Object Management Group
+1-781-444 0404
[email protected]

Object Management Group Issues Cyber Insurance Request for Information
Gathering input to help users of cloud services better protect their businesses

NEEDHAM, MA – JANUARY 23, 2020 – Today, international technology standards organization Object Management Group® (OMG®) has issued the Cyber Insurance Request for Information (RFI). The RFI, led by the OMG Cloud Working Group, asks for information about issues and practices related to the offerings and selection of cyber insurance products. The intent is to provide a roadmap to help users of cloud offerings select the best coverage to properly address their business risk. Ultimately, the group intends to develop a standard or guidelines for cyber insurance for cloud customers.

"Cyberattacks, data breaches and cloud outages are leading both the suppliers and customers of IT services to seek protection against the resulting business losses. Cloud agreements in particular usually limit financial compensation for outages to the rental cost during that time, which is just a fraction of what the customer's business lost," said Claude Baudoin, cébé IT & Knowledge Management and co-chair of the OMG Cloud Working Group. "Cyber insurance is an emerging offering that will play a growing role in the future, once insurers can develop reliable models of risks and impact, and customers learn to assign a monetary value to the losses they want compensated."

"The future of cybersecurity insurance may be to underwrite policies that support specific event types based on criticality. This would mean that issues can be resolved much faster by being proactive in discovery and resolution vs. reactive," said David Harris, co-author of the RFI, and co-chair of the OMG Cloud Working Group.  "In the future, cybersecurity insurance may help mitigate the impact of a data breach on a company's brand."

"Cloud service agreements that rely on service-based credits and defer risk through indemnification clauses no longer meet customer needs. Still in its infancy, the cyber insurance market is far too diverse and difficult to navigate," said Tim Cavanaugh, co-author of the RFI, and Chief Information Security Officer, Maiden Global Servicing Co. "Both public and private sector need a better understanding of this emerging market to address their cyber risk. Just as importantly, the insurers need to better understand the value behind certifications, cybersecurity control audits and assessments to improve their actuarial and underwriting functions to address the market."

This request for information is open to the public. The full request and details on how to respond can be found in the Cyber Insurance RFI.  The deadline to respond is March 9, 2020.


About OMG
The Object Management Group® (OMG®) is an international, open membership, not-for-profit technology standards consortium with representation from government, industry and academia. OMG Task Forces develop enterprise integration standards for a wide range of technologies and an even wider range of industries. OMG's modeling standards enable powerful visual design, execution and maintenance of software and other processes. Visit www.omg.org for more information.


Note to editors: Object Management Group and OMG are registered trademarks of the Object Management Group. For a listing of all OMG trademarks, visit https://www.omg.org/legal/tm_list.htm. All other trademarks are the property of their respective owners.