Cyber Insurance and the Continuing Threat of Attacks

Cyber attacks continue to make the news, but more importantly, they are a growing concern and a growing cost to many companies in the US and abroad. Cyber crimes have caused a rise in the sale of cyber insurance due to the escalating frequency of attacks that have even posed a growing threat to our national security from attacks within and outside of the country.

The continued occurrence of serious data breaches, including the Sony Pictures hack that resulted in the canceled theatrical release of “The Interview“, a satirical film about North Korean leader Kim Jong-un, and the Home Depot, Staples, and Target data thefts, impacting hundreds of millions of consumers and several financial institutions, has certainly brought to the forefront the many complex issues of cyber security and the protection of sensitive personal information.

Because of the many high-profile cyber incidents that occurred in 2014 agencies have seen even more of a demand to provide their clients with options on coverage to help pay the costs of these expensive breaches for everything from point-of- sale (POS) breaches against customer accounts to targeted denial-of-service attacks intended to disable a company’s network and cause wide-spread panic.

Most companies turning to cyber solutions to help pay costs

Insureds sought financial protection through insurance in larger numbers, due in part to the attacks against major companies. Meanwhile many smaller businesses were overwhelmed by cyber theft occurrences in medical offices, retail sales divisions, and a host of other outlets. In 2014 alone, the number of U.S.-based Marsh clients purchasing standalone cyber insurance increased 32 percent over 2013, according to the report Benchmarking Trends: As Cyber Concerns Broaden, Insurance Purchases Rise, by Marsh USA.

Most of these large breaches drew attention for their effect of raising the level of attention given to cyber risks within companies, and for spurring changes to payment card systems in the U.S. and beyond. Along with any disruption resulting from cyber crimes and the ensuing reputational damage, many companies experiencing a data breach could also find itself attracting the unwanted attention of regulators, including the Federal Trade Commission.

Insurers responded to this demand by offering broader cyber insurance coverage in 2014, including coverage for contingent business interruption (CBI) and cyber-induced bodily injury and property damages and this trend has continued throughout the first quarter of 2015.