A cyber-attack can generate a major crisis that could jeopardize the very survival of the company. The main consequences of cyber-attacks:
Cyber liability insurance is a new way to fight a cyber breach.
Data breach is like lightning. You never know when or where it will hit, what damage it will cause. To meet this risk, a new kind of insurance is coming on the market: cyber insurance. This product is an alternative to traditional insurance that only covers physical assets and excludes the protection of digital data.
According to the Ponemon Institute, the financial impact of cyber-crime amounted to nearly 4.8 billion euros in 2016. Faced with the resurgence of cyber-attacks, the protection, and insurance of the digital heritage has become a priority for managers of large companies and SMEs. With this in mind, insurers are developing new offers to offset the losses caused by cyber-offenses (e.g. hacking, data breach, denial of service, viruses) and better support their customers in their cyber-security approach.
While for the moment, large companies are the main consumers of insurance products against cyber risks, the need for protection is growing rapidly for SMEs. As a matter of fact, the US National Cyber Security Alliance reported that up to 60% of small SMEs that suffer cyber-attack, go bankrupt within the first 6 months following the attack. Further, a 2015 study conducted by NetDiligence reported that on average, a cyber breach claim amounts to $673,767 underlying the level of risks that businesses face as a result of possible cyber breaches.
Cyber liability insurance: a booming market in light of economic conditions
According to the Allianz barometer, cyber-crime ranks among the major concerns of companies. An observation that suggests that the potential of the cyber insurance market is expanding at a great pace. Indeed, the rise of social networks, the flight of data to the cloud, the trend towards the digitization of the value chain of companies or the interconnection of information systems, are all factors that make companies vulnerable to digital risks. The EU directive requiring companies to report to victims all breaches of personal data reinforces the impact of cyber-crime on companies’ brand image and the need for insurance.
Insurers increasingly sensitive to business demand
To meet the growing demand of companies protecting against the risks of cyber-attacks, specialized insurers but also generalists do not fail to develop new ranges protection.
On the other hand, due to the absence of historical data on this type of threat, the assessment of the risk and scope of impact remains a complex activity for actuaries. To date, the tariff for this type of protection is calculated on the basis of the size criteria of the enterprises, the nature and quantity of information held, and the degree of dependence of the institutions on their system of protection. For some companies, premiums can reach several hundred thousand dollars per year.
Protection that must be integrated into a real risk management process
While some of the risks can be outsourced to insurers through insurance contracts, companies are not exempt from developing real risk management policies, consistent with their objectives and strategic orientations.
Because of the number of premiums, considered too high for subscribers, large companies are now the main signatories of cyber insurance contracts. Nevertheless, the need for SME coverage is well established. Small businesses are increasingly subject to these types of risks. Being still insufficiently protected, they become easy prey for the aggressors, and all the more so when they maintain close ties – commercial among others – with larger structures. The insurance agents at Densmore Insurance Strategies, Inc understand potential risks you can face in the event of a cyber attack.
In line with the high level of risks resulting from cyber-breach, both large and small businesses must invest heavily in securing their systems against possible breaches. However, this is in itself insufficient, businesses must invest in cyber-insurance as a way of covering any losses that may result from breaches.