SC Media: SC Media asks the industry: Is cyber attack insurance worth it?

July 13, 2017 — SC Media asks the industry: Is cyber attack insurance worth it?

UK financial services body the Prudential Regulation Authority (PRA) has issued a warning to insurers regarding the risk of claims for damages arising from cyber-attacks on their customers. NuData comments.

The PRA recommendations include the carrying out of stress testing of their capability to respond to a large number of claims at once – no doubt inspired by the recent WannaCry and notPetya attacks.
Following a year-long consultation, the PRA has set out what it expects from insurers that underwrite cyber-related losses. This includes introducing measures to reduce “unintended exposure to risk” such as raising premiums and having robust exclusions as well as specific limits for the cover offered.

This got us here at SC Media UK wondering whether cyber insurance policies are weighted too much in favour of the insurer rather than the insured, and just what the security industry makes of it all? Not least, whether cyber insurance adds value to the security equation or devalues it.

Robert Capps, vice president at NuData Security agrees, adding: “Security posture can actually improve in the face of an in-force cyber liability policy, as underwriting guidelines and policy pricing is directly impacted by a company’s cyber-security posture, and actual exposures regarding data on file.”

For the complete article, go here.