Cyber insurance is clearly a good idea, considering the rapid growth of technology and daily malware releases. June isn’t even over and already 6.46 million new pieces of malware appeared this month, as per AV-Test. But simply because a company chooses to protect its assets in case of a breach, it doesn’t mean it will never fall victim to an attack. In today’s threat landscape, cyberattacks are inevitable. It’s no longer a matter of “if,” but of “when” the next attack will strike to encrypt valuable data or shut down a critical infrastructure.
Risks can come not only from external threats. Internal threats, such as negligent staff members, are also a significant risk, so it’s wise to have a risk management plan and invest in cyber risk insurance to at least be covered financially. Coverage has to include both affirmative and silent cyber risks - as were the WannaCry and Petya/NotPetya cyberattacks that had critical consequences.
According to PwC, in 2005 enterprises large and small took the first steps toward purchasing cyber risk insurance. Cyber risks continuously change, boosting interest in risk management and insurance. The company foresees “that annual gross written premiums are set to grow from around $2.5 billion today to reach $7.5 billion by the end of the decade.”
There are probably not many companies left that don’t handle their business anywhere other than online. Email is, obviously, the key to all communication and operations. A large-scale service shutdown through a targeted attack on an email service could be catastrophic for businesses across all sectors. For example, a resilient cyber attack on Google, Microsoft or Rackspace - the three top email service providers - would disrupt business operations and cause significant financial damage. If all businesses in the UK had no email service for three days straight, the estimated economic loss would be $44 billion, while the economic impact (the “Ground up” loss) would be close to $4.9 billion, says a report from KOVRR.
“The constantly growing and evolving nature of cyber risk now affects all lines of insurance,” said Yakir Golan, Kovrr CEO. “This report illustrates how a cyber-catastrophe could cause similarly sized losses to the 2007 UK property flood losses, which cost $4.8 billion. Insurance and reinsurance companies ought to act now to make sure they are properly managing their cyber exposures before a cyber-catastrophe happens.”