Similar to the concept of other insurances, cyber insurance has already become a norm in US and other countries. However, the benefits of cyber risk insurance are yet to be harnessed in countries like India. This article explains why your business needs cyber risk insurance.
There is hardly any week where we cannot find media news report on hacker attacks involving denial-of-service (DoS) attacks or Internet data security breach. In various media news or report, we can find numerous cyber attacks on small, medium and MNC’s cutting across borders in every country. According to the PriceWaterhouseCoopers report in ‘The Global State of Information Security Survey 2015′, the estimated average financial loss is USD 2.7 million globally.
The survey report further states that companies in India, Hong Kong and China have witnessed the highest number of cyber attacks linked to nation-states. This is a 34 percent increase over the last year 2013. Suppose if you were the CEO or CFO and your organization’s operation was disrupted by a massive hacker attack or cyber-war attack from state and non-state hackers and then how would you make up for the loss that was caused by the financial aspect?
As a matter of fact in a hacker attack on an organization, there are various losses in terms security and privacy breaches, potential lawsuits, damage to your organization’s reputation and brand, regulatory fines, hardware upgrades, software patches in terms of protection and recovery. Literally, it’s a million dollar question! So have you thought how would you foot the bill for these losses?
CYBER LIABILITY INSURANCE
In the event of data breaches and other malicious attacks, various insurance companies in the United States, are offering cyber risk insurances. As security risks and vulnerabilities continue to increase, today – the business organizations are not only looking at the cyber risk management strategies but also from their insurance coverage. A research study conducted by the ‘Ponemon Institute’ reported that 70% of the respondents have already an cyber liability insurance or have planned to have one within the next couple of years.
To understand and access how insurance can be a crucial part of a organization’s cyber risk management strategies, companies should be aware of two general categories of insurance – namely:
- The ‘traditional’ insurance policies such as the Commercial General Liability (CGL) and property insurance
- The policies specifically designed to cover cyber risks through cyber policies known as Cyber Liability Insurance (CLI).
LIVE & HAPPENING
In today’s context, third-party cyber risks exist for any business. For example, any company that stores sensitive health information or personally identifiable data, non-public information like bank account numbers, credit card numbers, or social security numbers, are liable for third-party cyber risk.
In brief, every company is vulnerable to certain cyber risk threats. Hence it is crucial for an organization to assess its threat exposure, privacy risks and security profile, and tailor its insurance coverage to its specific requirement. In this context, it’s equally crucial for CIOs and CISOs to carefully consider cyber liability insurance as a risk management tool and to have a priority in the company’s insurance planning. There are experienced coverage counseling experts who can provide meaningful inputs on proposed policy language and how that will serve a company’s requirement.
Given the ever-increasing landscape of cyber risks and cyber threats, it is important that right from CEO, CISO, CSO, CIO, CTO, CFO, to the enterprise security executives planning and developing cyber risk management strategies should be aware and familiar with the categories of cyber liability policy insurance which are in the company’s interest and carefully weigh the options available to them.
Overall, the cyber insurance is a way to reduce the financial loss from cyber security problems. This is in-deed worth its money for companies who have insured for cyber liability risks. Technically speaking, this concept is not perfect, but the insurance gives companies an extra relief bearing huge costs due to the cyber attacks. So in terms of defenses against the cyber attacks the insured companies have a backup plan for the financial loss and reputation. Having financial security (through cyber liability insurance) for the small-time companies all the time is a good defense against all odds.
© INFOSECURITY LIVE. BitStream Mediaworks Pvt Ltd.