India’s Cyber Insurance Business Is Flourishing

Cyber risk is a major threat to Indian businesses today as companies increasingly face new vulnerabilities due to exposure.

In an exclusive interview with BW Businessworld, Rahul Mohata COO, Ideal Insurance speaks about how organisations can minimise the financial impact due to a cyber-attack if they opt for an insurance, awareness among businesses regarding cyber-attacks and more.

Here are some extracts:

How can organisations minimise their financial impact if they opt for cyber liability insurance?

All businesses now are dependent on the use of technology specially internet and cloud, which makes them vulnerable of cyber-crime and online data theft and misuse.

Cyber liability policies are indemnity policies and cover any loss which may arise because of the peril covered under the policy. The client based on his assessment or legal requirement buys a policy with an indemnity amount. The insurer generally covers privacy breach liability, cyber extortion, business interruption losses, liability from multimedia and public relations costs, legal expenses and data theft liability.

If the data is stolen or hacked, the insurer will pay for any legal cost which the insured pay if there is a suit filed in a court of law. The Insurer will also indemnify the amount awarded by the court of law subject to admissibility of the claim by the Insurer.

Do you see the awareness among businesses regarding cyber-attacks in India?

The 'Internet Security Threat' report that was released in 2013 by Norton (Symantec) has stated India has 42 million cyber-crimes every year. On a regular basis we come across press reports on breach of cyber security by way of attacks such as malware, viruses, hacking, scams, fraud and theft.

Though the large corporates are still aware and work towards cyber security, but the mid-size and small enterprises are highly vulnerable towards such risk due to lack of awareness.

In a data driven world, if a company suffers a data breach but can’t monetise the value of that data, how can this insurance help?

Since the insurance cover is for paying for any legal cost which the insured pay if there is a suit filed in a court of law. The insurer will also indemnify the amount awarded by the court of law subject to admissibility of the claim by the Insurer. Hence, the question of monetising the data does not arise in this case.

Do you believe that companies in India compromise with their cyber security?

There are corporate who have taken this policy. However, there is a huge gap and it is mostly due to lack of awareness and has become obligatory and not mandatory as the check and balances are not yet in place.

How has been the response like especially when MSMEs in India are not very active on this front?

The smaller firms are often hit hardest by a cyber-attack but unfortunately lack of awareness about cyber risk prevents most of the MSMEs in India from adopting key cyber security initiatives. But very soon companies of every size will demand cyber insurance, as most of the businesses are depended on technology.

How do you make this insurance policy customer friendly?

These policies are tailor made and as per requirement of the customers. Cyber risk affects industries such as technology and financial institutions differently so tailor made solutions suiting each client segment is suggested. Due diligence is specially done for companies with internet-related operations and large technology-related and also for those storing a large quantity of customer data.

Cyber-attacks on cloud environments have reached the same level as attacks on traditional IT infrastructures, and it seems likely that the trend towards cyber-attacks on cloud based infrastructures will see further increases. So, do you provide insurance against such attacks?

Yes, covers are available for such risks. In these cases, the cloud based service provider will have to take insurance which will protect him against any perils of cyber-attack and breach which will result in loss to his customers who store their data on their cloud based services.

Since cyber-space has become highly vulnerable, do you believe that some years down the line, there will be a huge surge in such insurance policies?

The cyber insurance market is already flourishing owing to the increase in cyber-attacks. And in the coming years the market is expected to grow at double-digit figure, and a significant surge in demand for cyber insurance policies is also predicted.

Business World

You Might Also Read:

Cyber Insurance Report - 2017/8 (£):

Businesses Need Cyber Insurance – Now:

 

 

« Universities Are Targets For Cyber Criminals
The EU Holds Its First Cyber War Game Exercise »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Defense Media Group (CDMG)

Cyber Defense Media Group (CDMG)

CDMG is the leading global media group for all things cyber defense.

CERT-AM

CERT-AM

CERT-AM is the national Computer Emergency Response Team for Armenia.

Centre for Development of Advanced Computing (C-DAC)

Centre for Development of Advanced Computing (C-DAC)

C-DAC is the premier R&D organization of the indian Ministry of Electronics & Information Technology. Areas of research include cyber security.

Swiss Re

Swiss Re

Swiss Re Group is a leading wholesale provider of reinsurance, insurance and other insurance-based forms of risk transfer including cyber risk.

Proficio

Proficio

Proficio is a world-class Managed Security Service Provider providing managed detection and response solutions, 24×7 security monitoring and advanced data breach prevention services worldwide.

RunSafe Security

RunSafe Security

RunSafe Security is the pioneer of a patented cyberhardening transformation process designed to disrupt attackers and protect vulnerable embedded systems and devices.

Rwanda Information Society Authority (RISA)

Rwanda Information Society Authority (RISA)

RISA is at the forefront of all ICT project implementation, research, infrastructure and innovation within the ICT sector in Rwanda.

CTM360

CTM360

CTM360 is a unified external security platform offering 24x7x365 Cyber Threat Management for detecting and responding to cyber threats.

Armis

Armis

Armis offers the markets leading asset intelligence platform designed to address the new threat landscape that connected devices create.

Exeon Analytics

Exeon Analytics

Exeon Analytics is a Swiss cyber security company that is specialized in detecting hidden data breaches and advanced cyber attacks.

Indeed

Indeed

Indeed is a worldwide employment-related search engine for job listings covering job types in all industries, including cybersecurity.

Basque Digital Innovation Hub (BDIH)

Basque Digital Innovation Hub (BDIH)

The aim of the BDIH initiative is to provide industrial enterprises, especially SMEs, with the technological capabilities needed to meet the challenges of industry 4.0.

Authomize

Authomize

Authomize aggregates identities and authorization mechanisms from any applications around your hybrid environment into one unified platform so you can easily and rapidly manage and secure all users.

Kriptos

Kriptos

Kriptos helps businesses improve their cybersecurity, risk, and compliance strategies by locating critical information through a technology that automatically classifies and labels documents using AI.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

Venticento

Venticento

Venticento is an IT company specialized in consulting and network support and assistance for companies that need to make their business processes more effective.