Sunday, June 20, 2021

Managing Digital Risk with Cyber Insurance

SAN FRANCISCO — Since there’s no way to completely eliminate security

risks, a panel of industry players here at the RSA Conference said

insuring against cyber attack or network downtime is the course that a

growing number of companies are taking.

”Cyber insurance will become as ubiquitous as automobile insurance,”

said Erin Kenneally with the San Diego Supercomputer Center. ”There’s no

such thing as complete security. It just doesn’t exist… With automobile

insurance and cyber insurance, both mitigate loss and damage.”

Digital losses generally are not covered under most corporate insurance

policies, and that leaves companies open to suffering great financial

damages with no safety net in place.

”If people filed a claim on their property insurance for an automobile

accident, it would be denied,” said Mark Silvestri with CNA Insurance.

”The same situation exists in the cyber world… There is coverage

against employee theft, property and valuable paper, but cyber loss is

not covered under those policies because it’s not tangible. We needed

something that filled in the gaps.”

David Navetta with AIG Insurance says cyber insurance policies range from

Information Asset Coverage to Electronic Theft and Cyber Extortion

coverage.

But Navetta quickly pointed out to the conference audience that insurance

is not a substitution for having strong, layered security in place.

”Insurance is not intended to replace technology,” says Navetta. ”We

are trying to weed out the companies that don’t have the security in

place that they need… If you don’t have security, you’re not getting

insurance.”

Navetta said he wasn’t in a position to say exactly what types of

security technologies companies need to have, but did say that insurance

agents put potential clients through a thorough interview, checking for

policies and policy enforcement, along with an overall attitude toward

security.

”At this point in the industry, we’re getting a lot of submissions,”

notes Navetta. ”We’re trying to get the good risks right off the bat,

and as the industry grows, we’ll try to get some others.”

He adds that as an increasing number of insurance companies get into the

cyber arena, insurers will be forced to accept companies with more risk,

and also will have to lower their prices.

Silvestri says they have been seeing a ‘noticeable uptick’ in cyber

insurance business, and he expects that trend to only pick up.

”Now they realize hacking events aren’t just nuisances,” says

Silvestri. ”Now they’re worried about serious economic loss. And that

will drive them to buy coverage.”

Similar articles

Latest Articles

3 AI Implementations That...

I was on a joint educational call for the World Talent Economic Economic forum on mobile computing this week. We drifted to topics that...

Survey of Site Reliability...

NEW YORK — Site reliability engineers (SREs) are warning of a looming scalability ceiling and saying the adoption of AIOps isn’t happening at a...

Druva Integrates sfApex to...

SUNNYVALE, Calif. — A maker of software for cloud data protection and management is helping companies safeguard essential customer data that their sales and...

Best Data Science Tools...

Data science has transformed our world. The ability to extract insights from enormous sets of structured and unstructured data has revolutionized numerous fields —...