One of the most famous insurance companies in the world, known for covering things as varied and unique as invaluable works of art, satellites floating in space, and the body parts of celebrities, is now venturing into an entirely new area of risk management. U.K.-based insurer Lloyd’s is now issuing coverage designed to protect companies against cybercrime and hacking. This indicates that cybercrime is now one of the biggest risks companies face, and that serious steps must be taken to mitigate it.
Cybercrime poses a large risk to a company’s bottom line. According to Inga Beale, CEO of the U.K.-based Lloyd’s, businesses lose approximately $400 billion per year to cyberattacks. Cyberattacks are also increasing in both frequency and sophistication, and they affect every type of business in every area. Experts predict that the threat will continue to worsen over the coming years, representing huge losses for affected companies. This steadily increasing risk is paving the way for the kind of “hack coverage” Lloyd’s is now offering.
On the whole, the insurance industry acquired $2.5 billion in premiums from policies related specifically to hacking. According to Beale, however, the hack coverage companies have purchased most likely covers just a small percentage of what firms are actually losing to data breaches, especially considering that cyber insurance is often bought by companies that already have a fairly sound cybersecurity plan in place. Most cyber insurance is also bought by U.S. companies, revealing that in many areas of the world, businesses are still going uninsured against this particular growing risk. The fact that cybercrime is also highly publicized is also driving demand for hack insurance, with Lloyd’s experiencing increased demand for policies every time a new attack occurs.
This represents a shift in the risk management landscape, as well as a change in the insurance industry. Lloyd’s itself built its name insuring tangible objects such as jewelry, artwork, and ocean liners. However, now businesses must seek to protect themselves against something they cannot see or touch, and insurance is needed to prevent against such intangible losses as reputational damage, contract breach, or loss of intellectual property, all of which can result when a cybercriminal breaches a company’s defenses.
The growing popularity of hack coverage also points toward a general lack of preparation against malicious attacks and a lack of knowledge for how to prevent and deal with them. While an insurance policy to help minimize losses and repair damages in case an attack occurs is probably a good idea, it’s better to take steps to prevent a breach from occurring in the first place. The right network monitoring and security tools, for example, can help companies be better prepared to identify potential attacks and fend them off before they compromise valuable data. Technology that yields insights and long-term analysis for businesses can help them be better prepared, so even though they may have “hack coverage” at the ready, they hopefully will never need to use it.