Home | Print Page | Contact Us | Sign In | Register
Weekly Industry News
Blog Home All Blogs
PIA Western Alliance knows you want to be the best in the field, and the best way to stay on top is to stay informed. PIA Weekly Industry News Brief is an informative e-news brief that delivers the most relevant industry content.

 

Search all posts for:   

 

Top tags: Insurance Content  Weekly Industry News  Insurance Industry  Insurance News  Around the PIA Western Alliance States  ObamaCare  The Affordable Care Act  Healthcare  HealthCare.gov  Cyber Security  Cyber Breach  PIA Western Alliance  Cyber Insurance  Employment  jobs  flood insurance  wildfires  AIG  work  Millennials  Flood  Employees  PIA  business  Millennials & Insurance  Pia National  Taxes  Insurance  MetLife  E&O 

Introducing Cyber 101 Classes: Learn about the 7 most common cyber risks

Posted By staff reporter, Tuesday, February 12, 2019

Cyber classes from PIA National

Cyber 101 is the newest educational resource created by PIA and The PIA Partnership to help educate PIA members and their clients about the seven most common cyber risks.

 

Learn about

Fraudulent funds transfer

Extortion/ransomware

Social engineering

Business interruption

Data breach/privacy

Network security

Website media liability


 

Q:  Do I have to be a PIA member to participate in the Cyber 101 courses?

A:  Yes.  However, you can also be a Non-PIA members appointed by Partnership companies. 

To learn which companies are Partnership companies, visit our partner page.

 

Q: What's in it for you?

A:  Become a subject matter expert on Cyber coverage. Producers and CSRs using the Cyber 101 resources will become confident in their abilities to thoughtfully talk about cyber risks and coverage.

 

Q:  How often are Cyber 101 webinars?

A:  Each month, Cyber 101 will introduce new resources on one of these topics:

  • fraudulent funds transfer
  • extortion/ransomware
  • social engineering
  • business interruption
  • data breach/privacy
  • network security .
  • website media liability

 

These topic-specific resources will include:

  1.  interactive claims examples
  2. 1-page PDFs explaining the risk
  3. 30-minute webinars

 

PIA agents can also personalize and provide their clients with general cyber educational resources. All webinars will be recorded and made available on the Cyber 101 website

 

Q:  How do I access Cyber 101? 

 

  • PIA Members

Login here to access Cyber 101

 

  • PIA Non-PIA members

Click here to access Cyber 101

 

  • Other agents

Click here to become a PIA member

 

 

 

Helpful Downloads

Download me!

Download me!


For additional information about The PIA Partnership

 www.ThePIAPartnership.com.

Tags:  cyber 101  cyber education  Cyber risks  cyber security 

Share |
PermalinkComments (0)
 

Cyber Attacks — Consumers Want More from Insurance

Posted By staff reporter, Tuesday, February 12, 2019

Consumers want more insurance help with their cyber woes, and potential cyber woes. The why is easy. From automobiles to interconnected homes, just about every aspect of people’s lives are impacted by technology, and that technology is a sieve and easy for hackers to access.

Take automobiles for example. Asaf Ashkenazi of the software company Inside Secure said hackers can use connectivity to access private information and can even use it to steal the car. “The worst-case scenario is that they can completely take over and control anything in your car, from the brakes to the steering wheel,” he said. “The scariest scenario is that you're driving and they make your car crash.”

Then there’s the loss of personal records. The Identity Theft Resource Center’s 2018 End of Year Data Breach Report said 447 million consumers had their personal records compromised last year. That is a 126% increase from 2017.

What’s ironic is the total number of data breaches in 2018 fell by 23%.

Paul Robinson of GreyCastle Security said, “It’s very difficult now to avoid these attacks, even if you're taking the precautionary measures, such as managing your bank account and things of that nature. Now please do that, don't neglect watching your accounts and keeping an eye on your medical records, but the horse has left the barn per se.”

Assurant’s new study, The Connected Now says the connected lifestyle isn’t connecting with everybody. This is where insurance might be helpful. More on that in a bit.

The risk management firm said like it or not, nearly 40% of consumers identify themselves as technophobes. They own an average of 1.3 connected products. These range from smartphones and computers to equipment to manage things in the home.

Those same people — or 78% of them — worry about ID theft and the compromising of their personal information. They point that worried finger at interconnectivity — connectivity they are not that happy with.

Yet, 69% do admit this technology makes their lives easier. 

This is where insurance has an opportunity to shine. Parks Associates — an Internet of Things marketing and consulting company — said its research finds that 40% to 50% of households with access to broadband Internet want additional insurance services.

Parks Associates said this applies to those who own their homes and those renting.

Of those interested, 35% want insurance services that are proactive and that communicate the potential risk of the smart devices in their homes. They want to be updated and warned ahead of time.

Parks Associates spokesman Brad Russell said the insurance they want will take care of the restoration of those services and repair their home after the damage occurs.

“A restoration service that repairs damage is the most appealing service among insured households, but there is strong interest in proactive services, which would be enabled by smart home devices and AI capabilities to detect and prevent risk situations,” he said.

And he noted that advances in technology now let the insured and the insurer connect and interact more easily than ever. “Connected devices are reshaping the way consumers think about many traditional services and how they interact with their service providers,” he added. “These trends in consumer expectations, combined with the wealth of data derived from IoT solutions, are opening significant market opportunities for the insurance industry.”

 

Source links: PropertyCasualty360.com, USA Today, WHEC-TV, Insurance Business America

Tags:  cyber breach  Cyber Security  insurance content  insurance news 

Share |
PermalinkComments (0)
 

Special Report: The Cyber Security Challenge

Posted By Staff reporter, Tuesday, February 5, 2019

A new report from Accenture is frightening. Another one from the Defense Department and the Pentagon is even more frightening than Accenture’s.

The Accenture report is titled Securing the Digital Economy: Reinventing the Internet for Trust. It found 75% of the CEOs think the only solution to the cyber challenges faced by all of us is cross-industry coordination.

Worse, Accenture believes in the next five-years companies worldwide will lose $5.2 trillion from cyber attacks.

  The highest risk is the high-tech industry with $753 billion at stake

  Life sciences has $642 billion at risk

  The automotive industry has $505 billion

“Internet security is lagging behind the sophistication of cybercriminals and is leading to an erosion of trust in the digital economy,” company spokesman Omar Abbosh said. “Strengthening internet security requires decisive — and, at times, unconventional — leadership by CEOs, not just CISOs.

To become a cyber-resilient enterprise, companies need to start by bringing CISOs’ expertise to the board, ensuring security is built-in from the initial design stage and that all business managers are held responsible for security and data privacy.”

 

Here’s more from the report:

 •  79% say the advancement of the digital economy will be stall or slow down if dramatic improvement in internet security is not made

  59% say the internet is growing increasingly unstable

  That same 59% say they are not sure how to respond to that instability

  56% say they would welcome stricter business regulations to fix the problem

 

 PIA Members can take Cyber 101 Webinars no charge

PIA Western Alliance Members can take our Cyber 101 Webinar Classes at no charge!

Click the banner to sign up, today!

In the U.S. the Defense Department — via spokesman Robert Behler — said it cannot adequately defend itself against cyber attacks. The Government Accountability Office (GAO) agrees. Spokeswoman Cristina Chaplain said the military has not been able to secure weapons systems that cost billions to build.

“DOD testers routinely found mission-critical vulnerabilities in systems under development, and in some cases, repeatedly over the years,” she said.

One of the problems with cyber security is the lack of cyber experts to do battle with the bad guys. In the U.S. between September of 2017 and August of 2018, there were 314,000 job postings. Even though most earn something like $95,000 a year on average, job openings stay open.

The National Initiative for Cyber Security Education says if all were filled that would pump up the number of pros battling cyber criminals by 40%. That’s a workforce of 714,000.

Worldwide, (ISC)2 says there are close to three million cyber security jobs open.

In addition to not being able to find experts, current polling says that 43% of organizations around the world fail to adequately do security training.

Worse, universities — 85% of them — have cyber security graduate or undergraduate degrees. However, their more diversified and attractive computer science programs do not offer even one cybersecurity course.

Business and government are continuing to explore options. One idea is a Cybersecurity Peace Corps. The proposal is the same idea as the original Peace Corps and will develop and train people to do cybersecurity jobs. It will require an act of Congress to establish.

Meanwhile, community colleges are now offering boot camps — of sorts — to train people in key skills. 

Whether all this training comes fast enough to avoid the trillions that will be lost in the future to cyber criminals is anybody’s guess. What we all can — however — agree upon is that there is a definite need for action.

 

Source link: Insurance Business America, PropertyCasualty360.com, Tech Crunch

Tags:  cyber breach  Cyber Insurance  Cyber security 

Share |
PermalinkComments (0)
 

Cyber Scams — Americans Lose $18 Billion in 2018

Posted By staff reporter, Tuesday, January 15, 2019

 

Scam artists used a variety of sophisticated schemes to separate Americans from their money in 2018. Those schemes resulted in the loss of a whopping $18 billion to consumers and individuals in the U.S. last year.

That information comes courtesy of Website Builder Expert (WBE). It is a website building and launching platform. WBE came to its conclusions from data produced by the FBI’s Internet Crime Report and from the Insurance Information Institute (I.I.I.).

WBE — as well as most of us — finds the the $18 billion lost shocking. It’s even more shocking when you consider the billions spent each year to combat cybercrime and make websites and other Internet sources safe.

Apparently — and obviously — those measures are not working all that well.

WBE used the statistics from the two reports that show individual complaints to determine which states are most vulnerable and which are the safest. Two PIA Western Alliance states — California and Washington — are on the list of the most vulnerable.

Vermont is the safest. California the least.

 

Here are the stats for the two PIA Western Alliance states in the top-15:

 

1. California

  2018 complaints — 55,774

  Average growth per year in reported crimes — +515

  Average cost per incident — $5,900

 

15. Washington

  2018 complaints — 9,011

  Average growth per year in reported cybercrime — +351

  Average cost per reported incident — $3,572

 

Ironically, WBE says California — unfortunately — will likely have more cyber complaints in 2019 than the bottom 27 states

 

Here’s the list of the 15 most vulnerable states:

1. California

2. Florida

3. Texas

4. Michigan

5. New York

6. Illinois

7. Pennsylvania

8. Georgia

9. Ohio

10. New Jersey

11. North Carolina

12. Virginia

13. Missouri

14. Maryland

15. Washington

The cybersecurity firm McAfee released a report late last year that says cybercriminals are putting out 480 new threats per minute. That frightening statistic comes from

McAfee Labs Threats Report: December 2018.

McAfee’s lead scientist Christiaan Beek said malware attacks were up 73% in the third quarter of 2018.

“Cybercriminals are eager to weaponize vulnerabilities both new and old, and the number of services now available on underground markets has dramatically increased their effectiveness,” he said. “As long as ransoms are paid and relatively easy attacks, such as phishing campaigns, are successful, bad actors will continue to use these techniques.”

 

Source links: PropertyCasualty360.com, Venture Beat

Tags:  cyber scams  cyber security 

Share |
PermalinkComments (0)
 

Get your Super Cyber Education On! with the PIA

Posted By Staff Reporter, Tuesday, December 18, 2018

 

Myth: Hackers and cyber criminals generally target large businesses because that is where they profit most.

Fact:  62 percent of cyber-attacks target small-and mid-sized businesses

 

PIA Members

Get your Cyber 101 On!

Learn what you need to know to keep your business clients safe in an uncertain world. 

PIA created the Cyber 101 education series to help educate agents and their clients about the most common cyber risks faced by small and mid-sized businesses as well as the business practices and insurance coverages that can reduce those risks.

 

HOW TO ACCESS CYBER 101

 

Non-PIA members appointed by Partnership companies: Click here to access Cyber 101.

 

Other agents: To access Cyber 101, you will need to become a PIA member. Learn more about PIA membership and join today!

Tags:  Cyber 101 classes  Cyber Security  pia western alliance 

Share |
PermalinkComments (0)
 

Cyber Threats — Small Business Still Not Prepared

Posted By Staff Reporter, Monday, November 19, 2018


It’s been a year since the WannaCry ransomware struck. In a four-day period it attacked 300,000 computers, and cost businesses and individuals billions of dollars.

Gad Naveh of Check Point's Threat Intelligence and Research & Development team did some research on what’s happened in the past year. Since then hackers have created offshoots of the ransomware and they are creating more chaos. His research also points out that — in spite of the continuing threat — businesses still aren’t prepared.

  77% of chief information security officers (CISO) say they are not equipped to handle these attacks

  Staffing challenges are a problem

  Security technology conflicting with business operation is another

  Just 3% of businesses have the protection needed to repel an attack

  79% are using security solutions from generations two and three

By the way, Naveh points out that we are now up to generation five — Gen V — of this kind of ransomware. The genesis of ransomware is pre-2000.

He is very critical of nations and businesses and says it’s time for the U.S. and other nations to put an end to this problem. He writes, “It does not really matter who launches an attack or why — countries and global business communities simply need to defend themselves better — because the large-scale, multi-vector nature of these attacks are several generations beyond the average enterprise’s security capabilities.

The reality is we’re spending trillions globally on military defense technologies, but investing only a fraction of that on defending businesses and infrastructure against cyber attacks.”

He suggests going back to the basics to start:

  Segment networks to quarantine attacks

  Segmentation stops them from propagating

  Deploy advanced, real-time threat prevention

  This stops attacks before they get a foothold on a network or networks

  Do this across all environments:

  Networks

  Cloud

  Mobile

He also notes we need to get past petty differences and work together — large businesses and small. “Because cyber attacks have become the modern weapon of choice for crippling critical infrastructure, we must work together as a global cybe security community to not only protect individual organizations but also to create a shared vision around protecting cities, nations, and the citizens within them. Without a concerted, collaborative effort, we can expect nations, communities, and our most trusted companies to continue to be woefully unprotected against the next mega cyber attack,” he said.

Another report comes to similar conclusions. Datto is a cyber security and data backup company. It recently released its third annual Global State of the Channel Ransomware Report.

The report says ransom ware is the leading cyber attack experience by small to medium-sized businesses (SMB). Ransomware tops viruses and spyware as the biggest threat to their firms.

  55% of managed service providers (MSP) said their clients experienced a ransomware attack in the first six-months of this year

  35% said their clients were attacked many times

  Some said they were attacked multiple times during a day

  92% of MSPs predict the number of attacks will continue at this rate or a higher rate

 

In the report, the MSPs said their clients have anti-virus software but it’s not enough.

  85% report ransomware protection is installed

  65% say email and spam filters are installed

  29% say their clients have pop-up blockers

 

All failed to block the ransomware attacks.

As we know, downtime for a small business leads to lost revenue. If the downtime is long enough, a small business can fail. The report says, the downtime and cost of the attack in other areas is 10-times what it costs to pay the ransom.

  The average cost per business is $46,800

  The average ransom is $4,300 per attack

 

James Bergl is is a director at Datto APAC. He said most businesses don’t report these attacks and just one in four get reported to authorities.

By the way, if you’re an Apple user and think you’re safe, Bergl said Apple operating systems are becoming increasingly vulnerable. In the report, five times as many MSPs reported ransomware attacks on the macOS and iOS platforms from last year to this.

He said the worst attacks are happening in Asia.

The report said the best protection against a ransomware attack is employee training. Education and training are highly recommended. And it is suggested that the training be ongoing and in areas where ransomware attacks are must likely to occur:

  Phishing attacks

  Malicious websites

  Web ads

  Clickbait directed toward a business

 

Source links: The Next Web, Security Asia

Tags:  cyber attacks  Cyber security  cyber threats  insurance content 

Share |
PermalinkComments (0)
 

Not Doing Cyber Security Could Violate Federal Law

Posted By Staff Reporter, Tuesday, October 23, 2018


The U.S. Securities and Exchange Commission (SEC) has spoken. It says companies that fail to do proper cyber security for its data could be breaking federal law. The idea of law breaking came about in a report that investigated nine unidentified companies who’ve suffered cyber attacks. It wonders if they had the proper internal accounting protection controls in place.

Those systems are required by law.

The investigation focused on business email compromises. This is a way cyber criminals get access to bank accounts and other information. They pose as company executives and other employees to get information sent to them. Scams like this — says the FBI — have netted these businesses $5 billion in losses since 2013.

Stephanie Avakian is the co-director of the SEC Enforcement Division. She said these scams aren’t that sophisticated. They rely upon human inattention to succeed.

 

“We did not charge the nine companies we investigated, but our report emphasizes that all public companies have obligations to maintain sufficient internal accounting controls and should consider cyber threats when fulfilling those obligations,” she said.

 

The warning from the investigation is clear. Regulators, Congress and consumer groups are watching, and are growing more and more focused on requiring companies to do all they can to keep data secure.

By the way, those regulating regulators ought to also pay attention. On October 4th the Pentagon said the system it uses to maintain travel records was hacked. The Department of Defense said 30,000 records were accessed.

As an FYI, the department says it does not administrate those records. That has been outsourced to a third party contractor. It also says the 30,000 records isn’t all that many when you consider the Department of Defense is the nation’s largest employer.

It has 1.3 million enlisted men and 742,000 civilians work for the department.

Source links: Reuters, Insurance Journal, Forbes

Tags:  cyber security  federal law  insurance content  insurance industry  US securities and exchange commission 

Share |
PermalinkComments (0)
 

News on the Cyber Front — Still Not Pretty

Posted By Joey Leffel, Tuesday, August 28, 2018

 

In a new report, A.M. Best and Guidewire’s Cyence Risk Analytics is worried about cyber insurance and cyber insurers. In a new report, the two companies said three of the top-20 cyber insurance providers could face “meaningful to significant gross losses” from a single-event cyber catastrophe.

In the special report Cyber Insurance Market: Stress Testing the Future, Fred Eslami said when looking at the estimated policyholder surplus in 2022, those losses could hit 15% to 119%.

“For the majority of these companies, even the gross losses do not come close to the natural catastrophe probable maximum loss estimates used for stressing the balance sheet strength of the companies,” he said. “However, under these circumstances, a handful of companies could lose a significant amount of surplus, which potentially could create ratings pressure or even trigger a downgrade.”

The report looks at two scenarios:

  Several cloud-based servers fail and widespread service and business interruptions follow

  A common software application gets compromised leading to a global attack

In another report, Gallagher said healthcare providers are the most vulnerable to hacking attacks. They happen regularly and leave the data of hundreds of thousands of people at the mercy of the cyber hackers.

Bloomberg said the average breach of a healthcare system costs more than $400 per patient. The news organization also found that just 33% of healthcare departments have defenses set up for a breach.

Gallagher’s white paper on the subject said there are six things these organizations can do to improve their security:

  Anti-virus and malware prevention

  Firewalls

  Patching

  Encryption

  PCI DDS compliance

  Employee awareness and training

Gallagher’s Adam Cottini said the first and most important thing these organizations need to do is comply with HIPPA regulations and standards that say individual medical data must be protected.

“The HIPPA regulation has been around for a long while and the healthcare industry is tuned into the privacy requirements. Where the challenge comes is with the advancement of technology and how new technology exacerbates the vulnerabilities in the healthcare space relative to protecting and securing information,” Cottini said.

Once the privacy requirements are in place then cyber security priorities must be addressed. “Cyber security doesn’t seem to rise to the same level of priority as other areas of security, but the statistics clearly show that phishing and social engineering is a major driver of a lot of the cyber events that are happening these days, which is why we believe organizations have to continuously drive down on employee training and awareness,” Cottini noted.

The point of Gallagher’s white paper is to raise awareness.

NAS Insurance agrees with some of Gallagher’s conclusions. In its 2018 Cyber Claims Digest, NAS suggests negligent employees and third-party service providers are a common thread when it comes to cyber attacks upon healthcare providers.

Jeremy Barnett of NAS said the most common form of attack to these organizations from this carelessness is ransomeware. “The methods used for ransomware attacks are becoming more sophisticated. Spam email remains a tried and true method: one in six spam email messages comes bundled with ransomware. However, in 2017, criminals also tended to target specific companies,” he said.

From there things get worse.

“Between 2016 and 2017, there was a 152% increase in ransomware as a cause of loss for healthcare cyber claims,” Barnett noted. “The threat is typically to divulge or destroy information, to insert malicious code into a computer system or to damage, destroy or prevent access to a computer system. The monetary demand varies in both amount and the currency: the demand might seek payment in American dollars, a foreign currency or a cryptocurrency.”

While healthcare providers are lagging behind, data analyst FICO said other industries are catching up and those with cyber insurance rose between 2016 and 2017. From 2017 to 2018 those with no cyber security insurance at all fell from 50% to 24%. However, 32% of the nation’s larger companies have adequate cyber insurance.

Many of those are in healthcare.

FICO VP for cyber security solutions Doug Clare said, “Given the number of large-scale and very public breaches in recent years, it’s not surprising that we’ve seen a big increase in US organizations investing in it over the past 12 months, but there’s still some way to go. As the insurance market matures and the litigation and fines increase we expect more firms will also go beyond basic coverage to seek insurance that is more comprehensive.”

And back to healthcare companies. The FICO survey found 70% of them do not have cybersecurity insurance. Just 10% of financial service firms do not have cyber insurance.

Source links: Insurance Business America — link 1, link 2, link 3, Carrier Management

Tags:  cyber breach  cyber insurance  Cyber Security  PIA Cyber Insurance 

Share |
PermalinkComments (0)
 

Cyber Insurance — A Carrier Perspective

Posted By Administration, Tuesday, July 31, 2018

The headline “Carrier Perspective” has to do more with carrier’s realizing this is a popular and profitable line of insurance. It’s so popular — in fact — that the number of carriers expanding into cyber insurance leaped to 170 in 2017 from 140 in 2016 and 119 in 2015.

Aon — who came up with the figures in its U.S. cyber market update titled 2017 U.S. Cyber Insurance Profits and Performance — said that’s not counting MGAs.

Rapid growth in the market and the high number of new entries hasn’t hurt profitability. The line is very profitable with premiums in 2017 that hit $1.84 billion. That’s a 37% increase over 2016.

Another plus. The loss ratio from cyber insurance fell from 47.6 in 2017 to 32.4.

John Laux heads cyber analytics for Aon Reinsurance Solutions. He said the 98% jump in premiums comes from packaging the product. Premiums for stand-alone cyber insurance rose 8%.

Laux said the trends here are significant — especially for a relatively new product. “Our study reveals that despite several significant and prolific cyber attacks in 2017, industry premium continued to increase and loss ratios continued to decrease,” Laux said and then added, “insurers have the expertise to offer an appropriate product with first-and third-party coverages that firms are willing to buy.”

Also in the report:

  The top-five cyber insurers wrote 51% of the direct written premiums in 2017

  That’s down from 52% in 2016

  The top-10 insurers accounted for 69% of the direct written premiums in 2017

  That’s down from 73% in 2016

  Those new to the cyber market averaged $140,000 in premiums

  Small commercial insureds is where the biggest premium growth is found

  These days cyber criminals favor ransomware over hacking

  Underwriters with $5 million or more in direct written premiums saw loss ratios from zero to 223.7%

  In 2017 — and at 59% — claims against first-party coverage was 2/3 of all claims

  They are 72% of the total package policy claims

  The first-party claims outnumber third-party claims by a long shot

The line of insurance has grown to the point that ACORD has put together a standard for cyber data breach cover. It’s in the development stages and is called the ACORD Cyber Data Breach Standard and was developed with specialist insurer Beazley and insurance broker Aon.

ACORD members have been given the standard for review and feedback. If the reviews and feedback are positive it will be put in the next scheduled release of the ACORD Property & Casualty Standards.

Christian Hoffman who heads the U.S. Cyber Solutions at Aon said, “Connectivity and collaboration across organizations including, but not limited to, information security, legal and risk management is critical. A set of uniform standards is an ideal place to start this transition.”

Source links: Insurance Journal, Carrier Management

Tags:  Cyber Security  Insurance Content  Insurance Industry  Insurance News  Weekly Industry News 

Share |
PermalinkComments (0)
 

Who has Cyber Insurance? Not that Many

Posted By Administration, Tuesday, June 6, 2017

 

A new survey by the research firm Ovum says 50% of U.S. businesses don’t have cyber risk insurance. Just 16% of the 100% have full coverage. The survey was done for the analytics company FICO and it also found 27% of that 50% say their companies have no plans to purchase said insurance.

Ironically — and dangerously — 61% say they expect cyber attacks increase in the next year.

The survey found U.S. companies lag in cyber coverage when compared to Canada and the United Kingdom. The report says 40% of firms report no cyber coverage in those countries.

And why? Mistrust of insurance pricing is what most say.

The survey is wide-ranging. It connected with 350 c-suite executives and senior security officers. They come from sectors like:

  Financial services

  Telecommunications

  Healthcare

  Retail

  E-commerce

  Media service providers

Company sizes:

  30% have 500 to 1,000 employees

  28% have 1,001 to 4,999 employees

  17% have 5,000 to 9,999

  25% have more than 10,000

Bob Shiflet of FICO said the Ovum survey finds U.S. healthcare to be father behind than most when it comes to cyber insuring. None of those surveyed in healthcare have insurance that covers all risks and 74% had no insurance at all. Shiflet said this is troubling but some of that must be laid at the feet of the insurance industry.

“There are steps the insurance industry can take to make guidelines clearer and explain premium adjustments, but companies need to be willing to dedicate the resources required to protect themselves from the breaches they themselves see as likely, if not inevitable,” Shiflet said.

Cost and lack of clarity from the industry is problematic:

  Just 25% of those responding think premiums reflect their risk profile

  Only 23% think the insurance industry is clear and transparent in its approach to pricing

  29% of the executives think insurers need clear guidelines about how premiums are chosen

  28% want clearer communications on why premiums are adjusted when that happens

  23% want insurers to introduce a standard for benchmarking cyber risk

Hiscox did a similar survey that said 55% of U.S. firms have taken out cyber insurance but these businesses are — as with the Ovum survey — confused about what cyber coverage actually entails and what is protected.

For those who don’t have cyber insurance:

  26% do not plan to purchase

  41% said cyber insurance policies are not relevant to their business

  17% say they have no plans to take out insurance — ever — and agreed with this statement: Cyber insurance policies are so complicated — I don’t understand what cyber insurance would cover me for.

Deloitte also did a survey that found buyers just don’t understand cyber risks or options for insurance. And all — the report found — want standardized policies. “Similar cyber insurance products offered by different providers often include alternative features, which makes it difficult for buyers to compare policies by value and price,” the report said.

Deloitte also outlined steps similar to those of Ovum for insurers to take:

  Standardize policy language

  Develop a risk-informed model rather than a definitive predictive model for cyber risks

  employ more targeted underwriting by industry or exposure

  Offer more holistic cyber risk management programs

RAND Corporation did a different report and hit the real nail on the head. Companies — it found — just don’t see cyber insurance as a good investment. The typical cost of a breach according to RAND is $200,000 which means an event will cost a company about 0.4% of annual revenues.

Sasha Romanosky of RAND put it in perspective. “Relative to all the other risks companies face, the cyber risks often aren’t as big a deal as we think. It may be bad for you if you are the victim, but it doesn’t change the behavior or strategy of a company. Like you and me, companies are self-interested and operate in ways that minimize their costs. You can’t begrudge them for working that way,” Romanosky said.

Ponemon seriously disagrees with RAND’s conclusions. It’s report from May of 2014 found the average data breach costs something like $3.5 million for super-sized companies.

 

Source link: Insurance Journal

Tags:  Cyber Breach  Cyber Insurance  Cyber Security  Insurance Content  Insurance Industry  Insurance News  Weekly Industry News  Who has Cyber Insurance? Not that Many 

Share |
PermalinkComments (0)
 
Page 1 of 10
1  |  2  |  3  |  4  |  5  |  6  >   >>   >| 

A special thank you to our KKlub Members for their support.