Upwards of $2 billion was taken in by cyber insurance policy premiums from U.S. companies in 2014, and the number will likely continue to grow in the coming decade as even more companies look to insure themselves from future cyber-attacks. The problem, however, is that many insurers are hesitant to write bigger policies because of the enormous risk of a “mega-loss,” such as the hacks suffered by Target and Ashley Madison, that put both the insureds as well as the insurer at huge risk. “Very few people are able to buy as much insurance as they want,” Weatherford says, indicating that the possibility of a large-scale attack means that insurance companies are not willing to offer policies that cover all of the risk. Businesses are more likely to receive adequate insurance policies if they can show there is a robust defense system in place, according to Weatherford.
Hackers unfortunately realize that the cyber insurance industry has not yet caught up, and many are using the opening as an opportunity to stay on the offensive. The best advice: Stay as up to date on security measures as possible and get the most appropriate insurance policy available to cover any losses.