Insurance covering cybersecurity is a growing issue and more companies are staring to either look at it or talk about it.
Maybe they should because as attacks get more sophisticated and targeted and potentially can hit anyone anywhere, insurance is a good protection factor that could keep businesses afloat if there is a devastating loss of business continuity.
That all becomes interesting because half of U.S. firms do not have cybersecurity insurance, despite the fact 61 percent of U.S. firms expect the volume of cyber breaches to increase in the next year.
These findings come from a new survey conducted by Ovum, which also found even among those that have insurance, only 16 percent said they have cybersecurity insurance that covers all risks. This puts the U.S. behind the UK and Canada.
In the U.S., the healthcare industry is particularly behind on protecting itself with cybersecurity risk insurance. None of the healthcare firms represented in the survey have insurance that covers all risk, while 74 percent have no cybersecurity insurance at all.
“With so many firms concerned about a rise in the likelihood of cyber breaches in the next year, it’s troubling to see that half of them don’t have any cybersecurity insurance protection,” said Bob Shiflet, who oversees fraud and financial crime solutions at FICO. “There are steps the insurance industry can take to make guidelines clearer and explain premium adjustments, but companies need to be willing to dedicate the resources required to protect themselves from the breaches they themselves see as likely, if not inevitable.”
U.S. executives identified several ways by which the risk assessment process insurers use could improve. Twenty-nine percent said insurers should provide clear guidelines about how premiums are chosen, 28 percent would like clearer communications as to why premium adjustments happen and 23 percent would like insurers to introduce an industry standard for benchmarking cybersecurity risk.
Ovum conducted the survey for FICO through telephone interviews with 350 CXOs and senior security officers based in the U.S., Canada, the UK and the Nordics in March and April 2017.
Click here to register for a white paper on “What the C-Suite Needs to Know about Cyber Readiness.”