PREVENTIVE MEASURES - Future of Cyber Insurance

Size, scope and future of cyber insurance

In its current state, the cyber insurance industry is relatively small compared to other types of commercial coverage. Many companies have yet to accept that the cost of buying cyber protection would compensate for losses due to data breaches and other cybersecurity threats. Small and medium enterprises, those that would benefit most from cyber coverage, are less likely to buy this type of protection because their budgets are smaller and do not understand the risks involved. Despite the availability of cybersecurity in the last 20 years, companies have been slow to adopt it as a standard practice.

But that attitude is changing in the wake of high-profile cases, such as Target, eBay and Sony Pictures. Hackers target larger brands and larger corporations, and they succeed. In its document on the growing threat of cyber risk, the Insurance Information Institute noted that cyber risk ranked 8th in a list of the top 10 business risks according to the annual Allianz Risk Barometer Survey in 2014. In 2013, cyber risk ranked 15th, indicating a growing concern for cybersecurity among business leaders. A separate report in May 2014 by PWC also found that cybercrime was classified as a high-level global threat. And not only companies need protection. Governments around the world continue to face increasing threats from hackers, who attack for monetary, personal and political reasons.

As more companies are hacked and more companies have to disburse funds to recover from substantial losses, cybersecurity will see an increase in popularity. In 2014, the insurers of the United States subscribed $ 2.5 billion in cybernetic policies. By 2020, cybersecurity premiums are projected to increase to $ 7.5 billion annually, an increase of three times in just six years. In a separate report, the German insurance company Allianz estimated that cyber insurance could increase to about $ 20 million by 2025. More companies are taking note of the threats posed by cybersecurity problems, and are enrolling in liability insurance cybernetics before it's too late.

Even so, there is a lot of ambiguity when it comes to drafting policies, especially when it comes to risk assessment. Companies are not sure how to measure their threat levels and insurers do not have a standard model for estimating risk. In the past, insurers have been as reluctant to offer cybersecurity as companies to adopt it, largely because of the uncertainty generated by underwriting a non-specific disaster area.

Cyber risk is also difficult to calculate since each instance of theft or non-compliance has different consequences depending on the size and scope of the company. Unlike other forms of insurance, cyber insurance has relatively few precedents and no standard cost. However, the picture is changing, as larger data breaches affect larger companies and cyber risks increase worldwide.

Insurers may face another type of problem in the next five years. Non-insurance competitors, such as Google and Yahoo, can develop their own cybersecurity initiatives to compete with an unknown market. Today's young professionals, those between 20 and 30 years old, implicitly rely on entities like Google on traditional insurance companies, which could make it difficult, for example, for AIG to sell cyber products. In addition, technology companies may be better able to offer these products because they can assess risk more accurately.

With the high cost of cyber insurance and its unknown intrinsic value, at least according to many companies, there is still substantial room for improvement in this ever-growing industry. Cost may be one of the biggest arguments against cyber protection, but there are ways that companies can reduce their premiums and mitigate the cost of coverage. These include:

• Install high-level security software packages throughout the company's technology, including office computers and mobile devices

• Periodically update computer systems and replace obsolete or malfunctioning equipment with more secure updates.

• Perform routine scans to prevent, trap and destroy incoming threats as they occur

• Comply with all local, state and federal regulatory procedures related to cybersecurity.

These suggestions will not only reduce the cost of monthly premiums, but will also reduce the risk of cybercrime in general. Just as individual consumers get discounts for safe driving practices, commercial customers will be rewarded for a constant effort to reduce the scope of cybersecurity risks.