Will Cyber Insurance Providers Reward Good Security?

Uploaded on 2015-05-01 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

2_454x340.jpg

Last week the chief of Lloyds of London claimed that his business had seen a 50% increase in demand for cyber insurance products in the first quarter of 2015. The UK government working in partnership with insurance broker Marsh in Marsh has highlighted that around 98% of large UK companies have no form of insurance against a data breach or cyber-attack.
There are three key factors that will drive demand for cyber insurance products in the immediate future:
    1. Data breaches are on the rise and more damaging than ever.
    2. Government is backing the UK cyber insurance industry to become a world leader.
    3. There are sweeping privacy reforms underway in the EU.

So what does cyber insurance actually get you? In an article for legal news site Out-Law cyber liability specialist Ian Birdsey of Pinsent Masons explained, “There is a financial indemnity up to potentially significant levels of indemnity or cover in the region of hundreds of millions of pounds; and access to an expert panel of vendors often at preferential rates in the event of a data breach.” He added, “The underwriting process is also likely to focus on various key aspects of risk management.”
That means you can expect to be able to claim for the financial impact of a breach, which seems like a good safety net. But it’s the underwriting process that raises concerns: What are these “key aspects” of risk management? Would a business judged to be less risky qualify for a lower premium?
 
It’s the second question that is of greatest interest to any IT security professional is, who is looking to do the best job for the business they work in. To take car insurance as an example, customers who use a “dashcam” in their cars recording all of their journeys receive a substantial discount on their premiums. The same should surely applies to those organisations whom have made significant investments to reduce their risk of being the victim of an insider attack, malware or hack?
If you’re now considering cyber insurance to help you respond in the event of a breach be sure to challenge that provider to be clear about the steps you can take with your policies or technology to keep your premium down.
Wallix: http://bit.ly/1OLHDdW

« Hacked. Or, How to Become a Four-Star General
How To Hack a Military Drone »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Security Mentor

Security Mentor

Security Mentor provides innovative, online security awareness training designed for how people learn and work.

Secure Identity Alliance (SIA)

Secure Identity Alliance (SIA)

The Secure Identity Alliance is dedicated to supporting sustainable worldwide economic growth and prosperity through the development of trusted digital identities and the adoption of secure eServices.

Solana Networks

Solana Networks

Solana Networks is a specialist in IT networking and security.

Riverside Research

Riverside Research

Riverside Research is a not-for-profit organization chartered to advance scientific research in areas including Trusted & Resilient Systems.

CSC Cyber Games

CSC Cyber Games

CSC Cyber Games is an innovative platform dedicated to empowering individuals with the tools and knowledge to excel in the ever-evolving world of cybersecurity.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

National Accreditation Authority Hungary (NAH)

National Accreditation Authority Hungary (NAH)

NAH is the national accreditation body for Hungary. The directory of members provides details of organisations offering certification services for ISO 27001.

SaltStack

SaltStack

SaltStack develops award-winning intelligent IT automation software. We help businesses more efficiently secure and manage all aspects of their digital infrastructure.

CyberGuru

CyberGuru

CyberGuru is a service provided by CyberSecurity Malaysia specializing in cyber security professional training and development.

Secure-IC

Secure-IC

Secure-IC provide end-to-end, best-of-breed security expertise, solutions, and hardware & software technologies, for embedded systems and connected objects.

CyberCube

CyberCube

CyberCube provide world-leading cyber risk analytics for the cyber insurance market.

Patriot Cyber Defense

Patriot Cyber Defense

Patriot Cyber Defense is a Cyber Security and Management Consulting professional services firm.

AiCULUS

AiCULUS

AiCULUS is a global technology company that specializes in API security and Risk Management products.

Tetrate.io

Tetrate.io

Tetrate Service Bridge provides enterprises with a consistent, unified way to connect and secure services across an entire mesh-managed environment.

OneStep Group

OneStep Group

OneStep Group are a leading Australian provider of information and communications technology (ICT) services, connecting businesses through technology solutions and support.

Mantra

Mantra

Empower your employees against hackers with Mantra's first all-in-one phishing simulation and cybersecurity awareness platform.