The biggest challenge in selling cyber insurance is educating businesses about the need for cyber coverage, according to a new survey.
The survey of insurance professionals found that among carriers offering cyber insurance, 40 percent say businesses don’t think they need cyber coverage and 29 percent believe they’re already covered under existing policies.
Only 12 percent say the biggest challenge is that premiums are too high.
The survey, conducted by Hanover Research and sponsored by Verisk’s ISO, comes at a time when the cyber insurance market continues to grow. Most insurers surveyed said they are expecting to sell five percent or more coverage next year.
In a report released in April, insurance broker Marsh said demand for cyber insurance rose by 21 percent across all industries in 2013 compared to 2012, and early indications in 2014 were that the buying trend was accelerating.
“Even though data breaches are in the news every week, many companies still don’t recognize that cyber attacks are serious, and that the costs associated with responding to one can be significant and generally not covered under current commercial insurance policies,” said Shawn Dougherty, assistant vice president of Specialty Commercial Lines at ISO. “That’s why insurers and brokers are working hard to educate businesses and make it easy for them to add cyber coverage to their existing insurance portfolio.”
The average cost of a corporate data breach increased 15 percent in the last year to $3.5 million, according to a study by the Ponemon Institute out of Michigan that was released in May. The study also found that the cost incurred for each lost or stolen record containing sensitive and confidential information increased more than nine percent to a consolidated average of $145.
After its massive breach last year, giant retailer Target said of the $61 million in expenses related to the breach during the fourth quarter, $44 million was covered by insurance.
The Hanover Research/ISO survey also revealed additional findings about insurance carriers that offer cyber insurance:
- No dedicated staff: 51 percent have no dedicated cyber insurance underwriters and rely on staff from other lines to sell cyber policies.
- Optional endorsements popular: 92 percent offer optional cyber endorsements to existing insurance policies.
- Risk profile and approach most important in underwriting: Almost half consider the nature of the company’s data and its enterprise risk management philosophy to be more important when underwriting cyber risk than whether a company employs security tests and audits, firewalls, and encryption.
- Cyber extortion coverage less common: Only 18 percent offer coverage for cyber extortion, while 79 percent offer coverage for data breach expenses. Hospitals considered less hazardous to insure: More than 70 percent say credit card payment processors, banks and financial services, and national retail chains are the most hazardous to insure, while only 14 percent say hospitals and healthcare systems are the most hazardous.
- Company Data Breach Now Costs $3.5M on Average: Ponemon Study
- Insurers in Dash for Expertise to Master Cyber Risk Insurance
- Advisen: Historians May See 2013 as ‘Cyber Tipping-Point’
- Concerns Over Cyber Security Risks Outweigh Traditional Risks for Large Firms
- Cyber Coverage Demand Increased in 2013, Trend to Continue in 2014: Marsh
- Lloyd’s CEO Expects Cyber Insurance Surge
- N.Y. Court: Zurich Not Obligated to Defend Sony Units in Data Breach Litigation
- Ex-U.S. Security Chief Ridge, Guy Carpenter, Lloyd’s Launch Cyber Policy
- Starr Launches Cyber Security & Privacy Risk Response on a Primary Basis
- AIG Expands Cyber Coverage to Include Physical Risks from Cyber Events