Author(s):Several

Cyber Liability Insurance

The Cyberspace

The world is in a continually developing state, with new and exciting inventions and technologies arising on a regular basis. It would take some form of expert, or perhaps your average teenager, to entirely keep up to date with all that is new. However, while the new technologies are often hard to keep up with, this does not mean the world is becoming more difficult or complicated.

These new technologies have made life more comfortable and accessible than ever before. With mobile phones and computers now widely available to almost any who wish to obtain one. Through these devices, it is possible to live a great deal of one’s life online.

A significant proportion of jobs, especially office jobs, take place through a computer, and this has led to a most significant change in the in the ways jobs are performed. Often, duties are performable from more than just an office desk, and due to mobile communications, workers are always reachable. Beyond work, most things that one could need can now are accessible and found online, from grocery shopping to recreational items or services.

So much is now present or available online, and this also includes information. With security generally increasing online, and peoples trust increasing overtime in the tech security measures that are in place, more and more people are open to providing their details and confidential information to many online sources.

Beyond this, the ability of people to access information is far higher than in the past. Whereas in years gone by, one would have to go to the library for general information, or official organizations to obtain more confidential information. Now, we have seemingly all the information we could ever need on the web. Further to this while, there are usually many security measures in place to protect information; this does not make it inaccessible to those who can dig deeper.

There are laws in place which aim to prevent and punish those would seek to steal information not rightfully their own. The fundamental regulation on this matter is the Federal Decree-Law Number 5 of 2012 on combatting cybercrimes.

Losses Resulting from Cybercrimes

Crimes of the technological variety are the new frontier. Much of the world’s information has moved online, a lot of which is highly confidential. Therefore, some find the temptation to hack and steal too much to bear. Some of the most common forms of cybercrimes are as follows:

To ensure security within the country, even obtaining access to websites and other areas within the cyberspace that one is not authorized to can result in a prison sentence and a fine between AED 100,000 to 300,000 as per Article 2 (1) Beyond personal information, there are also many documents present online that are either stored thereof transferred between individuals or entities. Article 2 of the law also covers this type of cybercrime. Subsection 2 states that a prison sentence of at least six months of imprisonment and a fine of between AED 150,000 to 750,000 for the deletion, destruction, alteration, copying or re-publishing of any data or information. One of the most common forms of cybercrimes is the theft of details; this would allow the perpetrator to access accounts, documents, and assets of another individual that could lead to said individual’s losses. Article 2 (3) of the Decree Number 5 of 2012 states some of the repercussions for the theft of personal information, which includes at least one year of imprisonment and a fine of between AED 250,000 to 1 million.

There are many further Articles which discuss different penalties for even more crimes, though the dominant issues that arise.

To an extent, these might be seen by some as quite severe punishments. However, when one considers the potential damage that is possible through the cyberspace. The fact that peoples not only personal information but also highly confidential documents of businesses and the government can be found means that the utmost protection is required.

The reason for the flexibility provided in the penalty is due to this very previously mentioned point. While some crimes may be severe for individuals, the repercussions will be limited compared to the most sensitive of information.

As of late, a rising trend among businesses involves taking out insurance for protection against such forms of hacking or illegal theft of their Intellectual property and. For businesses, intellectual properties and trade secrets are of utmost importance, as they are what provide the companies with their USPs. Therefore, they would do well to protect them.

The Dubai Police are also involved in attempting to limit and catch those who attempt to commit cybercrimes. One such instance in which this occurred was in 2016 when AED 800,000 was found to have been transferred illegally from the account of a UAE resident to a European country through a hack. The police managed to restore the AED 800,000. Beyond this, the police are responsible for thwarting hundreds if not thousands of cyber and hacking related crimes every year.

Insurance against Cybercrimes

Before the implementation of the regulations, there was a lot less certainty and security for the digitally held elements of a business. An entity would have to have excellent security measures in place should they have information requiring protection, and this could come at a tremendous financial cost. Furthermore, it would rarely if ever be able to guarantee stability, as where there is a will, there is a way.

Relying on different regulations for cyber protection is not a hopeless cause though. An example of this was in a DIFC case (DIFC and some further free zones will have different regulations on the topic of cybercrimes) under the Judicial Authority of the Dubai International Financial Centre: Court of First Instance, 13/2015. In this case, the claimant’s IT system was sabotaged by the defending party when they were wrongfully interfering with the claimant’s property. The claimant successfully sued the defending party and was awarded USD 690,533. The total, which is far above the previously mentioned UAE mainland limit, was meant to cover for the damages that the Claimant endured as a result of the breach.

With the regulations now in place, there is some greater deal of trust in the system, but as with the ever-growing complexity and depth of the digital world, there are new potential methods of further assurance and security. Theft or hacking can occur at any point, and there is no real way to predict it. One of the ways a company can feel more financially safe is to get insurance that covers them at all time, and so if something terrible does come to pass, assurance will be available straight away. In 2017, there was around AED 4 billion lost due to cybercrimes; this should show just how serious the issue is to businesses.

Any regulation does not explicitly cover insurance of this kind. Instead, there is the general Federal Law Number 6 of 2007 which relates to Insurance for businesses. The number of policies being given out is regularly growing as the issue is severe and the potential risks and losses are genuinely an issue.

However, the topic is one shrouded in complications. Perhaps the biggest question is of how calculations of losses and cover will occur. With things being online and intangible, damages can be quite complex, and disagreements may arise regarding them. Though it must be said, the process is becoming much more comfortable to manage, and this is somewhat of an inevitability. Some businesses nowadays are entirely online and being unable to ensure them due to this, would be a grave mistake and business loss for insurance companies. As we move forward, all must get with the times at the risk of being left behind is a bygone era.

The Future of Cybercrime Insurance

The cybercrime insurance market is one which is growing fairly quickly. The driving force behind this growth is that it is necessary. The future is online, and there is every advantage to moving into the cyberspace. The change has arrived in a short period, and so the laws and regulations, as well as the companies that offer insurance, have yet to catch up fully.

Some significant steps are being taken though. Companies such as HSBC now offer cyber insurance and see it very much as a necessity. The fact that large entities are starting to expand into this new market is a good sign, and the hope is that many more will follow suit.

Currently, due to the complex nature of cyber insurance and the time and effort that goes into ensuring calculations are correct and appropriate, the costs for these insurance policies are high. In time as the certainty levels rise, this will become far less of an issue and accessibility will be on a higher level.

The issue present is a global one with many billions of dollars in losses occurring annually. There is a great deal of awareness on the matter, and some of the most prominent insurance entities in the world are working towards a smooth and natural system.