If your house is broken into you have insurance to cover the loss. If your car is damaged you have insurance to pay for it. If your business sets on fire you have insurance to cover the costs, but if systems get hacked and you lose a lot of valuable data do you have insurance? In most cases, the answer is no. However, more and more businesses are starting to understand the value of cyber-insurance but is the high cost of this almost invisible insurance policy really worth it?
Because of a number of high profile hacks, more companies are purchasing cyber-insurance but as demand has increased, premiums and deductibles have also soared. As a result, the potential value of purchasing this type of insurance depends on your business size, the risk factor and the current security protocols in place.
As with your home, when taking out a cyber-insurance policy, you will be asked a lot of questions to estimate the costs of a breach. These will focus on the type of data you have and the security systems already in place. In some cases, there can be more than 300 questions to tackle. This is not the most accurate way of calculating risk but the lack of cyber security professionals means insurers can’t afford an expert assessor. This can make the process of securing cover extremely drawn out and complicated.
What sector your business is in will have a strong relation to the cost of the insurance premium. AIG for instance, only offer policies to the top global banks, which are famed for having invested heavily in their cyber security departments. In the retail sector, prices have been hiked following attacks on Target and Home Depot in 2014. In the case of Home Depot, costs of $232 million were incurred in the attack but only $100 million is expected to be returned. The cost of insurance can clearly vary hugely between industries and those that have better security systems are more likely to get an affordable policy.