According to the PGI/Harvey Nash 2016 Cyber Security Survey of senior information security professionals only 19% of SMEs have cyber insurance.
The data also showed that only 24% of large firms have cyber insurance and that nearly half of the security professionals surveyed said that they did not expect to purchase any cyber insurance in the future.
With new legislation being drafted by the European Union and other governments, businesses need to start taking the issue of cyber security more seriously. The big effect the new EU directive will have on businesses is that any major service provider or operator of essential services must notify the authorities in case they suffer a cyber-attack that results in the loss of data. The directive also aims to put pressure on companies and organisations to make their cyber security robust enough to resist a cyber-attack. Failure to do so could result in hefty fines.
With just 19% of Small businesses (£50M or less revenue) having cyber insurance the costs of being given fines by governments could be devastating. The reputational loss alone would be significant, but added to that hefty fines a worrying picture is painted. Larger firms (£500M+ revenues) are more likely to survive being fined, but the reputational damage could have significant implications for the future.
With cyber-attacks happening on a daily basis a company’s Board must demand a vigorous approach from their executive team on cyber insurance. You insure against fire and theft, cyber security is no different and a cyber-attack can be just as or more than damaging to a business’s finances than more conventional risks.
As stated in the 2016 Cyber Security Survey; “Boards must demand more effective solutions from insurers that cover notification costs, growing regulatory costs, and costs associated with recovering systems after a cyber breach, even if reputational costs are more difficult to define and cover.”
With cyber threats continuing to grow and as governments become more cyber aware it is likely that the issue of cyber insurance will increase in importance.
Don’t become a target or victim of cybercrime. Seek the advice of the professionals such as those at PGI Cyber.