Insurance Against Cyber Attacks Gains Steam Alongside Rising Risk
San Antonio—The news spotlight has shifted away from cybersecurity concerns in the weeks since the outbreak of the WannaCry cyber-hack.
But Bill Kelly, senior vice president for underwriting at insurer Argo Pro in San Antonio, says the threat of cyber attacks is ever present. “There’s many you don’t hear about because companies don’t want to publicize them and it’s not legally required to report every incident,” he says. “As more and more people and devices become ‘connected’ and companies and economies continue to advance technologically, the exposure to cyber incidents will grow and opportunities for criminals and hackers will increase.”
On Friday, British security officials concluded that a North Korean-affiliated group was responsible for the WannaCry virus last month, according to media reports. The National Cyber Security Centre, which is affiliated with the British intelligence agency GCHQ, believes that the Lazarus Group was behind the ransomware which, most prominently, affected Britain’s National Health Service. Lazarus is also believed responsible for the 2014 hack of Sony Pictures.
Such deliberate efforts to use cyber tools to disrupt business activity, the delivery of healthcare, and other crucial commercial interactions will continue to be part of the risks companies must plan for, Kelly adds. And insurance companies like Argo are developing software tools to help business assess those threats in order to offer insurance policies specifically targeted to cyber insecurity.
Traditional errors and omissions insurance policies don’t explicitly say that customer data is protected, Kelly says, such as personal tax return information that is taken through a cyber attack or even taken from a laptop that the customer left in the back of a taxi, for example. “We rewrote all of our forms,” he says. “ We thought, let’s just explicitly say it.”
Cyber insurance is a growing market. According to the Insurance Information Institute, more than 60 carriers now offer stand-alone cyber insurance policies, with about $3.25 billion in gross premiums underwritten last year in the U.S.
Argo is a mid-sized insurance carrier and sells cyber insurance as a secondary, or “excess,” layer of insurance on top of other coverage. That means … Next Page »