Adoption of Cyber Insurance in Malaysian Organisations

Abstract

As businesses have embraced more and more technology, cyber risk has become one of the essential components of a risk management initiative that seeks to mitigate and analyze the multitude of new risks. One risk mitigation process is investing in cyber insurance to safeguard the organisations’ assets from cyber threats by transferring them to the insurer. For businesses to decide on cyber insurance, choosing the right insurance plan and policy is crucial. To do so, they need to consider the factors of its implementation. Therefore, this paper aims to investigate the adoption of cyber insurance in Malaysian organisations, thus further exploring the organisations' perceptions of the factors of adopting cyber insurance. A qualitative study is conducted to understand and describe Malaysian organisations’ needs, obstacles, and processes related to cyber insurance adoption by interviewing cybersecurity professionals and cyber insurance personnel to explore valuable insight into the existing knowledge. 30% of the respondents have adopted cyber insurance. While 40% of the respondents were unsure, the other 30% did not adopt cyber insurance in their organisation respectively. These insights include the factors in adopting cyber insurance among Malaysian organisations, which might be crucial for informing future research and practice in the cyber insurance industry. The novelty of this research is the overview of knowledge gaps and perceptions related to the adoption of cyber insurance in Malaysian organisations. Also, this research aims to consider the advantages of the relevant obstacles that influence the decision makers to adopt cyber insurance.