deepagopi2011 - Fotolia

Malaysian insurer partners IT supplier to tailor cyber security policies

Partnership is in response to requests from AIG customers for a more comprehensive risk management approach to cyber insurance

AIG Malaysia Insurance has partnered IT service provider Dimension Data (Malaysia) to offer its clients cyber security tailored to their risk profiles.

Dimension Data will assess the risk level of an organisation’s IT systems and, based on the assessment, AIG will provide insurance cover known as CyberEdge, access to tools and best practices.

The partnership is in response to requests from customers for a more comprehensive risk management approach to cyber insurance that includes risk assessment.

Cyber security has become a significant problem for organisations in Malaysia. According to the country’s cyber security specialist agency, CyberSecurity Malaysia, there were 27 million incidents involving botnets in 2015.

“The complexity of today’s cyber threats has shown it is essential for organisations to implement a comprehensive information security programme against any form of breach that would be detrimental to their business,” said Antony Lee, CEO at AIG Malaysia Insurance.

“AIG’s partnership with Dimension Data brings together an integrated approach that provides our clients with the tools to detect, respond to, understand and mitigate cyber attacks, while being assured that their key assets are protected by a leading global insurer.”

Henrick Choo, managing director of Dimension Data Malaysia, said: “Dimension Data will extend special packages to AIG’s clients who are keen to engage us for their security and IT management needs.”

For now, the partnership is focused on Malaysia, but there are plans to expand to other countries in Southeast Asia.

Read more about cyber insurance

This approach to cyber security is novel, said Nikhil Batra, research manager, telecommunications, at IDC Asia-Pacific, with the initial adopters likely to be multinational corporations and large organisations.

“Most of the cyber insurance offerings around the world are generally just an insurance business and don’t include a detailed risk assessment service for the enterprise,” he said. “This partnership may define how things might be in the future.”

Although cyber insurance has been around for more than 10 years, it has only gained traction over the past five to seven years, said Batra.

However, cyber insurance is still evolving, as there are many variables involved in a cyber attack and the assessment of damages.

“For example, how would you assess the damage caused by a cyber breach where 100 million customer accounts, along with credit card information, have been hacked?” said Batra. “How much is it worth? What are the damages the insurance provider is liable to pay? What are the deductibles and how will all of these be calculated in monetary terms?”

Ultimately, he said, enterprises need to realise that no one can offer 100% safety for their IT infrastructure and that cyber insurance is an essential part of the risk mitigation strategy.

Read more on Hackers and cybercrime prevention