Skip to main content
close search
site logo
Dive Brief

With expansive security risks targeting businesses, companies pay premium for tailored cyber insurance

Published Feb. 7, 2018
Naomi Eide's headshot
Managing Editor
An illustration of cyber security, showing a padlock over a circuit board.
Getty

Dive Brief:

  • Companies are beginning to purchase more tailored cyber insurance policies in an effort to receive coverage from nuanced cyber risks, such as the potential compromise of personally identifiable information, data loss or physical risks associated with cyberthreats, according to Laura Foggan, partner at Crowell & Moring, speaking Tuesday on a panel in Washington D.C. 
  • Businesses cannot "pigeonehole" policies when looking to receive coverage for a cybersecurity incident, according to Foggan. General liability and property insurance policies, for example, are not tailored to cover a cybersecurity losses. Instead insurers have tailored policies that work to respond to an industry's unique needs, whether that's in manufacturing or retail. Some insurers are even weaving services into policies to ensure customers can adequately respond in the event of cyber incident. 
  • Cyber insurance is a "buyer's market," where a lack of standardized coverage or offerings creates opportunities for businesses and insurers, according to Matt Cullina, CEO of CyberScout, speaking Tuesday at the event. Currently a $3.5 billion market, cyber insurance is expected to grow to $20 billion in the next five years. Though mid-market companies and enterprises are currently the largest buyers, SMBs are also starting to look toward cyber insurance. 

Dive Insight:

What started as a policies intended to just cover data breaches, the cyber insurance market has quickly morphed into an industry behemoth, intended to protect businesses from nuanced and evolving attacks. 

In the past, some businesses have relied on existing insurance policies to cover losses and liabilities. However traditional business insurance policies do not cover the new era of threats companies are facing. For example, corporate kidnap insurance does not provide coverage in the event of a ransomware attack. 

The lack of standardized cyber insurance policies creates an opportunity for the different sectors facing unique threats. A manufacturer may need more defense against industrial threats, such as IoT device compromise. But by comparison, a retailer would seek more coverage to insure against POS compromises.

Increasingly tailored insurance policies can work to protect companies following a cyber event, even assisting with regulator response. And with breach notification laws varying across 48 states, an insurer can help navigate the legaleze and make sure a business is adequately covered. 

Filed Under: IT Strategy, Security

Editors' picks

Company Announcements

View all | Post a press release
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Editors' picks
Latest in IT Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell