Cyber Insurance Rates Hiked
US companies have suffered numerous high-profile attacks in the past couple of years, from Sony Entertainment to Target. Even the government has been victimized more than once, most recently losing credit card data.
It comes as no surprise, then, that insurance companies are raising rates commensurate with the new risk. According to Reuters, insurance companies are not just raising regular rates, but also deductibles, as well as limiting damages to $100 million in some cases.
Depending on their nature, data leaks can easily cost more than $100 million to repair – from compensating customers to upgrading infrastructure. Depending on contract situations, data leaks can incur a great deal of liability for a given firm, and this could add up to far more than $100 million over the course of several large clients. For instance, the Target breach cost in excess of $200 million, according to one report.
Health insurers appear to be suffering the worst of it, with some premiums increasing by as much as 300% when renewal time comes, according to Bob Wice of Beazely Pic, a cyber insurance practice. These companies are paying for the mistakes of Anthem Incorporated and Premera Blue Cross, two insurance companies that were hit relatively recently with major data leaks.
Companies have a new opportunity to sell coverage to companies across the spectrum, but cyber risks are unpredictable even in comparison to natural disasters. A cyber risk doesn’t rely on a certain climate, and an exploit can be used within hours of it getting into the hands of an attacker.
In the end, there’s never a way to be sure something is safe and sound. With a building or a vehicle, reasonable steps can be taken to ensure that the asset is relatively protected from some predictable demise. In order to audit the cyber security of a client would require whole new divisions at some insurance providers.
Recent years have led to everyone taking computer hacking, once considered the domain of teenage hackers in their bedrooms, a lot more seriously. Governments have crafted national security policy around computer security, and now insurance companies are restructuring their plans in accordance with good cyber hygiene.
Target, for one, has struggled to find a good provider at the rate it is looking for, knowing that its previous breach was so expensive. It seems the most it might ask for in the event of another breach is half of what the previous one cost. With any luck, this will lead to companies like Target taking computer security much more seriously and investing there so as to avoid needing an insurance company in the first place.
Image from Shutterstock.