Cyber Insurance

How do major data breaches affect cyber insurance?

Ben Fagan | September 15, 2014

InsuranceButtonGraphicThere is no denying that cyber security issues have captured headlines over the course of the year. From the highly public Heartbleed bug to major data breaches affecting some of the largest names in business, there has been increased focus on data security. As we have noted in previous posts, in the wake of these events and in the face of new threats, cyber insurance has emerged as a viable option to transfer the risk of financial losses related to data loss. In just the past week a White House official went as far as to say that cyber insurance will be standard for businesses by 2020, just as property or liability insurance is now. But as the cyber insurance market continues to grow, how will large scale breaches affect the industry?

As we wrote about in August, the retail industry is averaging a breach a month. Healthcare has also been affected by this trend, as evidenced by the major breach affecting patients of Community Health Systems. In conjunction with these highly public breaches, the demand for cyber insurance has skyrocketed. According to a recent Marsh report, “As cyber incidents increased in frequency and severity in 2013, the percentage of companies that purchased cyber insurance rose by double digits. Early signs in 2014 indicate that the trend is not just continuing but accelerating.” It is clear that persistent cyber threats are prompting companies to consider cyber insurance, and are leaving insurers to figure out which companies to insure.

This fast increase in demand means insurance companies need tools to quickly analyze the cyber security posture of potential insureds. Questionnaires and tests can provide valuable information on a company’s security posture yet they only provide a point-in-time view. One way to gain unbiased and quantitative evidence is by leveraging external internet data to gain a historical view of security performance over time, and compare this performance to peer and industry averages. This information can also be leveraged to reduce claims costs and monitor the security of companies that have already been insured. By quickly, effectively and quantitatively assessing risk of current and potential insureds, insurers and brokers can stay on top of monitoring risk and better reduce claims losses. As the demand for cyber insurance climbs, insurers can truly change the industry by bringing actionable metrics into both underwriting and holding cyber liability.



Suggested Posts

A Security Score vs. A Security Rating: What’s The Difference?

This post was originally published July 18, 2016 and has been updated for accuracy and comprehensiveness.


As Cyber Insurance Claims Soar, Businesses Need to Demonstrate a Standard of Care

Hardly a day goes by without the emergence of a disturbing new trend in cyber crime or headline-grabbing hack. Hackers are getting smarter and threat vectors are constantly evolving. The escalating threat is forcing businesses to file more


BitSight EXCHANGE Sound Bites: Transferring Risk Through Cyber Insurance

In the months since BitSight’s inaugural EXCHANGE forum inaugural EXCHANGE forum, we have been digesting and processing the incredible sessions and discussions that came about from this forum. It was a great event that brought together...


Subscribe to get security news and updates in your inbox.