Is data at risk as it moves between London Market participants?
The traditional model of a highly interconnected London insurance market is likely to remain intact, albeit in a more modernised and digitised format. Cyber threat will continue to pose one of our greatest challenges (and business opportunities).
As market participants move to address these areas, questions are starting to be raised about the data that is critical to your business once it is passed to your partners and third parties. It is an unusually collaborative and interconnected market with delegated authorities, brokers, carrier, re-insurers, central services, 3rd party service providers, etc. all potentially being part of the chain to provide a policy and handle a claim.
What if an insurer suffers a data breach, losing insured’s personal information that the insurer received from their broker partners? The broker will have some liability under the GDPR, as well as the reputational damage to deal with, despite perhaps having robust data protection, policies and processes in place within their organisation.
Best practice is to ensure your partners and 3rd parties have appropriate data protection measures in place. Engage with them (perhaps backed by a check-list questionnaire) to work through the current processes and protection measures in place, highlight any areas of risk or changes needed and put in place documented evidence of the measures that have been taken.
It is difficult/impossible to be perfect in this regard. Information has to be shared, open collaboration between market participants needs to continue and businesses will, of course, want to avoid data protection measures adversely hindering the competitive process of writing insurance in the market.
Also, as we know, cyber threat does not stand still – it is a fast-moving (often invisible) target. The documented checks and balances you put in place with your partners and 3rd parties can very quickly be rendered obsolete by advances in cyber threat. The issue is compounded for the London Market due to the multiple parties involved in the insurance process.
Northdoor can provide a constant, automated cyber risk assessment for your organisation, your partners and 3rd parties, so you can understand your end-to-end cyber risk exposure in real time. We can support the ongoing secure conduct of your business and management of cyber risk across the market.
Using powerful machine learning to map your company’s ecosystem, we can determine the 360° cyber risk rating score and posture of multiple degrees of relationships to your company. Clear, informative dashboards show executives the risk position in real time, helping them make informed and measurable business risk decisions.