63% OF ORGANISATIONS DON’T BELIEVE INSURERS WOULD HONOUR A CYBERSECURITY CLAIM
Confidence is so low that 32% of UK businesses don’t even bother with cyber liability insurance
A study has revealed that the UK is facing a crisis of confidence in its insurance sector. Speaking to 250 security professionals at this year’s Infosecurity Europe exhibition, very few have faith in cyber liability insurance, with 63% of respondents believing insurers would not actually honour a claim if one was made. In fact, trust is so low that 32% of UK businesses don’t even bother seeking this increasingly vital cover. With the costs of data breaches on the increase, costing an average $145 per record breached (according to recent figures from Ponemon Research ), organisations could find themselves not only out of pocket, but out of business if the worst should happen.
Jim Tyer, EMEA Channel Director for AppRiver – the cloud-based email and Web security specialist, said, “It’s alarming the high percentage of people who have little to no faith in the insurance industry. That said, and playing devil’s advocate a little, with as many as 91% of organisations claiming to have suffered a cyber attack [according to another report], perhaps the insurance sector should issue a collective sigh of relief that nearly a third of organisations aren’t seeking cover!”
The study, sponsored by AppRiver, found that, amongst those respondents whose organisations were covered by cyber liability insurance (just 18%), special measures had been introduced as part of the policy requirements in 38% of cases. Just under a third (32%) said that this had not been necessary, with 39% unsure.
Tyer added, “An interesting calculation is that the probability of special measures being a requirement is at least one in every four policies. What this means for those respondents we spoke with during the show who were either unsure if their organisation had cover, and even those that did have cover but were unsure if they’d had to do anything different, 28% would find their policies (if they have one) invalid due to this mandate. That’s worryingly high.”
None of the respondents spoken with, who had cyber liability insurance, had had to make a claim on their policy. Tyer adds, “While this could be viewed as positive, it did raise two thoughts. Firstly, it means there’s no reassurance for the 63% of respondents whose faith in insurance is non-existent, unfortunately. However, more importantly, the likelihood that no-one has suffered a breach is unlikely meaning either a percentage of people lied, hadn’t made a claim even though they’d suffered a breach or, in my opinion the most probable, are blissfully unaware of their current security posture! Not a particularly comforting thought.”