Multinational insurer
AIG called on data-intensive businesses in the Philippines, such as banks and business outsourcing firms, to re-evaluate their cybersecurity systems as well as ensure they have adequate cyber insurance.
“As cyberattacks increase in frequency and severity, it’s not a matter of if a breach in the company’s operations will occur, but when,” said Mark Lwin, AIG Philippines Insurance and AIG Shared Services president and CEO, in a press statement.
“Cyber insurance is a risk transfer option which needs to be part of the overall risk management strategy for any company using digital platforms or handling large amounts of personal data,” he continued. “In reality, that means just about every country interacting with customers in the 21st century.”
AIG emphasised that Asia’s cyberspace is riskier and has more threats than the West’s, citing a security report from
Marsh & McLennan’s Asia Pacific Risk Centre.
The Philippines’ Insurance Commission recognised the threat and told the market’s general insurers to come up with products to meet the demand for cyber protection, AIG said.
The enactment of the Data Privacy Act in 2012 has made companies aware of their responsibilities when it comes to taking care of sensitive customer data.
In 2013, AIG launched its cyber insurance policy, CyberEdge, which covers regulatory, as well as bodily injury and property damage arising from cyberattacks.
“Before introducing CyberEdge to the Philippine market, our clients asked us to provide only a small coverage for their liability on the data that was in their custody and control,” Leilani Isidro, AIG Philippines head of liability and financial lines, told the Manila Times.
“Because there was no law which mandated companies to implement certain data protection standards, it was difficult for them to imagine that they could be held accountable if their data was misused or even stolen through a cyberattack.”
Related stories:
Yahoo cyberattack surpasses predictions
AIG sets aside US$2.5 billion for key market
Lagging market must catch up on cyber insurance, says regulator