Business take-up of cyber insurance set to rise dramatically as next generation threats present fresh challenges
Specialist insurer Allianz has warned that businesses have to ready themselves to face the next generation of cyber threats.
And it added that more and more companies will opt for specific cyber insurance policies, but these must be used hand-in-hand with improved IT security procedures.
The warning came in a new report from Allianz Global Corporate & Speciality (AGCS).
It said that today’s cyber risks are evolving far beyond the data breaches, privacy issues, reputational/operational damage, business interruption and even potentially catastrophic losses that businesses are traditionally facing today.
Instead, future threats will come from intellectual property theft, cyber extortion and the impact of business interruption following a cyber-attack or from operational or technical failure.
And the threat is real and growing.
The report cited research from CSIS/McAfee that found that currently cyber-crime alone costs the global economy approximately $445 billion (£290bn) a year. In the UK alone, the cost of cyber-crime is an estimated cost of $4.3bn (£2.8bn).
Businesses will therefore have to increasingly consider special cyber insurance policies because of tougher data protection rules, but these insurance schemes must be used in conjunction with improved IT security, said Allianz.
Earlier this year, a government report found that British companies are putting themselves at significant risk due to a lack of proper insurance protection against the effects of cyber-attacks.
That report, published in conjunction with insurance brokers Marsh, found that only two percent of large British firms have protection against cyber-attacks, with almost no small businesses set up in case of emergency.
“As recently as 15 years ago, cyber-attacks were fairly rudimentary and typically the work of hacktivists, but with increasing interconnectivity, globalisation and the commercialisation of cyber-crime there has been an explosion in both frequency and severity of cyber-attacks,” said AGCS CEO Chris Fischer Hirs.
“Cyber insurance is no replacement for robust IT security but it creates a second line of defence to mitigate cyber incidents,” said Fischer Hirs. “AGCS is seeing increasing demand for these services.”
Currently it seems that fewer than 10 percent of companies are currently purchasing cyber-specific policies. But AGCS forecasts that cyber insurance premiums will grow globally from $2 billion (£1.3bn) per annum today to over $20 billion (£13bn) over the next decade.
“Growth in the US is already underway as data protection regulations help focus minds, while legislative developments and increasing levels of liability will see growth accelerate in the rest of the world,” said Nigel Pearson, cyber insurance specialist at AGCS.
“There is a general trend towards tougher data protection regimes, backed with the threat of significant fines in the event of a breach,” said Pearson. He cited Hong Kong, Singapore and Australia are example of countries already enforcing new laws. The European Union meanwhile is looking to agree pan-European data protection rules.
Are you a security pro? Try our quiz!