If a company can’t be bothered to protect its IT, why should insurers pay out when the cybercrooks come calling?
Mario Greco, CEO of one of Europe’s largest insurers, Zurich, has warned in an article in the Financial Times that risks arising from cyberattacks on companies are increasingly uninsurable, and pose a far greater risk to the industry than natural catastrophes.
Greco’s warning makes a lot of sense. Natural catastrophes, in an era when the insistence of many on doing nothing to alleviate the climate emergency is making them more frequent and intense, have cost more than $100 billion for the second year in a row, but the real danger facing the industry comes from cyber-attacks that target particularly sensitive parts of infrastructure, what Greco considers nothing less than “attacks on civilization.”
Cyberattacks that shut down hospitals, against electrical distribution infrastructure that cause blackouts, against oil pipelines or against entire government departments, can result in damage that is impossible to cover. And the worst thing, moreover, is that we are talking about destruction that, in most cases is relatively simple to prevent, or at least to hinder. It is basically like trying to insure a monkey when you give him a loaded gun with the safety catch off: you know perfectly well that sooner or later he is going to cause…
