The Association of British Insurers (ABI) has called for the creation of a national database of cyber incidents occurring at businesses, a world-first initiative that will make the UK the global leader in cyber insurance.
The ABI said the proposed database would record details of cyber attacks including business interruption losses, ransom demands, loss of confidential data and damage to IT systems.
“Cyber losses are the biggest threat to Britain’s world leading digital economy, and we need to capture more data to get on top of the problem,” said ABI Director General Huw Evans.
“We have 350 years of fire data and 100 years of motor and aviation data, but we have just a few years of cyber data. But cyber is the biggest insurable risk that the industry will have to meet, and it is critical to the economy,” he added.
According to the ABI, an anonymised central database of cyber incidents would help tackle the lack of data, enabling insurers to properly price cyber risks. A national database accessible to insurers would also be a world first, the organisation said.
“If it is not a requirement to report these losses, then insurers are not going to have the data they need to provide the right cover,” Evans said. “It would have to be mandated by Parliament, but it would need to be proportionate and manageable.”
The ABI said a national database of cyber incidents can also put the UK at the forefront of the US$20bn global market of cyber insurance.
Evans lamented that the lack of data is a “huge inhibitor” to the UK being at the heart of the cyber market.
“Nothing hinders the growth of an insurance market more than a lack of data. More data can help stimulate the cyber insurance market, giving greater choice to businesses in insuring against cyber losses,” he said.