With businesses around the world becoming increasingly aware about the threat of hackers and cyber terrorism, it appears more organisations are looking to protect themselves from these risks.
Cyber insurance has been around for about 10 years, but both large and small businesses have been slow to recognise its importance. However, this attitude appears to be changing with businesses looking to manage the risks of data breaches more effectively.
In fact, this year gross written premiums on the global cyber insurance market are expected to be well above $2billion for the first time. Geoff White, underwriting manager for cyber, technology and media at Lloyd’s syndicate Barbican, told the Telegraph the market had “increased dramatically”, with gross written premiums rising sharply every year since 2009.
It appears that continuing cyber-attacks are the driving force behind the rise in the cyber insurance market. The UK government’s 2014 Information Security Breaches Survey showed the number of security breaches affecting UK businesses decreased slightly, but there has been a significant rise in the cost of these individual breaches.
Businesses badly damaged by cyber attacks
Some 10% of organisations that suffered a breach in the last year were so badly damaged by the attack that they had to change the nature of their business. The latest statistics show that 81% of large organisations had some kind of security breach in the last year while 60% of small businesses were also affected.
The average cost to a small business of its worst security breach of the year is £65-£115k, which is up from £35-£65k a year ago. Attacks by outsiders continue to cause the most security breaches to all organisations, with malicious software an increasing means for such attacks.
The average length of the worst breaches disrupting businesses’ operations has also increased to 7-10 days for small businesses and 5-8 days for larger companies. For small companies the average cost was £3,500 – £7,000, which is incredibly ten times the average of £300-£600 in 2013.
Although it’s difficult to quantify, there is no doubt one of the biggest effects of a cyber-attack on a business is the damage to an organisation’s reputation. It is very difficult to regain the confidence of customers after a company has lost key personal data in an attack.
Therefore, the option of using cyber insurance is likely to become more and more attractive to many smaller businesses, which are particularly vulnerable in the exposed digital environment.
What does cyber insurance cover?
At the moment the market for cyber insurance is in its infancy, but a policy could cover a business for:
- Data breach – If a hacker steals customer data from your system
- Business interruption – If your company needs new computer equipment while an investigation into cybercrime is on-going
- Multimedia Liabilty – An accidental infringement of a trademark for example on your website
- Cyber Extortion – Covering ransom payments to third parties incurred in terminating a security threat
What do you think about the threats of cyber-attacks against businesses? Let us know in the comments section below.