You won’t want to let this policy lapse

By Richard Arneson

If statistical models and tables can be built to address it, there’s probably insurance to cover it…whatever it is. It can be anything from protecting against an automobile-winning hole-in-one at a company golf tournament, to fingers in the event you’re the lead guitarist of The Rolling Stones. The list is seemingly endless, and also silly, at times. Oscar-winning actress Shirley MacLaine allegedly has insurance to protect against alien abduction, and Lloyd’s of London, the king of the odd insurance policy, once offered—and sold—policies to protect movie-goers against death by laughter. Seriously. So, it should come as no surprise to learn that companies can now insure against cyber threats.

According to Rob Smart of Mactavish, a firm that works with many of England’s largest property & casualty insurance companies, said that it’s rare when a customer doesn’t inquire about cyber insurance. Many analysts believe the current cyber insurance market will double in the next eighteen (18) months, from $4 billion to $8 billion in premiums.

While it doesn’t get a lot of press, cyber insurance is more developed in the U.S. than in any other country due, in large part, to 2003 California legislation that requires firms to disclose information related to large data breaches. Many other states have followed suit. Europe is quickly ramping up, too, as a result of privacy and reporting laws that are now even stricter than those in the U.S.

Pricing the premiums proves problematic

The trickiest part of the equation for insurance companies is determining how much to charge for premiums. Basically, all software contains bugs, and many of them weaken and open the door for hackers. And, unlike most other industries, insurance companies don’t have a lot of historical data about cyber threats and attacks from which to pull. And the pace of technological change makes it especially vexing considering future threats are just that—in the future. The most savvy of experts can’t imagine or anticipate every danger that will surface down the road. When a company purchases a garden-variety property & casualty insurance policy, for instance, there is a ton of historical data that helps insurance companies know which events threaten a company and which ones present liability exposures.

Threats don’t discriminate

Another difficulty for insurance companies stems from the fact that cyber attacks don’t work independently. If a company is covered against hail in Texas, it won’t affect the insured in other parts of the country. But a software flaw can make all users immediately at risk, regardless of their location, industry or size. Take, for instance, 2017’s Wanna Cry Ransomware attack. A software vulnerability ended up affecting a quarter of a million computers spanning the globe. It didn’t matter who they were or where they were located.

And if the insurance company hasn’t properly calculated risks and, as a result, has undercharged for premiums, they’ll be left paying out more than they’ve taken in. And insurance companies don’t like to do that.

Here’s another way to protect against cyber threats

To find out how to secure your organization’s network and protect its mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

But it’s just so exciting!

The technology arms race just got amped up

Apparently, cyber attackers also consider imitation to be the sincerest form of flattery

Last week’s DHS “alert” upgraded to “an emergency directive”

The Collection #1 data breach—sit down first; the numbers are pretty scary

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware