A R T I C L E S                                                                                                                                      77






















          Protecting Against Cyber


          Risks, Reducing Cyber


          Impacts, and Addressing


          the Cyber Protection Gap



       Cyber risks are growing in frequency, severity and variety, and insurers  The Global Federation of Insurance Associations (GFIA) explored the
       and governments are thinking about how to address related protection  implications of the cyber protection gap in its 2023 report Global Protection   M. Robert Neill
       gaps.  The  increasing  presence  of  technology  and  exponential  use  of  Gaps and Recommendations for Filling Them.  GFIA defines the cyber   Vice-président, Chargé des
       data in almost all aspects of life is a global phenomenon. While advances  protection gap as the difference between the total economic exposure of   Affaires Internationales, et
       in technology create many opportunities they also significantly increase  first-order losses from cyber-attacks (e.g., damaged industrial facilities,   Conseiller Juridique
       exposure to cyber risks.                                          bodily  injury,  software  replacement  and  ransom  payments)  and  the   American Property and
                                                                                                                                              Casualty Insurance
                                                                         losses currently covered (approximated with the global premium volume
                                                                                                                                              Association (APCIA)
       The number, severity and types of cyber-attacks have grown globally.  for cyber insurance). Second-order losses that are frequently observed,
       Insurers and other private and public stakeholders are working to address  indirect consequence of cyber-attacks (e.g., reputational damage) are
       the  increasing  need  for  cybersecurity  and  related  financial  protection.  difficult to quantify and are not included to ensure comparability with the
       However,  the  market  is  still  relatively  nascent,  especially  in  terms  of  other protection gaps. The United States is the largest cyber insurance
       the  evolving  regulatory  environment  and  the  developing  awareness  market, accounting for roughly 70% of global cyber gross written premium
       of cybersecurity and prevention measures and in terms of the rapidly  (GWP).
       evolving nature of both the technological landscape and the nature of
       the threats, for example the emergence of ransomware attacks in recent  Although  increased  loss  ratios  in  recent  years  have  made  insurers
       years.                                                            reconsider their cyber underwriting policies and risk appetite, the supply