A year on from Brunel’s initial anticipation of strong growth in the demand for Cyber Liability Insurance, there has been a steep rise in the number of cyber attacks and data losses around the world.
As the global economy begins to fully embrace the technological revolution, this emerging risk is being pulled to the forefront of corporate minds. The Allianz Global Corporate & Speciality‘s most recent risk barometer survey ranks cyber-crime 5th in its top 10 business dangers for the UK, closely followed by loss of reputation or brand value at number 6.
As the Internet evolves, the sheer volume of cyber crimes grows and exposes businesses to new threats on a daily basis. Businesses are at risk 24 hours a day, 7 days a week with hackers across the world being able to target them at any time of the day. Large blue-chip companies can often be a focal point of such attacks, as seen recently with the Sony Pictures incident where very sensitive data was leaked publicly.
The latest incident in the public eye is that of top 50 broker Staysure. Hackers hit the insurance broker which held over 3 million customer records including personal data such as credit card details and medical records. Due to the company failing to keep the data secure, hackers had access to 100,000 credit card details, thousands of which were used for fraud. The Information Commissioner’s Office (ICO) has issued Staysure with a £175,000 fine which they believe fits the severity of this exposure. The incident occurred when Staysure failed to update and maintain their security systems – a fundamental procedure for any company which transacts business online. Unsurprisingly this major flaw in the business led them to breach the Data Protection Act and the penalty incurred by the ICO should set a precedent for future negligence of this nature.
Attacks can happen in a myriad of ways including hacking, theft of computers and software viruses/malware. The 2014 data breach report by Verizon shows more than 1,300 confirmed data breaches as well as more than 63,000 reported security incidents which highlight the clear need for professional’s awareness of cyber crime.
Business interruption and brand reputation are just two areas in which a Cyber liability insurance policy can help to protect businesses. It is a common misconception that only large organisations suffer losses of this nature but in fact smaller businesses can be even more at risk.
Hackers are aware that smaller companies will often have lower levels of online security, and hackers are not concerned that their attacks can not only ruin brand reputation but also the livelihoods of those involved. Surviving cyber hacks can be a serious issue for a smaller company. It can be financially crippling to get back up and running.
Symantec reported that over a third of global targeted attacks were aimed at businesses with less than 250 employees.
“Cyber risk will certainly be one of the biggest challenges to the insurance market in 2015. Cybercrime is a moving beast, making it impossible to quantify the risks neatly or to calculate them in an informed or consistent manner.” Said Shaun Crawford, global head of insurance at Ernst & Young.
Benchmarks have not yet been established to determine the level of cover firms should look to carry for this area of risk or whether they should be a regulatory requirement for certain professions. The EU General Data Protection Regulation (GDPR) is set to pass through the European Parliament in 2015 which will change the stance of insurers once the initiative to simplify data protection comes into action.
John Stagg, Associate Director at Brunel comments, “Often the news headlines will highlight data breaches that multi-nationals face whilst ignoring the genuine threats to smaller businesses. Once your data has been breached hackers have access to a wealth of personal and private information about your clients, including addresses and bank details. Recovering from a data breach can cost companies thousands of pounds in fines and lost reputation. It can effectively cost you your business. Cyber liability exposure is unquestionably real, relevant and here to stay.”
Using the right specialist broker is vitally important; most Cyber liability policies cost a fraction of Professional Indemnity Insurance and is a key protection for businesses of any size.