Cyber insurance in China: What risks to be aware of and how to protect your business
About 36 billion data breaches have been recorded in China between January and September 2020, causing huge economic losses and a wide range of consequences on a large number of individuals and enterprises. In one third of the cases, intrusions and data leakages affect people livelihood-oriented organizations, such as the government, the healthcare and the education sector. Foreign governments, organized crime and hacktivists are the main perpetrators of cyber-attacks, mainly looking for economic, financial or political benefits. As e-commerce and e-finance operations grow, cyber-risks increase and become more and more sophisticated. Hence the need to protect both your personal and corporate data with cyber insurance in China.
The most frequent cyber security threats in China
Cyber-attacks come in different forms. In the first half of 2020, cyber-crimes mostly took place through malwares, phishing frauds, webpage tampering and distributed denial-of-service (DDos) attack.
Malwares. Malicious programs are the most widespread and pervasive category of cyber risks. In the first half of 2020, malwares infected about 3.04 million of computers in China and attacked approximately 1.26 million of smart devices. By exploiting the weaknesses of a system, malicious programs can steal users’ information, damage the hardware and take control of the devices in order to infect other computers or launch DDos attacks trying to overwhelm target websites with fake traffic.
Phishing frauds. Currently, it is estimated that there are about 19,000 counterfeit pages in China attempting to steal passwords, credit card numbers, bank account details and other sensitive information. Most of such pages are located outside of mainland China, mainly in Hong Kong and in the United States.
Webpage tampering. Hackers can manipulate webpages bypassing their security mechanisms. Forged webpages can seriously damage the company or government image by spreading false rumors and information. There are approximately 74,000 tampered websites in China, including 318 belonging to governmental bodies.
DDos attacks. DDos attacks consist in generating a peak of fake traffic in target websites in order to overwhelm it and make it collapse. Such kind of cyber-crimes are quite frequent in China and can represent a serious threat to the domestic cyberspace. Indeed, they could be exploited to cause data breach, make the network inaccessible to users or spread falsehoods.
Chinese products need to be further developed in the personal cyber insurance sector, but China’s cyber insurance market offers comprehensive plans for corporate cyber security that are very similar to those provided in more mature cyber security markets.
The key players of China’s cyber insurance market
There are few large companies dominating China’s cyber insurance market and three main channels of cyber insurance sales: leading cyber insurance companies, cyber security-oriented technology companies, cyber insurance intermediate agencies.
Leading cyber insurance companies in China
CHUBB. It is an international cyber insurance company incorporated in the US offering a combination of global reach and local cyber expertise. CHUBB’s Cyber Enterprise Risk Management Policy covers a wide range of cyber-threats, protecting companies from information loss, business interruptions or delays, liability arising from human errors and regulatory investigations expenses.
American International Group (AIG). This group of multinational insurance and financial services leads China’s cyber insurance market. AIG provides insureds with detailed risk scoring, benchmarking and analytics to better understand and address their vulnerabilities. In addition, they offer a wide range of sophisticated tools and services, allowing their clients to further enhance their coverage opting for eligible policies protecting from ransomware and extending the coverage to employees. Last but not least, AIG’s CyberEdge claims team promptly intervenes supporting the clients in their response plan, engaging any necessary vendor and starting the recovery process.
Cyber security-oriented technology companies
DBPAPPSecurity. This technology company mainly provides information security products and services, while supporting its clients to scan websites for vulnerabilities and monitor network security. Its insurance focuses on company cyber-security and includes six different plans: digital asset insurance, cyber blackmail insurance, data leakage insurance, industrial control platform insurance, cyber security emergency insurance and comprehensive insurance.
CNMSTL. Directed by the Third Research Institute of the Ministry of Public Security and the National Quality Supervision and Testing Center of Security Product for Network and Information System, such cyber security-oriented technology company also cooperates with Ping An to launch cyber insurance products.
Cyber insurance intermediate agencies
Yonyoubao (Yonyou Network Technology Co., Ltd). Some players of China’s cyber insurance market opt for selling their insurance plans through intermediaries. Yonyoubao is an agency cooperating with Pacific Property Insurance Co., Ltd in order to provide their clients with cyber insurance products and services.
Asian Risks Management Services Limited (ARMS) is an international consultant advising clients on insurable risks. Independent from any insurance providers, ARMS act to the best of our clients.
Do you want to learn more about the China’s cyber insurance market? Leave your email in the comments and I can send you the full report.
Contact Asian-Risks to find your ideal cyber insurance plan in China.
Scan the QR code to follow Asian-Risks on WeChat!