Continued and sustained cyberattacks
are having a ruinous effect on enterprises and driving up the cost of
incident response. With over 900 million reported records exposed in
2014, more companies are seriously starting to consider transferring
risks to insurance providers. Despite growing awareness of vulnerability
to breaches and risk management strategies however, less than 20% of
large enterprises avail themselves of cyber insurance. For small- and
medium-sized enterprises, the percentage is even lower, at less than 6%,
according to ABI Research.
KPMG also found similar results in their research. A survey of senior information security professionals from organisations which are members of KPMG's International Information Integrity Institute revealed 74% of businesses have no cyber insurance. This was despite the same survey also found that 79% of companies believe that cyber threats are likely to increase in the next 12 months. At least half of businesses who took part in the survey believe that a cyber-insurance policy may not pay out when needed.The largest barrier to growth is lack of actuarial data about cyberattacks, but this is quickly changing with continued cyber assaults. Currently, insurers are finding it difficult to assign the proper value to data or systems, or to determine appropriate policies since they are unable to scope the cyber risk environment of an organization.
“More information sharing, and understanding of event impact and the associated longer-term costs (through post-incident analytics, for example) can help remove some of these obstacles. In turn this will drive better policy rates and see the cyber insurance market progressively emerge from its niche, despite being around for over 30 years,” says Michela Menting, Research Director, ABI Research.
ABI Research forecasts the market to hit US$10 billion by 2020. While still a fraction of the total global insurance market, the 36.6% CAGR is highly dynamic. The primary driver for this dynamism is the escalating costs associated with cyber breaches and attacks, pushing risk management strategies to increasingly transfer risks to providers.
Representative image
KPMG also found similar results in their research. A survey of senior information security professionals from organisations which are members of KPMG's International Information Integrity Institute revealed 74% of businesses have no cyber insurance. This was despite the same survey also found that 79% of companies believe that cyber threats are likely to increase in the next 12 months. At least half of businesses who took part in the survey believe that a cyber-insurance policy may not pay out when needed.The largest barrier to growth is lack of actuarial data about cyberattacks, but this is quickly changing with continued cyber assaults. Currently, insurers are finding it difficult to assign the proper value to data or systems, or to determine appropriate policies since they are unable to scope the cyber risk environment of an organization.
“More information sharing, and understanding of event impact and the associated longer-term costs (through post-incident analytics, for example) can help remove some of these obstacles. In turn this will drive better policy rates and see the cyber insurance market progressively emerge from its niche, despite being around for over 30 years,” says Michela Menting, Research Director, ABI Research.
ABI Research forecasts the market to hit US$10 billion by 2020. While still a fraction of the total global insurance market, the 36.6% CAGR is highly dynamic. The primary driver for this dynamism is the escalating costs associated with cyber breaches and attacks, pushing risk management strategies to increasingly transfer risks to providers.
No comments:
Post a Comment