Insurer hopes to snare share of cyber risk market as exposures increase.

XL Catlin has launched a cyber and data protection insurance policy in Asia Pacific, claiming it provides “broad cyber coverage” for businesses.

As cyber risk continues to grab the attention of Asia-Pacific’s risk mangers, the insurer claimed there are increasing exposures being faced from a malicious network compromise and data breach.

The product covers business interruption arising from a network compromise, associated extortion demands and first party incident response costs such as notification of the compromise of the network, forensic investigations and public relations support.

 The policy also covers third-party liability costs that organisations face as a result of a data breach, including any regulatory investigation or contractual liability associated with the Payment Card Industry Data Security Standard.

Additionally, it offers coverage for liability associated with media exposures such as copyright infringement, trademark infringement, invasion of privacy and false advertising, in both offline and online content as well as social media.

“Our cyber and data protection insurance policy offers companies the broad cyber coverage they need,” said Timothy Powell, regional manager, international financial lines for XL Catlin’s insurance business in Asia-Pacific.

“As technology and digital connectivity evolve, companies are finding themselves exposed to new and more sophisticated cyber attacks.”

Powell said no company is fully secure, no matter how superior its cyber defence mechanisms are. “They must proactively embed cyber risk management in their strategies and operations to combat the unrelenting threat of cyber attacks,” he added.

David Guest, country manager for Singapore at XL Catlin said the rapidly changing legal environment in Asia-Pacific around cyber security is driving the need for organisations to look at their exposures to cyber-crimes and data compromises.

“Many countries across Asia, including China, Japan, Malaysia, South Korea and Taiwan have recently stepped up their approach, by introducing new laws or implementing more exacting standards for data and network protection,” said Guest.

Robin Johnson, country manager for Australia at XL Catlin, said: “Australia has just passed a new law in February this year requiring the mandatory notification of a data breach, and companies need to comply with this new Act within 12 months.

“While Singapore and Hong Kong have mature cyber and data protection regulatory frameworks in place, these two countries are also considering similar provisions in the near future. 

“With increasingly stringent regulations as well as the financial and reputational fall-out of a cyber incident, companies need to have a robust risk management strategy,” added Johnson.