Security professionals would not bother getting cyber insurance, as two-thirds believe insurers would not actually honour a claim if one was made.
A survey of 250 security professionals by AppRiver found that 32 per cent of UK businesses don’t bother seeking this increasingly vital cover, while two-thirds (63 per cent) believe insurers would not actually honour a claim if one was made.
Jim Tyer, EMEA channel director for AppRiver, said: “What this means for those respondents we spoke with during the show who were either unsure if their organisation had cover, and even those that did have cover but were unsure if they’d had to do anything different, 28 per cent would find their policies (if they have one) invalid due to this mandate.”
Gartner research vice president Paul Proctor said in 2012 that Gartner had “extraordinary difficulty in finding claims”, and suspected that claims often end in negotiated settlements so no one will talk about it. Proctor said that there is a danger of “buying into the sales pitch”, as the biggest factor is insurance companies investing in marketing meaning that you rarely see something written by someone who has a background in cyber insurance.
None of the respondents spoken with, who had cyber liability insurance, had had to make a claim on their policy. Tyer said: “While this could be viewed as positive, it did raise two thoughts. Firstly, it means there’s no reassurance for the 63 per cent of respondents whose faith in insurance is non-existent, unfortunately.
“However, more importantly, the likelihood that no-one has suffered a breach is unlikely meaning either a percentage of people lied, hadn’t made a claim even though they’d suffered a breach or, in my opinion the most probable, are blissfully unaware of their current security posture! Not a particularly comforting thought.”
Beth Diamond, leader of the claims management team for privacy liability at the Beazley Group, told IT Security Guru that there is more penetration into the market to accomplish, and she saw see new insured companies looking at risk regularly, but too often it was after having suffered a breach and been without cover or assistance in responding.
Commenting on the 63 per cent statistic, Diamond said she “smiles each time I am asked this question”.
“I have been handling cyber claims from my earliest time at Beazley, and can tell you from personal knowledge that not only have we paid out and continue to pay out material sums on cyber matters, but I have handled personally the largest cyber claims impacting Beazley insured’s, paying seven and eight figure sums (sometime policy limits) on cyber matters,” she said.
“I suspect that the media surrounding coverage disputes on cyber claims has created confusion about coverage generally for cyber, but cyber coverage from Beazley is real. That does not mean it is the proverbial ‘blank check’, and it is important that insured companies understand how coverage works, and how to maximise the coverage available, but the coverage is there and it is real.”