Computer Security Technology Ltd

+44 (0)20 7621 7836 LinkedInTwitter

+44 (0)20 7621 7836 CSTL LinkedInCSTL Twitter

April 29, 2015

How important is cyber-insurance for businesses?

In recent years, heads of business have grown increasing concerned by the high number of data breaches that are hitting the headlines. But now cyber-insurance policies offer a new form of protection to help businesses mitigate the risk.

Ask any business owner and they’ll tell you that data breaches seem to be occurring a little too frequently for their liking these days. It has become normal to read stories of the world’s largest companies finding themselves under attack atop the front page of your daily newspaper, so it’s easy to see why many IT bosses – and their CEOs – may be feeling a little edgy at present.

It seems logical that organisations should want to do everything possible to avoid falling victim to damaging attacks. But in the face of modern hacking techniques and, despite the best efforts of your security solutions, maybe your next cyber-attack should really be treated as inevitable. What’s needed then is a contingency plan.

A new type of protection

Most businesses have insurance policies in place to help with recovery efforts should they be hit with floods, fires or any other survival-threatening disaster. It’s clear that this list of potential catastrophes should also now include data breaches, and an increasing number of companies are acting accordingly by securing specialist cover.

According to Gartner, more than a quarter (25 – 35 per cent) of all businesses now have some kind of cyber-insurance policy in place, with the global market worth an estimated $1.7 billion every year.


Unsurprisingly, adoption rates are highest among financial services companies, with those in the telecoms and healthcare sectors – where customer data is particularly sensitive – also quick to get involved.

Is it worth it?

The simple answer is a resounding ‘yes’, especially for those governed by hack-related legislation. In the US, for instance, businesses in all but three states must take security breach notification laws into account when dealing with data. What this means is they’re required to inform customers should they be attacked.

This would come at a cost anywhere in the world, but in a country with such a litigious culture, the financial impact can be severe. Data from the Ponemon Institute suggests the average price of dealing with a major breach was a cool $3.5 million in 2014 – up 15 per cent for the year.

At present, the same isn’t quite true in the UK, but this is likely to change over the next couple of years. The European Union is expected to introduce notification laws of its own as part of an upcoming data protection legislation overhaul.

Are you comfortable with your current level of protection against cyber-attacks? To talk about security solutions that enhance your productivity and protect your business, please call us on the numbers above.