Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / Cyber Insurance Key as Hacks Rise
Cyber Insurance Now Critical as Data Breaches Wreak Havoc
Cyber Insurance Now Critical as Data Breaches Wreak Havoc
By Jef Cozza / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
DECEMBER
19
2016
While 2016 may have been one of the worst years in history for network security, there is at least one silver lining for enterprise IT departments: insurance companies are becoming increasingly skilled at underwriting cybersecurity risks.

According to the Insurance Information Institute, more than 60 different insurance companies are now offering standalone cyber insurance policies, with an estimated U.S. market of more than $3.25 billion in gross written premiums this year.

That figure is the direct result of two related trends. First, data breaches are becoming more expensive for enterprises, with the average breach in 2016 costing $7 million and representing the third-costliest business risk this year. That increase has given rise to the second trend, which is that businesses are becoming much more concerned about protecting themselves against potential financial losses as the result of hacks that are becoming almost inevitable.

A New Challenge

Historically, the insurance industry has successfully managed to adapt to the risks posed by new technologies, including automotive and air travel tech. Nonetheless, insuring against data breaches and other attacks presents its own set of challenges and complications.

In particular, the constantly changing range of perpetrators, targets and exposure values, a lack of historical actuarial data and the interconnected nature of cyberspace, combine to make it difficult for insurers to assess the likely severity of future cyberattacks.

While most traditional commercial general liability policies do not cover cyber risks, standalone cyber insurance policies typically address a number of risks associated with data breaches or attacks.

About Time

Chief among these is liability insurance to help companies cover costs, such as legal fees and court judgments, that may be incurred following the theft of enterprises data and the unintentional transmission of a computer virus that causes financial harm to a third party.

Crisis management is another aspect of standalone cyber insurance, covering the cost of notifying consumers about data breaches that resulted in the release of private information and providing them with credit monitoring services. Cyber insurance also covers the cost of retaining a public relations firm or launching an advertising campaign to rebuild a company’s reputation.

Some policies will also cover liabilities incurred by directors, corporate officers or other members of management who might be at risk due to decisions made on behalf of the company. Business interruption stemming from an attack can also lead to a loss of income, another risk insurers are increasingly starting to underwrite.

Ransomware and Data Destruction

Cyber extortion has also been a major concern this year, with the San Francisco transit system falling victim to an attempt to extort it for millions of dollars. That attack caused the system to offer free rides to patrons over Thanksgiving weekend. Cyber extortion coverage helps cover the settlement of an extortion threat as well as the cost of hiring a security firm to track down the blackmailers.

Insurance companies are also beginning to cover damages resulting in the destruction of data or other valuable assets stemming from viruses, malicious code and Trojan horses, as well as the cost of posting criminal rewards for information leading to the arrest and conviction of malicious hackers.

If 2016 was any indication of what lies ahead, these kinds of insurance policies should be in even greater demand in 2017.

Tell Us What You Think
Comment:

Name:

Richard Clarke, CPCU, CIC:
Posted: 2016-12-21 @ 6:23am PT
While a number of standalone cyber insurance policies address the "crisis management/public relations expense" exposure, a much more common insurance policy component is for "Notification Costs", which is the result of notification required by most states, as well as the federal government (HIPPA). The article should have addressed the importance of some form of the budgeted expense for notification costs, which is increasingly important.

Robert Emma:
Posted: 2016-12-20 @ 6:28am PT
Cyber security has become essential these days whether it is individual, govt, student and army. Everyone needs to protect himself. Encryption has become a new requirement.... always encrypt communication.

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.