A working group of insurance regulator IRDAI on Cyber Liability Insurance has highlighted the significance of the cover for individuals and recommended for creation of more awareness of such products, making policy wordings and claim process easier and permitting bundling of cyber cover with package policies.
In its report on Individual Cyber Insurance, the Working Group said cyber insurance policies currently available address requirements of individuals reasonably well. However, there are some areas in the product features and processes which need improvement. Figuring in the recommendations of the working group, whose members were drawn from among senior officials of public and private insurers, experts and IRDAI officials, was one advising insurers to not insist on police FIR (First Information Report) for claims upto ₹ 5,000. “FIR is a critical requirement to assess claims and hence can’t be fully dispensed with. However for small claims up to ₹ 5,000, insurers may build flexibility with regard to this requirement,” the report said.
Other recommendations include clarity in exclusion language relating to compliance with reasonable practices and precautions and need for coverage for bricking costs. Bricking refers to a loss of use or functionality of hardware as a result of a cyber event, the report said. Noting that cyber insurance covers cannot be static as the risks are not static, the working group, which submitted its report in two parts, said “it is necessary that as the market evolves in response to the emerging needs, the scope of the cyber policy needs to be enhanced.”
On standardisation of cyber insurance policy, the Working Group said though it seems to be a good idea, there were many challenges too. “Cyber insurance is a response mechanism to cyber risks. Cyber risks are dynamic and evolving. Standardisation may not be able to address all the emerging risks and is likely to limit innovation. Being a relatively new product, cyber insurance calls for flexibility for gaining traction.” Insurers, however, can build in certain minimum covers as a part of individual cyber insurance to facilitate better understanding in the market. A model policy wording, conceptualised by the Working Group, can be considered by the insurers as a reference point to provide minimum basic coverage.