Lloyds of London has reported a surge in the number of companies seeking cyber insurance in 2015
Cyber Insurance no Substitute for Cyber Security, Warns APMG
17th April 2015
Lloyds of London has reported a surge in the number of companies seeking cyber insurance in 2015, as they look to safeguard themselves against the impact of cyber security breaches. According to the insurer, the market for cyber insurance had experienced a 50 per cent increase in insurance submissions during the first three months of 2015, when compared to the same period in 2014.
Richard Pharro, CEO of APM Group, commented, “The surge in cyber insurance uptake underlines the attention Cyber risk is now getting in the Boardroom and a greater understanding of cyber security issues across British industry. There is an expectation the cyber-insurance market is set to grow significantly throughout 2015 and beyond. In principle, the growth of cyber security insurance is very welcome especially if it grows alongside better corporate risk mitigation strategies, to avoid it offering a false sense of security.
“It’s important to remember that insurance is no cure-all and remedies under a contract may form part of, but should not be considered to be an entire risk mitigation strategy. While cyber insurance may offer the opportunity for those hit by cyber attacks the opportunity to recoup some of their monetary losses, little can be done to repair the reputational damage brought by a data breach, the negative impact on trust and lost Intellectual Property.
“Despite an increasing awareness of cyber and data security issues across British firms, what we are seeing is that this awareness isn’t necessarily being coupled with practical or educational expertise on the subject. Some firms have taken strides towards cyber security but often fail to cover all aspects of the threat. Greater awareness and interest by the Insurance industry should encourage more companies to include cyber security as a key risk and, hopefully, extend this awareness to supply-chain resilience, third party providers, and their own employees.
“The old adage that prevention is better than a cure may be a simplistic way to encapsulate the issue, but it does provide a lens for a firm to consider their Cyber risks. Undoubtedly, security begins with self-education, and by qualifying your company’s current capabilities and resilience to protect against cyber-risks. The first port of call for any cyber-aware firm needs to be a strict and dynamic cyber security strategy and this strategy should be underpinned by appropriate insurance,” Pharro concluded.
