Concerns over IAIS cyber-security paper