Bridging the cyber protection gap through public-private partnerships: Zurich & Marsh McLennan

A new whitepaper from Zurich Insurance Group and Marsh McLennan underscores the urgent need for greater public sector involvement to strengthen societal resilience against catastrophic cyber events.

As cyber threats evolve rapidly, they are outpacing the ability of traditional insurance and risk management solutions to fully address them.

The report emphasises the critical need to close the protection gap between cyber risks and available insurance coverage, particularly for small and medium-sized businesses that are often uninsured or underinsured.

While incidents like mass malware attacks and widespread cloud outages remain insurable to some extent, events such as critical infrastructure failures are generally considered uninsurable.

Mario Greco, Group CEO of Zurich Insurance Group, emphasised, “The threat of cyberattacks poses a significant risk to both societal and economic stability. As insurers, we can offer some degree of protection, but we must acknowledge that large-scale, catastrophic cyber events present substantial accumulation risks that cannot be borne by the private sector alone. Therefore, enhancing cyber resilience is vital to addressing this protection gap. Achieving this requires strong public-private partnerships to develop comprehensive strategies that secure our digital future.”

John Doyle, President & CEO of Marsh McLennan, added, “The severe threat presented by cyber risks requires collective action to bridge the protection gap. The insurance industry and the public sector must fully understand the spectrum of insurable and currently non-insurable cyber events. Through greater collaboration, we can develop innovative solutions, inform insurance buyers, enhance the cyber insurance market, and establish robust public-private partnerships that safeguard our society and economy from potentially catastrophic cyber events.”

The whitepaper calls for a unified framework between the insurance industry and the public sector to address this protection gap, enhance resilience, and safeguard societies and economies from escalating cyber threats.

This framework would include strong incentives as an alternative to increased regulation, methods for measuring quantifiable catastrophic cyber risk, and strategies to manage unquantifiable risks through public-private partnerships. These efforts could help sustain the broader economy and create capacity for the insurance market to support society against severe financial risks.

This website states: The content on this site is sourced from the internet. If there is any infringement, please contact us and we will handle it promptly.