INSURING FOR A CYBER BREACH
As we have seen from the many frequent and damaging attacks to hit the headlines in recent years, cyber crime and data breaches are some of the fastest-growing threats that businesses face. From the small ‘one man band’ to the multinational organisation, this threat looms large.
Common types of attacks include DDos, phishing scams, internal malfeasance and malware. Firms can always do more to protect their assets, be they intellectual property, customer data or their staff’s personally identifiable information.
First, companies should ensure that they are compliant with existing cyber security legislation. Engaging employees at every level of the organisation, from senior management to the ‘coal face’, will ensure that cyber risk management is not only taken seriously across the board, but is also considered a firm wide issue, rather than just an IT concern.
It would also behove companies to share attack data with the rest of their industry. A lack of information sharing can create knowledge gaps. Disseminating data helps other organisations understand the threats posed by cyber criminals and how to counter.
Adopting a holistic approach
Companies need to do more to protect themselves and their assets since it is extremely likely they will be breached in the future, if they have not already. Indeed, no company can ever be completely isolated from the threat of a cyber breach. As such, companies must take several steps when breached, from owning up to any attack they have suffered, to mitigating the damage done in the aftermath Companies must have contingency plans in place for when a breach occurs. They should also have adequate cyber insurance in place.
From a little known market a few years ago, cyber insurance has grown exponentially. The US market alone was worth around $2.5bn in 2015. PwC estimates it will be worth around $7.5bn by 2020.
Jan-Mar 2017 Issue
Richard Summerfield