Risk in the World of Cyber Insurance
Maybe you have cyber insurance to cover you in the event of a data breach. More than likely, you don’t. 50% of US companies don’t have cyber insurance and 27% say they have no intention of getting a cyber insurance policy, despite the rise in data breaches. But after last year’s Equifax breach, the reality of the damages that happen with data loss has become all too apparent. And this has caused many major insurance companies to begin offering cyber insurance to cover those damages. This is, after all, a large market with plenty of opportunities. But do these companies truly understand risk when offering these policies?
A typical insurance company, when offering a standard policy, will look at the past to predict future risk. If you are purchasing health insurance, for instance, you may need to get a physical and present past medical records so they can determine how likely it is you will need medical care in the future. And this works for most policies.
But cyber insurance is a different type of policy altogether. No two data breaches are exactly the same, making predicting risk much more difficult. Unlike 20 years ago, when cyber insurance was first offered, today companies often offer coverage for business losses due to system failures, first-person liability, online extortion, or even IT configuration errors. These policies have a large coverage scope, and today’s data breaches are much more complex than they were 20 years ago.
Data on Hacks and Breaches
If risk prediction wasn’t hard enough, the companies that don’t have cyber insurance rarely report breaches. This means there are gaps in the overall data that companies can access. And gaps in data means a higher difficulty in creating an accurate prediction model. Unlike homeowner or auto, which has ample data on accidents, cyber has almost no data to base predictions on.
Many companies will spread out policies over a large geographic area, lowering their own risk of having large payouts if, say, an earthquake hits. But cyber attacks don’t discriminate. Often, a cyber attack such as WannaCry will hit companies of all sizes and sectors, meaning the insurance company faces an enormous payout they can’t predict. This can put a strain on an insurance company’s financial ability to cover insurance payouts.
What is the Solution for Cyber Insurance?
The best solution is to select a company that has partnered with a security firm. This means a double-sided defense – better technology to protect against attacks with an accurate, customized risk profile and insurance tailored to fit your risk needs and cover your business in the event of a breach. Here at SecureFLO, we have partnered with premium cyber insurance to assist your business, no matter the size, or risk profile.