CSP FORUM Risk Assessment and Cyber Insurance Workshop – Report

Business companies and individual users can resort to cyber-insurances to protect themselves from risks related to cyber-attacks, basically the very same way they purchase insurance for physical goods. While the market is rapidly growing for cyber-insurance (especially in the US soil), showing that there is a strong interest, the adoption is still low and the maturity of the offer pretty at early- stage. Two main reasons emerge. First of all, the lack of historical data related to cyber-attacks makes it extremely difficult to derive models of "what is good" and "what is bad", so that insurance companies have hard-time to determine premiums and standardized cyber-insurance offers. Second, because computer systems are interdependent and standardized, insurance companies fear a major cyber-space accident, so-called “cyber-hurricane,” resulting in an unaffordable number of claims. While these are two well-known reasons that cover the viewpoint of the insurers, what is the role and viewpoint of the other stakeholders such as business companies, policy-makers, etc. ?

The CSP Forum event “Risk Assessment and Cyber Insurance”, organized on April 27th 2015 in Brussels, discussed around this topic, with special focus on its fundamental challenges and possible solutions.

After a welcome speech by the organizers, five prominent experts in the field shared their findings and opinions, challenged by the audience during Q/A sessions and a closing panel.

The five speakers were carefully selected to present the point of view of key stakeholders for Risk Assessment and Cyber Insurance:

  EU Commission: what is the point of view of the EU commission and which initiatives have been run and will be running at EU level on this topic

  Industry sectors: why and when industry may want to resort to cyber insurance instruments

  Cyber Insurance Brokers: cyber insurance challenges and opportunities from a broker


  Business Universities: academic scientific view on cyber insurance and public policy

  Auditors: auditors point of view on viable models for cyber-risks

This CSP Forum event was a satellite event of the “CSP Innovation Forum 2015” (, organized by the European Commission, DG CNECT (Unit H4 Trust & Security) and the CSP Forum. Overall, more than 40 people registered for the seminar with a good mixture of industry (large companies, but also SMEs), research institutions, and academia as well as EU and national level institutions. 

To read the full report Click here