2015 was a very busy year in the cyber realm. As data breaches and other forms of cyber attacks increased in both number and severity, companies ramped up their security measures in response. According to a new report, cyber security will become even more sophisticated in 2016 with cyber insurance moving to a ‘must have’ for most companies. 85 percent of U.S. corporations with at least $100 million in annual revenue have already purchased cyber or data privacy insurance. Of that number, 44 percent have filed a claim after a breach. However, while midsize corporations cite cost as the biggest obstacle to purchasing cyber insurance, both price and minimum requirements are expected to increase in the new year.
Another main prediction for 2016 is that enterprises will have to meet more thorough and specific security requirements to be eligible for cyber insurance. Thus, companies will have to increase their security measures to purchase coverage. This also means that in the future, insurance companies “will refuse to pay for breaches caused by ineffective security practices.” Additionally, Bonnie Gardiner of CIO explains that new “actuarial models” to predict risk will be based on many factors including market cap, risk profile, targeting profile, responsiveness, value of stored data, level of security training for employees and much more. With a more complex tool to gauge cyber risk, more customizable policies can be made for companies.