Will Cyber Insurance Providers Reward Good Security?

2_454x340.jpg

Last week the chief of Lloyds of London claimed that his business had seen a 50% increase in demand for cyber insurance products in the first quarter of 2015. The UK government working in partnership with insurance broker Marsh in Marsh has highlighted that around 98% of large UK companies have no form of insurance against a data breach or cyber-attack.
There are three key factors that will drive demand for cyber insurance products in the immediate future:
    1. Data breaches are on the rise and more damaging than ever.
    2. Government is backing the UK cyber insurance industry to become a world leader.
    3. There are sweeping privacy reforms underway in the EU.

So what does cyber insurance actually get you? In an article for legal news site Out-Law cyber liability specialist Ian Birdsey of Pinsent Masons explained, “There is a financial indemnity up to potentially significant levels of indemnity or cover in the region of hundreds of millions of pounds; and access to an expert panel of vendors often at preferential rates in the event of a data breach.” He added, “The underwriting process is also likely to focus on various key aspects of risk management.”
That means you can expect to be able to claim for the financial impact of a breach, which seems like a good safety net. But it’s the underwriting process that raises concerns: What are these “key aspects” of risk management? Would a business judged to be less risky qualify for a lower premium?
 
It’s the second question that is of greatest interest to any IT security professional is, who is looking to do the best job for the business they work in. To take car insurance as an example, customers who use a “dashcam” in their cars recording all of their journeys receive a substantial discount on their premiums. The same should surely applies to those organisations whom have made significant investments to reduce their risk of being the victim of an insider attack, malware or hack?
If you’re now considering cyber insurance to help you respond in the event of a breach be sure to challenge that provider to be clear about the steps you can take with your policies or technology to keep your premium down.
Wallix: http://bit.ly/1OLHDdW

« Hacked. Or, How to Become a Four-Star General
How To Hack a Military Drone »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Tendo Solutions

Tendo Solutions

Tendo Solutions provides intelligence, security, forensics and risk solutions to clients across different sectors and jurisdictions.

FinalCode

FinalCode

FinalCode offers a file encryption and file-based enterprise digital rights management (eDRM) platform.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

Cyber Security Agency of Singapore (CSA)

Cyber Security Agency of Singapore (CSA)

The CSA is the national agency overseeing cybersecurity strategy, operation, education, outreach, and ecosystem development.

SEC Consult

SEC Consult

SEC Consult is a leading European consultancy for application security services and information security.

Sysmosoft

Sysmosoft

Sysmosoft specializes in providing highly secured telecommunication solutions for mobile devices for companies requiring protected access to sensitive data remotely.

HorizonIQ

HorizonIQ

HorizonIQ (formerly Internap Corp / INAP) maximizes efficiency and innovation with flexible infrastructure solutions.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

Corelight

Corelight

Corelight is the most powerful network visibility solution for information security professionals.

Gradcracker

Gradcracker

Gradcracker is THE careers website for Science, Technology (including Cybersecurity), Engineering and Maths university students in the UK.

Pioneer Search

Pioneer Search

Pioneer Search is a UK based Technology & Change, Electronics Engineering, Cyber Security & Cloud and Data & Analytics Employment Agency.

Pivot Point Security

Pivot Point Security

Pivot Point Security is a trusted leader in information security consulting. We help clients master their information security management systems.

Reflectiz

Reflectiz

Reflectiz empowers digital businesses to make all web applications safer by non-intrusively mitigating any website risks without a single line of code.

r00tz Asylum

r00tz Asylum

r00tz Asylum is a nonprofit dedicated to teaching kids around the world how to love being white-hat hackers.

ServerScan

ServerScan

ServerScan specializes in providing server scanning & compliance services to organizations of all types and sizes.

Closed Door Security

Closed Door Security

Closed Door Security is the only cybersecurity team in the north of Scotland offering everything from IASME Certification to CREST-Accredited penetration testing.