High-profile hacking events this years is not only directly costing million of Euros to the affected companies, it is also affecting the rest of us. Reuters recently published an article stating that cyber-insurance premiums are on the rise to the point that some companies are struggling to find the money to buy appropriate coverage. Insurance companies are also being more selective with the policies they offer, and might impose maximum payout ceiling on risky companies. This year we also had the very publicised case in the USA, where the insurer claimed that its client didn’t have the appropriate security controls, therefore, didn’t qualify for insurance protection according to the contract.
Investing in an appropriate security strategy not only can lower the insurance premiums but it can also help to select the appropriate cyber-insurance policy. Unfortunately, is estimated that only 2 percent of UK companies are insured against the consequences of cyber-attacks. The UK government estimates that up to 60% of small businesses and over 80% of large businesses had data breaches in 2014.
Although we cannot do much against the rising costs of insurance, we can still minimise the risks by having an effective IT Security policy in place.