Pakistan: Regulator obliges insurers to have cyber cover
Source: Asia Insurance Review | Feb 2019
The Securities and Exchange Commission of Pakistan (SECP) has issued directives requiring insurers to have cyber risk insurance, because of the increase in such risks due to growing reliance on technology.
The SECP directives say that all life and non-life insurers including family and general takaful operators are required to obtain insurance to cover their own cyber risks to mitigate losses from a variety of cyber incidents, including data breaches, business interruption and network damage.
The corporate sector regulator has also directed insurers to submit cyber security framework assessment reports by 30 April each year to the SECP.
Insurers also have to protect their systems including hardware, firmware and software, data integrity, and control of information flow.
The insurance companies are required too to appoint a senior executive as chief information security officer who will be responsible for implementation of overall cyber security framework within the organisation. A