Cyber-security and insurance make the perfect partnership. Cyber crime is growing rapidly. Indeed, there has been a 67% increase in security breaches over the last five years according to the 2019 Cost of Cybercrime study from Accenture. Based on the statistics in this report, there is no doubt about the need to increase cyber security. Firms must take action to prevent the attacks happening in the fist place. But what if they do? Cyber criminals are often one step ahead of the preventative activities, so having the right insurance in place as well just makes sense.
This info-graphic from the Accenture study highlights both the diversity and growth of cyber threats:
The significant growth in ransomware attacks shown above was also underlined in the report from McAfee that uncovered Ransomware Resurgence.
The Forbes Article, Cybersecurity Trends and Best Practices outlines some sensible best practices that should be introduced to reduce business vulnerability to cyber-attacks. Notwithstanding all these preventative actions, the article author still maintains “Losses are inevitable, no matter how much a company tries to shield itself from cyber attacks”. This is where insurance comes in.
There is common agreement that it is impossible to stay ahead of people wanting to do malicious damage. One of the key findings of the McAfee report was that cyber criminals are adopting new tactics and code innovations. Taking as much preventative action as possible is essential, but so is having protection in place if the worst happens.
The first step appears to be ensuring Business Leaders take this threat seriously. The article AXIS challenging cyber risk perception quotes a report that found most executives are spending less than a day on cyber-risk. Most seem to be working on the premise ‘it won’t happen to us’.
Quoted in this same article, Andrew Maher, a senior underwriter in the cyber division of AXIS said “everybody is going to have a breach and it’s not a question of ‘if’ but ‘when’.” Whilst this may be an overstatement, it really does make sense to get protection in place. Why take the risk? One of the Top Four Security Predictions for 2020 is that cyber insurance will gain adoption. Makes sense to me.
The risk of not having cyber security and insurance
We started this blog with the premise that cyber security and insurance together make a great partnership. However, we have also noted that many business leaders are not taking the threat seriously. On that basis, it is worth concluding with a cautionary tale from Travelex. The title of the press coverage says it all, Travelex Cyber-attack underlines the need for business to mitigate risk. Over the New Year Travelex, which has more than 1,200 branches and 1,000 ATMs spread over 70 countries, suffered a hack in which the gang demanded payment of £4.6 million and threatened to release up to 5GB of customers’ personal data. Cyber attacks are certainly not just threats, they do actually happen.
At the tail end of 2017, we outlined the opportunities for the insurance market in our blog Emerging Technologies – risk and opportunity. In this we highlighted that, with increased dependence on new technology, comes the increased possibility of cyber-attacks. Two years on and these threats have increased, so let’s hope Business Leaders start to take notice.