Follow Us

Follow us on Twitter  Follow us on LinkedIn
 

19 February 2018

Commercial Risk Europe: Losses and GDPR drive demand for cyber cover in France


Demand for cyber insurance is growing in France, boosted by large cyberattacks and changing regulation. But French corporate insurance buyers continue to have concerns around ‘silent cyber’ and claims.

The ransomware and virus attacks of WannaCry and NotPetya saw a number of large claims against insurers in France, according to Lucien Mounier, a cyber underwriter in Lloyd’s insurer Beazley’s Paris office. In fact, last year’s attacks contributed towards a trend of increasing cyber insurance claims in France, especially first-party and business interruption losses, he says.

Ransomware attacks were not the only source of claims. Extortion-related DDoS and data theft also caused notable losses, according to Mr Mounier. Worldwide, ransomware claims have quadrupled in recent years, while social engineering claims for professional services firms are up nine-fold, according to Beazley’s global statistics.

To date, the majority of cyber insurance claims in France are for business interruption, ransomware and first-party costs, according to Mr Pierro, senior underwriter for financial lines in France at XL Catlin. Unlike the US, where data breaches have dominated the market, privacy claims have not been a feature of cyber claims in the country.

France has lacked the notification requirements in the US, but this will change when the EU General Data Protection Regulation (GDPR) is implemented in May, says Mr Pierro. For now, French companies are typically more concerned about cyber business interruption losses, explains Mr Bayon de la Tour, Paris-based cyber development leader in continental Europe for Marsh.

“When discussing cyber and IT risks with clients, they are most concerned [about] business interruption. And they are right. Business interruption is the main issue and this is evidenced by claims. However, this may change with the GDPR. We are likely to see more data breach notifications, which will be more costly under the new requirements,” he says.

Demand for cyber insurance in France has increased markedly ahead of the GDPR and following the series of large cyberattacks in 2017, according to Laure Zicry, head of cyber for western Europe at Gras Savoye Willis Towers Watson.

“The GDPR is driving more interest as companies look to cyber insurance to mitigate the risks and cover legal and notification requirements of the GDPR. We have won a number of large tenders in recent months for companies that want to have cover in place for the May implementation deadline,” says Ms Zicry.

The GDPR is lifting cyber insurance penetration rates among large companies in France, according to Ms Zicry. Willis has been placing cyber insurance for a number of large French firms. Ms Zicry believes the cyber insurance penetration rate for CAC 40 companies has increase from 40% at the start of 2017.

Large losses, like the WannaCry and NotPetya attacks in 2017, have also helped demonstrate the value of cyber insurance, according to Ms Zicry.

Full article on Commercial Risk (subscription required)



© Commercial Risk Europe


< Next Previous >
Key
 Hover over the blue highlighted text to view the acronym meaning
Hover over these icons for more information



Add new comment