CRIF looks for improvement in risk management for Cyber

Cyber Risk & Insurance Forum
The Cyber Risk & Insurance Forum (CRIF) has taken major steps towards raising awareness of the benefits of cyber insurance and the need for UK business to better understand their exposure to cyber risk.

CRIF has developed first drafts of their cyber risk matrix, and cyber risk and privacy framework which can be found on its new website, which also houses a cyber insurance risk survey. CRIF is urging businesses to participate in the survey, the results of which will be presented at a launch event in Q3 2013. 

Law firm DAC Beachcroft has also joined the forum to strengthen CRIF’s legal knowledge, ahead of impending national and EU regulatory changes.

Daljitt Barn, CRIF chairman and associate director at global information assurance firm, NCC Group said: “We’ve made some fantastic progress recently, and now we need businesses to get involved and help shape a cyber insurance framework. If we’re to develop a model that can help companies on the ground we need a community approach.

We want to help SMBs protect themselves, through both improved security standards and cyber insurance”.

As an adolescent class of business, cyber insurance is underwritten from a number of different perspectives, with no uniformity of information requirements, best practices or risk management advice. CRIF is working towards the development of greater synergy between effective risk management and appropriately tailored, cost-efficient insurance cover.

The government is in the process of putting together a cyber organisational standard for UK organisations, and CRIF is assisting the government by providing a detailed response to the on going consultation.

Russell Price, chairman of the Continuity Forum said: “Developing cyber resilience is imperative for business today. Companies rarely connect cyber risk issues into management frameworks that can cope with its complexities, and even fewer are properly assessing the wider risk that it presents to the business.”

The survey can be accessed through CRIF’s website. The draft cyber risk matrix and cyber risk guidance framework can be accessed here and here.

About CRIF

CRIF is a group of commercial and non-commercial organisations all working together to enable purchasers of insurance to achieve effective management of residual risk. It advocates that organisations demonstrate risk and security practices which will help facilitate their purchase of effective cyber liability insurance.