Fortifying the Digital Future: The Imperative of Cyber Insurance in India’s Corporate Landscape

By Najm Bilgrami

In the expansive digital landscape of India, where virtually every corporation utilizes technology in some capacity, there exists a looming threat that often goes unnoticed, which is cyber risk. The intricate web of cyber vulnerabilities puts corporations at risk, and it’s imperative that we shed light on the importance of cyber insurance in safeguarding the digital future.

At the grassroots level, there exists low awareness of cyber threats among individuals and corporations. Many are unaware of the potential dangers posed by end-of-life technologies, pirated software, missing patches, open ports, and other security risks. These vulnerabilities act as open invitations to malicious actors, paving the way for cyber breaches that can significantly impact corporations.

Compounding the issue is the emergence of  numerous stringent privacy laws globally. India also introduced the Digital Personal Data Protection Act 2023, the country’s first-ever privacy Act aimed at safeguarding the personal data of citizens. It aims to protect individual privacy rights and promote responsible data management practices. The act introduces provisions to regulate the processing of digital personal data and respect individuals’ right to protect their data while recognising the necessity of processing and using such data for lawful purposes and any non-compliance can lead to huge penalties. This Act has provisions around consent of personal data, accuracy of data, storage time limitation, accountability, and other salient features. These regulations necessitate the implementation of robust cybersecurity measures.

In the realm of cybercrime, we are witnessing a paradigm shift. Along with rudimentary attacks, we’re seeing sophisticated adversaries wielding double and triple extortion tactics. The rise of ransomware-as-a-service groups has elevated cyber risk to unprecedented heights, making it the foremost exposure for organizations today. Recently, one of the market leaders in India’s audio product industry suffered a massive data breach with around 2 Gigabytes of Personally Identifiable Information (PII) readily being sold on the dark web forums for as little as 2 Euros. In the breach, personal information of more than 7.5 million customers was compromised as per the information disclosed in the public domain.

As FBI Director Mr. Robert S. Mueller aptly remarked, “There are only two types of companies: those that have been hacked and those that will be hacked.” Even the most fortified organizations are not immune to cyber-attacks.

In light of these realities, it’s essential that organizations fortify their defences with cyber insurance—time has come when both internal preparedness for cyber measures is to be strengthened, and at the same point in time, insurance is necessary for any unforeseen situations. There are mature insurers in the cyber insurance market, where the insurers not only provide indemnity in the event of a breach but also includes diverse pre and post-insurance placement services, which include various services such as cyber assessment calls to analyse the risk posture, working with the client to identify the measures where improvements can be made, employee trainings for cyber vulnerabilities, and various other risk minimization services. They also keep monitoring your risk on different platforms throughout so that vulnerabilities are identified beforehand and mitigated at the right time. Furthermore, in the event of any attack, they can help you with their tie-ups and expertise to recover from the situation.

At Tata AIG, we pride ourselves on our proactive approach to mitigating cyber risks. We work hand-in-hand with our insured clients, offering comprehensive coverage tailored to their unique needs. Our commitment extends beyond mere indemnification; we stand shoulder-to-shoulder with our clients, providing unwavering support in their darkest hour.

The digital age has ushered in unprecedented opportunities, but with it comes a new frontier of risks. To safeguard our digital future, we must collectively recognize the critical importance of cyber insurance. It’s not just a financial safeguard; it’s a strategic imperative in our ongoing battle against cyber adversaries.

(This article is Authored by Najm Bilgrami, Senior Vice President – Financial Lines, TATA AIG General Insurance Company, and the views expressed in this article are his own)