Your SlideShare is downloading. ×
Potential use of NIS Platform Guidance for cyber-insurance purposes
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Potential use of NIS Platform Guidance for cyber-insurance purposes


Published on

Launched in February 2013 by the Cybersecurity Strategy of the European Union, the public-private platform on NIS (Network & Information Security) held its first meeting in June 2013 and is looking to …

Launched in February 2013 by the Cybersecurity Strategy of the European Union, the public-private platform on NIS (Network & Information Security) held its first meeting in June 2013 and is looking to develop secure and effective ICT (Information & Communication Technology) risk management practices.
The final result is a Guidance that was presented at the 3rd NIS Platform Plenary meeting of 30 April 2014 in Brussels and FERMA has been asked to give an 'outsiders' view on the NIS Platform guidance and whether it could be of use when assessing the maturity of organisations for cyber-security insurance coverage purposes.

Among others, this presentation tries to answer the following questions:

- How to assess the maturity of an organisation in terms of risk management and preparedness (gap analysis) .
-Are there any incentives that could lead to lower risk premiums for organisations that adhere to the best practices?
- What kinds of risks are currently covered by cybersecurity insurance policies, first party, third party, personal data loss, business data loss, losses due to interruption of business?

Published in: Business, Economy & Finance

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide
  • Present:
  • Risk and insurance managers of organizations representing a wide range of business sectors from major industrial and commercial companies to financial institutions and local government entities
    4 permanent staff in Brussels. Close relationship with the European Institutions and major representations of the insurance industry in Brussels.
  • ISO/IEC 27000 family of standards, ISO Guide 73 (which is used by other risk standards including ISO 31000). 
    COBIT 5 was introduced in 2012 and is generally accepted as the other most commonly used information security standard. 
    The Information Security Forum (ISF) standard which is highly respected goes beyond the family of standards in ISO 27000.     
  • Cover for some cyber risks already exists in "traditional" insurance covers - cyber insurance provides an umbrella above those covers, not instead of other insurance
  • Transcript

    • 1. © 2014 FERMA Potential use of NIS Platform Guidance for cyber-insurance purposes 3rd NIS Network & Information Security Platform Plenary meeting Brussels, 30 April 2014 Julien Bedhouche FERMA European Affairs Adviser
    • 2. © 2014 FERMA© 2014 FERMA BACKGROUND
    • 3. © 2014 FERMA© 2014 FERMA FERMA Presence 22 member associations in 20 countries 4336 individual members who are responsible for risk management and / or insurance in their organisations
    • 4. © 2014 FERMA© 2014 FERMA Purpose
    • 5. © 2014 FERMA Cyber is still an emerging risk • The Global Risks Report from the World Economic Forum 2014 identified Digital Disintegration as one of three key areas of global risk • While the Internet is designed for resilience, it has little inherent security and so “attackers” have still the advantage over “defenders • Organizations need to respond through strategic planning, and review their resilience framework • But organizations cannot solve these problems on their own and there is a need for more joint working at a global, regional and local level • There is a need for more long term thinking
    • 6. © 2014 FERMA© 2014 FERMA Cybersecurity and Risk Managers
    • 7. © 2014 FERMA© 2014 FERMA The NISP Guidance Documents
    • 8. © 2014 FERMA© 2014 FERMA Kite marks and standards
    • 9. © 2014 FERMA© 2014 FERMA Current situations for companies
    • 10. © 2014 FERMA© 2014 FERMA The world continues to learn
    • 11. © 2014 FERMA© 2014 FERMA Cyber insurance
    • 12. © 2014 FERMA Cyber insurance in the NISP documents (p.3, 4 & 28)
    • 13. © 2014 FERMA© 2014 FERMA Shortcoming for Critical National Infrastructures
    • 14. © 2014 FERMA© 2014 FERMA Insurers becoming more cyber-savvy
    • 15. © 2014 FERMA© 2014 FERMA CONCLUSIONS 1/2
    • 16. © 2014 FERMA© 2014 FERMA CONCLUSIONS 2/2
    • 17. © 2014 FERMA© 2014 FERMA Legal Notice 2014 FERMA. All rights reserved. You are not permitted to create any modifications or derivatives of this presentation or to use it for commercial or other public purposes without the prior written permission of FERMA. Although all the information used was taken from reliable sources, FERMA does not accept any responsibility for the accuracy or comprehensiveness of the details given. All liability for the accuracy and completeness thereof or for any damage resulting from the use of the information contained in this presentation is expressly excluded. Under no circumstances shall FERMA be liable for any financial and/or consequential loss relating to this presentation.