Cyber Insurance – Is it Enough?
The Cyber Insurance Landscape
There are a number of reasons businesses decide to buy cyber insurance. Recently, many have been influenced by highly-publicized data breaches, such as the Equifax intrusion. However, while the high-profile breaches always involve huge enterprises like Equifax and Target, the fact is that 55 percent of small businesses in the U.S. have reported that they’ve experienced a data breach, and 53 percent have reported that they’ve experienced multiple breaches. Clearly, all businesses are at risk, regardless of size.
Despite this, a full 50 percent of U.S. firms do not have cyber risk insurance and 27 percent of U.S. executives say their firms have no plans to change this, even though 61 percent of these same executives expect cyber breaches to increase over the next year.
The Services Offered
There are several major reasons a business might want to purchase cyber insurance. While policies differ, here are some of the services a cyber insurance policy may provide:
- Business restoration: After a breach, it can cost serious money to put your business back together.
- Liability protection: A breach can cause damage to both things and people. For example, when Heartland Payment Systems was breached in 2008, the financial costs to Heartland’s financial partners (banks) and customers (merchants) was enormous.
- Notification of customers: Your insurance company can help you with any government-mandated customer notifications, often a very time-consuming and error-fraught process. The last thing a company needs after a breach is to be found non-compliant by one or more government agencies.
- Protection against third-party lawsuits: Once a breach is discovered and disclosed, the plaintiffs are likely to come crawling out of the woodwork. Some will be legitimate and some will be bogus, but cyber insurance can protect a business from most of them.
- Identity protection: It’s not just outsiders who can be hurt. Company insiders and employees could be at risk of identity theft due to the illegal acquisition of company personnel data. Some cyber insurance policies will provide identity recovery and protection services to company officers and key employees.
So Why Is Usage So Low?
According to CFO online, there are several reasons companies are hesitant to purchase cybersecurity policies.
- Lack of clarity in what the policies cover: Insurance policy language is difficult to understand, and it’s not uncommon for determination of liability to require litigation. To businesses, this greatly reduces the value of the coverage.
- Concern over potential coverage gaps: The tactics and capabilities of hackers are ever-evolving. Companies are concerned that even if they pay a high premium for “comprehensive” coverage, the very uniqueness of an attack may leave it out of the protections included in the policy language.
- Low assessment of the financial risk involved: Whether correct or just wishful thinking, many companies feel that their data just isn’t worth enough to insure.
Conclusion: Where do companies turn?
Just as hackers are getting more sophisticated, so are the tools being utilized to stop them. If the usage figures above are to be believed, it’s fair to conclude that most companies have a high degree of confidence in their cybersecurity software. They’re subscribing to the notion that the best way to protect against damage from a data breach is to prevent the breach in the first place. Solutions available today like what we offer at SentinelOne can provide best in class protection, detection, and remediation to keep attackers at bay. However, in the event an attack is successful one of the unique features that we offer here at SentinelOne is our Cyber Warranty to help mitigate some of the financial impact on our customer.
The insurance industry has a long way to go when it comes to offering clear, understandable and comprehensive cybersecurity policies. Until they get there, it’s nice to know that you can minimize your need for cyber insurance by selecting the right cybersecurity vendor.
Want to learn more about SentinelOne?
Request a demo today by Clicking Here! and see how SentinelOne can help keep you #cybersecure
Let’s Stay in Touch!
Subscribe to our blog above and get content delivered straight to your inbox or follow us on LinkedIn, Twitter, and Facebook to stay up to date on the latest news in cybersecurity!