2. Kasus Cyber Breach di Indonesia
• 7 kasus kebocoran data pribadi sepanjang 2022
• Kasus kebocoran 1.3 miliar data SIM Card di Indonesia → terbesar di Asia
• 91 juta data pengguna & 7 juta merchant Tokopedia bocor; digugat Rp100M
• 13 juta data Bukalapak dijual hacker
• Peretasan Tiket.com, rugi Rp1.9M
• 2.9juta data Cermati.com bocor di Internet
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com
3. Regulasi
HIPPA (Federal): Health insurance
breach notification
2003
Mandatory Notification (California)
2003
Federal & State: HIPPA enhanced.
Similar requirements to California
replicated in most other states
2009–2013
GDPR (EU): General Data Protectuin
Regulation passed - comes into force
in May 2018
2016
Rancangan Undang-Undang
Perlindungan Data Pribadi,
Indonesia
2022
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com
4. Di mana asuransi bekerja?
Asuransi hanyalah salah satu bagian dari suatu cyber risk management
Map Risk
Protection
& detection
Insurance
Response
Plan
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com
5. Definition
• Cyber Risk Insurance atau Cyber Liability Insurance Coverage (CLIC) adalah
produk asuransi yang menjamin berbagai risiko yang timbul dari penggunaan
teknologi dan data
• Prudential Regulation Authority (PRA) menyebutkan ada dua jenis risiko siber,
yaitu:
• Kerugian akibat tindakan jahat (yaitu, serangan siber atau infeksi sistem TI
oleh kode jahat).
• Kerugian akibat kelalaian (yaitu, kehilangan data atau tindakan atau kelalaian
yang tidak disengaja).
• Akibat dari risiko siber dapat bersifat pihak pertama dan pihak ketiga
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com
6. Pemacu Risiko Cyber
Exposure
←→
Mitigating Factors
←→
Profile Governance IT & Data
- Industry
- Size
- No. of records
- Geography
- Online
- Outsourcing
- Prior incidents
- Leadership strength
- Data and privacy policies and
processes
- Risk management
- Cyber risk culture
- Incident response / business
continuity plan
IT Security:
- Firewalls
- Anti-virus software
- Patching
- Password authentications
- Controls, detection, & monitoring
system
Data Management:
- Data encryption
- Portable Devices
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com
7. Strategi Risk-Based Cyber Insurance
Mendefinisikan Akibat
Identifikasi Skenario Mengevaluasi Posisi Jaminan
Asuransi yang Tepat
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com
8. Cyber Coverage
Cover Property
General
Liability
General
Liability
PI / D&O IT Liability Crime
Cyber
Security
1st Party
Incidence Response X X X X X ? V
Information Asset Loss X X X X X ? V
Regulatory X X V X X ? V
Cyber Extortion Expenses X X X X X ? V
Loss of Income X X X X X ? ?
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com
9. Cyber Coverage
Cover Property
General
Liability
General
Liability
PI / D&O IT Liability Crime
Cyber
Security
3rd Party
Data Privacy Liability X X ? ? ? X V
Media Liability X ? ? ? ? X V
Network Security Liability X X X X ? X V
X Not generally covered
V Covered
? Uncertain or varied coverage
InsurtechIndonesia info@insurtechindonesia.com +6281381024460 InsurtechIndonesia.com