Carl Leonard, principal security analyst for Raytheon|Websense Security Labs, a leading cyber security firm, said in the company’s 2016 Security Predictions
that the cyber insurance market is in for a volatile 2016.
“The cyber insurance market will dramatically disrupt businesses in the next 12 months,” Leonard said.
“Insurance companies will refuse to pay out for the increasing breaches that are caused by ineffective security practices, while premiums and payouts will become more aligned with the actual cost of a breach.
“The requirements for cyber insurance will become as significant as regulatory requirements, impacting on businesses’ existing security programs.”
The report predicts that insurers will begin to start understanding the scope of cyber risk in better ways as the experts “we expect to see an increasing sophistication in the way the risks associated with a cyber breach are factored into policy cost, just as a driver’s safety record and driving habits are factored into the cost of an automotive policy.”
“Insurance companies may even turn to intelligence and security companies to help provide actual data on attacks to develop more consistent, specific actuarial tables and different rating for companies,” the report continues.
After a rough 2015 for the cyber market in terms of data breaches, the report predicts a similar outlook for the coming year.
“2015 was a tough year for breaches and the trend for 2016 looks to be no better,” the report states.
“Against this backdrop is the gradual realisation within corporations that the value of their company’s data is a large part of corporate assets, and a huge potential cost during a cyber event.
“Indeed, for some information-centric companies, a data breach can be the largest single risk for business continuity, especially when considering the potential of downstream liability from loss of personally identifiable information.
“Such losses comprise not only that data related to customers, but also to employees.”
The report issues advice to companies that brokers would be well suited to pass on to clients with cyber issues as better training could lead to a safer business.
“Regularly training employees to be smart with email attachments and browsing behaviour will be increasingly tied to the bottom line as such programs will be reflected in lower insurance premiums due to reducing their risk of breach.
“Ultimately, cyber insurance will drive better companies to adopt security postures to handle threats.”
Cyber insurance could “dramatically disrupt” businesses over the next 12 months according to one expert.