The increase in cybercriminal activity has sparked an interest in cyber insurance coverage. Cyber risk professionals are beginning to place more emphasis on educating insurance agents and brokers as well as business owners on cybercrime and cybersecurity. David Derigiotis, director of the Professional Liability Center of Excellence at Burns & Wilcox, explains that cyber policies are unique and complicated, making it necessary for the insurance industry to help businesses understand the complexity of cyber risks. He also explains how to tailor cyber coverage specifically to the needs of the client. As the average total cost of a data breach continues to escalate, cyber insurance is predicted to follow – growing from $2.5 billion to $7.5 billion in the next four years. Despite this growth in cyber insurance premiums, there remains a “lack of understanding regarding cyber liability policies and deficiencies in the industry’s ability to convey the true value of cyber products to clients.” As a result, it is pivotal that insurance professionals understand the complexity of these issues, which will in turn lead to a solid cybersecurity foundation among business owners and risk managers.
Cybercriminals are constantly evolving their tactics and methods of attack as the scale of cybercrime increases in size, volume and sophistication. This further emphasizes the importance that insurance agents and brokers fully understand cyber liability to help tailor a policy that addresses the cyber risks of each individual organization. Derigiotis gives us three of the most pressing cyber threats businesses face today:
EMV and its effect on e-commerce: As the United States shifts from magnetic strip credit cards to chip-and-signature technology, cybercriminals will likely drift away from exploiting card-present transactions to card-not-present transactions, specifically ecommerce purchases. This transformation will increase the need for organizations that do business online to fully understand the risk they will soon face. It is imperative that the insurance industry educates those in ecommerce on the importance of sound cybersecurity practices as well as the need for cyber insurance coverage.
Healthcare breaches accelerating: While 35.5 percent of all data breaches are targeted at the health care industry, 66.7 percent of all compromised records involve health care related data breaches. Personal health care information has a much longer life span on the dark web when compared to stolen payment data and personal health care information can be worth 10 times more.
Growing Internet of Things: New (and unexpected) devices are constantly being connected to the internet and with each other. In fact, Cisco estimates that the number of devices connected to the Internet of Things will reach 50 billion by 2020 – up from 15 billion today. “This type of interconnectivity creates new entry points to an organization and expands the perimeter that must be constantly protected,” explains Derigiotis. With the Internet of Things increasing at such a rapid rate, and employees using more devices to connect to company cloud servers, cybercriminals will have increased access to valuable customer data and private company information. This only further exemplifies why the insurance industry must understand cyber risk and where the threats are coming from.