Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

INSURANCE

The New Normal: Cyber Security Insurance

The New Normal: Cyber Security Insurance

By Kevin Cunningham, president and founder at SailPoint

You may not have realised it, but in 2014 the IT security industry hit a tipping point. That’s when many of the world’s largest corporations realised that cyber security was no longer just a technical problem for the IT department or an audit issue for the Chief Compliance Officer. Instead, it was a potentially catastrophic risk that executives and corporate boards had to address.

In the wake of dozens of high-profile security breaches, costing corporations tens of millions of pounds, c-level executives heard the wake-up call. There was no denying that cyber security risk was one of the biggest threats facing today’s organisations.

That’s when the market for cyber security insurance began to take off.

According to a recent study by PwC, the current cyber security insurance market is around £1.95 billion ($2.5bn) and is expected to triple to £5.8 billion ($7.5bn) by 2020, as more companies recognise the need for coverage and more insurers enter the market. Insurers say every new data breach that hits the headlines drives new demand for coverage. And there is speculation that cyber security insurance will become a regulatory requirement for some industries, like financial services, or that business partners may require it as part of contractual agreements.

So what protection does cyber security insurance offer? Typically, coverage provides protection from the financial consequences of data breaches, including things like security audits, customer credit monitoring services, and legal expenses. That means it usually does not cover longer term damages such as loss of customers, lawsuits, and reputational damage. In the Target and Home Depot cases, less than half the total cost of the breaches was covered by insurance.

Interestingly, cyber security insurance has proved to be a huge challenge for insurance companies and their actuaries. It turns out that applying mathematical and statistical methods to assess IT security risk is not easy. The wide variety of risks posed by cyber attacks, lack of knowledge to assess an organisation’s security effectiveness, and the lack of historical data on breaches has made it difficult to estimate probabilities of loss and loss values. To cope with this uncertainty, many insurers have increased premiums, raised deductibles, and established ceilings on potential losses through restrictive limits, exclusions and conditions. Nonetheless, an estimated one third of large.companies have some form of cyber security insurance.

What do you think? On the surface, increased awareness and focus on risk management would seem like a good thing. But at the same time, cyber security insurance could result in increased complacency once the risk is transferred.

Continue Reading