The average cost of a ransomware attack is $1.85 million and 22 days to recover. If you’re looking for cyber insurance coverage to protect yourself, download our ebook to learn how to strengthen your cybersecurity program to influence coverage.
How do major data breaches affect cyber insurance?
Tags:
There is no denying that cyber security issues have captured headlines over the course of the year. From the highly public Heartbleed bug to major data breaches affecting some of the largest names in business, there has been increased focus on data security. As we have noted in previous posts, in the wake of these events and in the face of new threats, cyber insurance has emerged as a viable option to transfer the risk of financial losses related to data loss. In just the past week a White House official went as far as to say that cyber insurance will be standard for businesses by 2020, just as property or liability insurance is now. But as the cyber insurance market continues to grow, how will large scale breaches affect the industry?
As we wrote about in August, the retail industry is averaging a breach a month. Healthcare has also been affected by this trend, as evidenced by the major breach affecting patients of Community Health Systems. In conjunction with these highly public breaches, the demand for cyber insurance has skyrocketed. According to a recent Marsh report, “As cyber incidents increased in frequency and severity in 2013, the percentage of companies that purchased cyber insurance rose by double digits. Early signs in 2014 indicate that the trend is not just continuing but accelerating.” It is clear that persistent cyber threats are prompting companies to consider cyber insurance, and are leaving insurers to figure out which companies to insure.
This fast increase in demand means insurance companies need tools to quickly analyze the cyber security posture of potential insureds. Questionnaires and tests can provide valuable information on a company’s security posture yet they only provide a point-in-time view. One way to gain unbiased and quantitative evidence is by leveraging external internet data to gain a historical view of security performance over time, and compare this performance to peer and industry averages. This information can also be leveraged to reduce claims costs and monitor the security of companies that have already been insured. By quickly, effectively and quantitatively assessing risk of current and potential insureds, insurers and brokers can stay on top of monitoring risk and better reduce claims losses. As the demand for cyber insurance climbs, insurers can truly change the industry by bringing actionable metrics into both underwriting and holding cyber liability.