It seems that not a day goes by without another “cyber-attack” being reported in the news headlines.
System hacking, denial of service attacks, malware or ransomware attacks, phishing scams, social engineering, CEO and Friday frauds – the list goes on and on!
TalkTalk, Sony’s Playstation Network, Amazon, Vodaphone, Yahoo and NatWest (to name but a few!) have all publicly reported in the past that they have fallen victim to some form of breach or attack.
In May 2017, there was the well-publicised WannaCry ransomware attack which systematically infected the computer systems of several organisations worldwide (including a number of NHS trusts in the UK), targeting computers running the Microsoft Windows operating system, encrypting data and demanding “Bitcoin” ransom payments whilst causing widespread disruption.
All high-profile organisations, but attacks are not limited to “blue-chip” or multinational companies – it is widely reported that businesses are now more likely to suffer a cyber-attack than a fire or a flood, yet they continue to take the threat less seriously?
The truth is that any company who communicate, transact business, or are heavily reliant upon using a computer based system, or the internet, for critical business functions, are at risk; yet many do not purchase any or adequate insurance protections to cater for the aftermath of such incidents.
What are the risks? Losses can be largely broken down into 3 categories as follows:
- Own losses
- Third Party Claims
- Actions by a Regulator
A single event could lead to a loss under each of the above 3 areas, and whilst there may be potential overlaps in cover with traditional Professional Indemnity, Management Liability, Crime and Computer cover, in many cases incidental cover provided by these classes of business will be inferior to a stand-alone cyber insurance product.
Whilst the insurance market for cyber is still in its infancy in relative terms, the subject of cyber is definitely a “Hot Topic”, and one that appears is here to stay. It is therefore just as important that brokers are discussing this emerging risk in addition to the more “traditional” covers when undertaking a review with their clients.
A Webinar on the subject of “Cyber Insurance” will be available to all group brokers in Q2 2018.