Today in this world of fast growing technologies, social media and online transactions, Internet plays an important role in organizations to conduct their business. So, online transactions are prone to cyber-attacks and can cause huge losses to the organizations. As part of risk management plan for the organizations, cyber insurance comes in play, where there is transferring risks.
Cyber insurance does not actually protect the organizations from cyber-crimes, but it can keep the business on the stable financial footing.
The Cyber Insurance Policy, also referred as Cyber Risk Insurance, is designed to help the organizations mitigate risk exposure by offering costs involved with recovery after a cyber-related security breach or similar event. Although cyber insurance policies have been around from past 10 years in the market, but recently market awareness has increased, because of the headline-grabbing cyber breaches that have hit almost every industry.
“The Verizon 2016 Data Breach Investigation Report confirms that companies large and small, across all industries, in all geographies, are at risk of being targeted by a cyber-attack. In fact, it is estimated that 62 percent of cyber breach victims are small to mid-sized businesses. The average total cost of a breach, according to the 2015 Cost of Data Breach Study: Global Analysis, is now at $3.79 million.”
So the demand for cyber insurance in the market is increasing, and also the government is also becoming more active in policing corporate responses to cyber-attacks. There are now many mandatory data breach notification laws in many countries. Lots of well-known insurance companies offer cyber policies, such as Allianz, Chubb Philadelphia and Travelers.
But there is no standard for underwriting the cyber insurance policies. Most cyber policies in the market offer a combination of two types of insurance coverage. First party coverage covers losses of the organizations and third-party coverage which protect against the claims against the organizations by customers or the partners. Besides financial coverage, insurers also provide risk management and post-breach services, including loss-prevention measures and remediation tools.
“THERE IS NO STANDARD FORM FOR A CYBER INSURANCE POLICY IN THE MARKET.”
Cyber insurance covers first-party losses and third-party claims, but general liability insurance covers only property damage. Like in the case “Sony was caught in that situation after the 2011 PlayStation hacker breach, with hard costs reaching $171M that could have been offset by cyber insurance had the company made certain that it was covered ahead of time. During a court case, Zurich American Insurance Company said that Sony’s policy only covered physical property damage, not cyber damages.”
Although some of the standard insurance policies, such as Business Owners Policy (BOP), provide coverage for cyber incidents. If we lost the data due to some hardware failure or computer virus, the insurance pay recovery and replacement costs. This type of cyber insurance policies includes various types of risks like:
· Business interruption
· Corruption of the data
· Identity theft
· Cyber extortion
· Reputation Recovery
Many insurance companies also offer pre-breach and post-breach services, like monitoring, incident response and many more. So, insurance companies have started hiring more cybersecurity specialists and it bring many opportunities for cybersecurity startups also.
But certainly, the way we look at the risk, it is evolving and Cyber Insurance has a played a very important role in organization’s overall risk mitigation strategies. The extent to which it will enable us to better assess and ultimately combat the rising threat landscape we are facing is still to be seen.
0 comments:
Post a Comment