is now even greater than the possibility of a fire in the workplace… For this reason, Murat Çiftçi, who explains that as IBS, they have moved away from the traditional cyber security insurance title and created coverage structures compatible with the target sector, lists the guarantees provided by this insurance as follows ; “We cover compensation claims that may be incurred directly by the insured or made by third parties as a result of a cyber incident.
We also include consultancy costs to investigate the incident in detail and protect the company’s reputation after the attack. Compensation claims and defense expenses that may be reflected on the insured as a result of defamation, copyright, title, slogan, trade name or trademark violation or violation of privacy rights as a result of a cyber incident on the insured’s website or social media accounts are also subject to the coverage. In addition, expenses such as the ransom requested from the insured and restoring the data and software lost after the cyber incident to a better state than before the incident may also be included in the scope.
“Work interruption as a result of partial or complete disabling of computer systems, compensation claims from third parties due to violation of the confidentiality of personal data and security information, and fines that may be reflected on the insured due to violation of the personal data protection law are also among the guarantees.”
“We are positioned as risk managers”
Aon Turkey Co-CEO Ferhan Özay says that in cyber risk insurance, insurance companies position themselves as a risk manager rather than a cash payer to compensate for the damage. Stating that cyber risk policies start to work with the introduction of emergency response coverage in the event of a cyber incident, Özay said, “IT forensic experts, directed by the insurance company, aim to determine the extent of the damage and in which direction it will evolve when intervening in the cyber incident.
The extent of data loss and the reality of ransom demands are measured and necessary practices for security are put into effect. Ransom payment is also considered within the scope depending on the policy limits. “There are also guarantees offered for loss of profit, recovery of lost data, compensation for damage, compensation claims from third parties, legal expenses and administrative fines, and even public relations activities aimed at compensating the reputation of the institution,” he said.