In the United States cyber cover has grown to be a market worth more than $ 1 billion in annual premiums, but Europe has not followed suit, even after a series of high profile, costly, hacking incidents.
24 June 2013
European insurers have received a shot in the arm to bolster their cover for companies prone to cyber crimes and hacking. This comes after Sony dramatically illustrated the potential dangers of hacking raids on corporate data, the European Union is working on regulatory requirements which threaten heftier fines on unprepared companies. Some of the prominent corporates affected by cyber crimes include Apple, Facebook, Twitter etc. “Any high value organization has been or will be attacked soon and that is almost certain in today’s world”, William Stewart, leader of Booz Allen Hamilton’s Cyber Technologies Excellence says. Fear of a cyber attack is a huge business risk that CEO’s are worried about, as per a study sponsored by American International Group. The rising cyber crimes are driving business to the insurance industry. Cyber insurance policies have been around for a decade, but have not seen any growth. In the United States cyber cover has grown to be a market worth more than $ 1 billion in annual premiums, but Europe has not followed suit, even after a series of high profile, costly, hacking incidents. The U.S. growth came only a decade after insurers first started offering policies to cover the so called cyber risk. “If I was to compare the UK and European market now with the US market, we are here, where they were back in 2004 to 05,” said Stephen Wares, a cyber risk specialist at insurance broker Marsh.
“There was a day when IT related risks seemed to exist only for computer and technology firms, now the reality is that any company which has a collection of online data or stores information and companies using their own computer network in their operations have this risk”, a spokesperson from a leading network security provider said.
A UK government report said 93 percent of large businesses employing more than 250 staff had a security breach during 2012 and affected firms also said the recurrence of such incident is very high, more than 50 percent than the previous year. The research also said the average cost to a large organisation for its worst security breach during the year ranged between £ 450,000 and £ 850,000. There are also reputational damages to the affected firms, which cannot be quantified or assessed. “The costs resulting from a data breach can run into millions” said Laila Khudairi, an underwriter for Kiln Group working at the Lloyds of London insurance market. The insurers opine the demand is concentrated at present among companies in sectors which hold personal or financial data which can be hacked by criminals.
Now, what can companies expect from a Cyber Liability Insurance?
Cyber Liability cover for companies (depending on the size, nature of business and area of operations) may include business interruption coverage, which covers reimbursement for lost revenues resulting from an attack, security and privacy liability, which will provide protection for claims on lawsuits arising from an actual failure or alleged failure of computer security, cyber extortion coverage, which will cover ransom or investigative expenses associated with a threat and information asset coverage providing reimbursement for the actual and necessary costs incurred to restore an organization’s information and computer system needs.
In Europe when insurers contacted how many corporate clients have cyber cover they put the proportions between 5 to 12 percent, compared with at least 30 percent in the United States. Some industry experts opine that the rising demand for insurance does not yet yield big returns for insurers and warn the risks are difficult to quantify because they are still not well understood. The cyber insurance market in the U.S. is worth about $1.3 billion in annual premiums, up by a third since 2012, according to a report by Betterley Risk Consultants.