Not long ago, it seemed like we could be heading for cybergeddon; the forecasts about the threats from cyber space posed such a threat to the digital revolution. Today, as this report illustrates, we are finding a way to make cyber risk manageable, quantifiable and insurable.


In this report, you will find more information on two new reports that FERMA has introduced so risk managers can support their organisations in managing cyber risks. One is a second edition of the cyber risk governance guide that we have published in cooperation with the internal auditors in ECIIA, following the first edition in 2017. It includes a case study from the Education Testing Service (ETS), an organisation that works with partners worldwide, showing how the risk governance scheme we recommend works in practice. Second, we have a completely new guide, Preparing for Cyber Insurance, which we have developed with Insurance Europe, the intermediaries’ organisation BIPAR and two of our strategic partners among the brokers. It was written with mid-market organisations in mind, but it is certainly useful for others as well in their conversation with the insurance market about insuring cyber risks. As our organisations increasingly rely on digital technologies for their operations and development, FERMA continues to push for the management of cyber risks beyond the limited technical/security dimension of this technological revolution. Risk and insurance managers play an essential part in the enterprise-wide coordination needed for the governance of cyber risks, its quantification and mitigation. The articles which follow show how risk managers can accompany their organisations in securing cyber resilience and making the best of the huge opportunities linked to digitalisation.