The Augusta Group and 327 Solutions announce their education partnership

The Augusta Group
  • Home
  • Insights
    • Left of Bang Cyber
    • Left of Bang Cyber 2.0
    • Is Cyber Insurable?
    • Small Business Cyber
    • Board Cyber Governance
    • Cyber on a Page
    • SEC Cyber-Risk Proposal
    • Cyber Framework Profiles
    • EU NIS 2.0
    • The Augusta Plan 1.0
    • The Augusta Plan 2.0
    • The Augusta Plan 3.0
    • FISMA, OMB and the RMF
    • DoDi 5000.90, FISMA, SCRM
  • Services
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
  • The Augusta Blog
  • Meet the team
  • Contact Us
  • More
    • Home
    • Insights
      • Left of Bang Cyber
      • Left of Bang Cyber 2.0
      • Is Cyber Insurable?
      • Small Business Cyber
      • Board Cyber Governance
      • Cyber on a Page
      • SEC Cyber-Risk Proposal
      • Cyber Framework Profiles
      • EU NIS 2.0
      • The Augusta Plan 1.0
      • The Augusta Plan 2.0
      • The Augusta Plan 3.0
      • FISMA, OMB and the RMF
      • DoDi 5000.90, FISMA, SCRM
    • Services
      • Cyber and Risk Advisory
      • Non-Executive Director
      • Training and Compliance
    • The Augusta Blog
    • Meet the team
    • Contact Us
The Augusta Group
  • Home
  • Insights
    • Left of Bang Cyber
    • Left of Bang Cyber 2.0
    • Is Cyber Insurable?
    • Small Business Cyber
    • Board Cyber Governance
    • Cyber on a Page
    • SEC Cyber-Risk Proposal
    • Cyber Framework Profiles
    • EU NIS 2.0
    • The Augusta Plan 1.0
    • The Augusta Plan 2.0
    • The Augusta Plan 3.0
    • FISMA, OMB and the RMF
    • DoDi 5000.90, FISMA, SCRM
  • Services
    • Cyber and Risk Advisory
    • Non-Executive Director
    • Training and Compliance
  • The Augusta Blog
  • Meet the team
  • Contact Us

Is cyber an insurable risk today?

Cyber-risk is a dynamic and unstable risk that today is poorly managed in general by public and private sector companies.  Demonstrated by the frequency, complexity and severity of cyber attacks; the ability of the insurance industry to economically underwrite and mediate cyber insurance claims, and recent interventions by the US government in cyber legislation and cyber regulatory enforcement.


The enclosed paper discusses the dynamic and evolving nature of cyber-risk and its transition from an extreme loss to an expected loss event.  The failure of market forces to mitigate cyber-risk and the increased involvement of governments in the creation of cyber legislation and regulatory enforcement regimes.  That when combined create significant challenges for the insurance and reinsurance industry in providing suitable policies, to manage cyber-risk.  Without which significant pressure will be placed on the private sector as insurance costs increase and coverage falls, eroding a traditional risk mitigation tool.  As demonstrated by increased insurance loss ratios (avg. 67%, 2020), increased premiums and reduced insurance coverage following the rise in ransomware attacks.  


Organisations have relied upon cyber insurance as a tool to mitigate cyber-risk at the expense of implementing appropriate cyber security controls.  However the erosion of cyber insurance coverage in 2021 is likely to continue into 2022 forcing insurers, reinsurers and organisations to reconsider the way forward for cyber-risk mitigation.


Developments in US cyber legislation and regulatory enforcement are likely to force changes to corporate cybersecurity risk management and regulatory reporting from 2022, providing an opportunity for the cyber insurance industry.  In this paper we discuss the opportunity for cyber insurance firms to better oversight and assure the cyber-risk of their clients, and for organisations to implement the appropriate practices to manage cyber-risk.  That could be the start of equitable and economic cyber insurance and mitigate cyber-risk appropriately, in line with shareholder and market expectations.

Stabilizing the oversight and assurance of cyber risk?

Presenting a solution for cyber insurance and reinsurance

Download PDF

Copyright © 2021 Augusta GRC, LLC - All Rights Reserved.

The Augusta Group

  • Home
  • Left of Bang Cyber
  • Left of Bang Cyber 2.0
  • Is Cyber Insurable?
  • Small Business Cyber
  • Board Cyber Governance
  • Cyber on a Page
  • SEC Cyber-Risk Proposal
  • Cyber Framework Profiles
  • EU NIS 2.0
  • FISMA, OMB and the RMF
  • DoDi 5000.90, FISMA, SCRM
  • Cyber and Risk Advisory
  • Non-Executive Director

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept