Fitch Ratings, a provider of credit ratings, in a recent report, has established a positive correlation between insurance companies’ credit ratings, and Security Scorecard’s (SSC) cybersecurity grades—a pointer that insurance companies that are keen on managing their own credit risk tightly also perform better at managing their cyber risks.

The report used SSC’s grading platform to analyse the cybersecurity risk of more than 400 global insurance companies, and explored the association between SSC grades and other countries, sectors and financial attributes in terms of capital strength, profitability and size.

What you should know

Cyber risk, a risk associated with financial loss, and damages to organizational reputation, has become a major concern among all organizations around the globe and is forcing organizations to seek cybersecurity to protect themselves from threats to their businesses, data, and financial successes.

While the global insurance industry witnessed several high-profile cyber events in 2021, Fitch reports that ransomware is an industry issue that is a growing concern and causing cyber matters to become increasingly important to rating analysis.

However, while the risk could be broad and take different shapes such as cybercrime, cyber terrorism, and corporate espionage, and is usually in the form of ransomware or phishing attack, SSC’s cybersecurity grades help to fill in the gap not covered by traditional financial statement and credit analysis, and Fitch’s partnership with SSC gives Fitch insights into these considerations, and helps better assess cyber risk.

Fitch Director, Gerry Glombicki, points out that systems attributes such as network segmentation, attack surface, endpoint security and digital footprints are all very important in understanding an insurer’s cyber health.