The surge in cyber insurance uptake underlines the attention cyber risk is now getting in the Boardroom and a greater understanding of cyber security issues across British industry.
There is an expectation the cyber insurance market is set to grow significantly throughout 2015 and beyond. In principle, the growth of cyber security insurance is very welcome especially if it grows alongside better corporate risk mitigation strategies, to avoid it offering a false sense of security.
It’s important to remember that insurance is no cure-all and remedies under a contract may form part of, but should not be considered to be an entire risk mitigation strategy. While cyber insurance may offer the opportunity for those hit by cyber attacks the opportunity to recoup some of their monetary losses, little can be done to repair the reputational damage brought by a data breach, the negative impact on trust and lost Intellectual Property.
Despite an increasing awareness of cyber and data security issues across British firms, what we are seeing is that this awareness isn’t necessarily being coupled with practical or educational expertise on the subject.
Some firms have taken strides towards cyber security but often fail to cover all aspects of the threat. Greater awareness and interest by the Insurance industry should encourage more companies to include cyber security as a key risk and, hopefully, extend this awareness to supply-chain resilience, third party providers, and their own employees.
The old adage that prevention is better than a cure may be a simplistic way to encapsulate the issue, but it does provide a lens for a firm to consider their Cyber risks.
Undoubtedly, security begins with self-education, and by qualifying your company’s current capabilities and resilience to protect against cyber-risks.
The first port of call for any cyber-aware firm needs to be a strict and dynamic cyber security strategy and this strategy should be underpinned by appropriate insurance”
Richard Pharro is CEO of APM Group.