The article below, by Jonathan Franke, Tech, Media and Cyber Broker at New Dawn Risk, was originally published in Insurance Day in January 2021.
The market must be more proactive in terms of understanding and reviewing policy wordings, to accommodate the new exposures relating to 5G-enabled products and technologies…
The next 12 months will see the scaling up of the worldwide roll-out of 5G networks, with North America, Europe and East Asia leading the way.
The importance of 5G has grown since the onset of the pandemic. With much of the world switching to remote working and with the prospect of home offices becoming the new norm, businesses and individuals are requiring faster, more reliable data speeds. Companies are also adapting to network management across multiple locations to continue operating efficiently.
When it comes to data transmission and storage, the majority of the developed world will soon swing towards 5G, as we continue to transition to a progressively cloud-based economy, and that change brings with it a brand new cyber threat landscape – one that is yet to be clearly understood.
Before considering the insurance challenges 5G brings, it is important to understand exactly what 5G is. It builds on the evolution and development of its predecessors, 3G and 4G, allowing societies to smoothly transition into the increased usage of smart devices and offering faster wireless browsing and streaming. According to Ofcom, 5G is «much faster than previous generations and also offers greater capacity, allowing thousands of devices in a small area to be connected at the same time».
The 5G roll-out will continue to enhance the expansion of the internet of things (IoT) in almost all industry sectors and many homes, as more and more smart devices connected to the internet become essential equipment. While this technology explosion is welcome, not all manufacturers of IoT devices have made cyber security a priority within their business plans.
Globally, there are now billions of interconnected devices, all communicating with each other; these devices have wide-ranging and differing security controls, leading to an unimaginable number of potential vulnerabilities for criminals to exploit. A lack of shared security standards for IoT devices means network breaches and hacking have the potential to travel widely and loopholes occurring between two unmatched systems could easily be exploited by organised criminals.
All this means criminals have already recognised an opportunity to access seemingly secure networks almost undetected. Consumer and individual data could be compromised simply by having a domestic smart meter to measure electricity and gas usage. However, even more significantly for business insurers, 5G is being used in various industry sectors, from farming to manufacturing.
Investment in monitoring
Pre-5G networks have fewer «traffic points» and this means security monitoring and scanning is simpler, less time-intensive, and less expensive for businesses. However, 5G’s dynamic software-based systems have led to a huge increase in traffic points, and to take account of this, both business-to-business and business-to-consumer companies must prepare to invest in more sophisticated and increased levels of monitoring of their networks, controls and technology.
Companies will need to place more and more reliance on IT experts to ensure adequate protection is in place, in spite of a widening IT skills gap. And they will have to do so at speed – planning for the increased risks associated with 5G should already be well developed. Those who have taken their eye off the ball, perhaps distracted by adjusting their operations to cope with Covid-19, run the risk of increased vulnerability.
The same applies to cyber and technology insurers. They have a responsibility to be 5G-ready too, in terms of making sure their cyber insurance offerings are up to speed and they are providing their clients with adequate protection. It is also a responsibility for insurers to ensure their breach response providers are well informed about the developments and roll-out of 5G, as well as being able to respond even quicker to incident notifications and to start negotiations in the case of complex ransomware demands.
In 2021, we will see cyber insurers and buyers scrambling to be ready for the roll-out of 5G; wordings are likely to change, and coverage could be challenged. Some better-informed and more proactive insureds may start to enquire into manuscript wording to cover the threats relating to 5G-enabled products and technology; it is up to insurers to understand these threats and to learn how to respond to these questions before clients come knocking.
This could make 2021 an even tougher year for this already challenged class. A new and unexplored threat is likely to unsettle insurers and it also poses the questions of how new or changed risks should be rated on a premium basis. Given an increasingly litigious and claims-active cyber sector, we would expect rates to increase and possibly capacity to constrict for new business in the year ahead and 2021 could be a difficult year for cyber insurers and buyers alike.
The original article can be viewed here