Kiln, Lockton Team Up to Offer Cyber Coverage to UK Retailers

Lloyd’s insurer Kiln and international broker Lockton have teamed up to offer cyber insurance to small- and medium-sized online retailers. “The security and privacy cover is being made available to members of the e-retailers association Interactive Media in Retail Group (IMRG),” notes an article on the Lloyd’s web site.

The cyber cover is included in IMRG associate membership and costs as little as £1 [app. $1.63] per day. The policy offers protection from malicious hacking attacks, privacy breaches and loss of revenue from system down time.

Lloyd’s notes that the “deal follows the recent high profile cyber attacks on retailers caught up in the fallout from Wikileaks online publication of US government secrets. The Wikileaks saga illustrates the risk an organization runs of losing sensitive data through a malicious insider, but it also demonstrates how retailers are at risk from politically motivated hackers that can bring down websites and disrupt their businesses.

“Visa, MasterCard and PayPal were all hit by denial-of-service attacks after they withdrew their support for the controversial website, threatening to disrupt payments during the busy Christmas shopping season. Online seller Amazon was also hit by attacks for removing Wikileaks information from its servers.

“Hardly a month goes by without reports of a major retailer, financial services company or public sector organization suffering a malicious attack or loss of personal data. In 2007, TK Maxx suffered one of the largest data breaches ever when the details of 45.6 million payment cards were stolen from the company’s servers. The cost of dealing with the theft was believed to have run close to $200 million.

“More recently, online customers of UK natural cosmetic company Lush had their credit card and personal details compromised after a hacking attack on the firm’s website in January.”

The prevalence and increasingly costly nature of these cyber attacks have enhanced the “important role insurance can play in providing peace of mind to online retailers and their customers,” Lloyd’s said. “The UK’s Trading Standards Institute (TSI) welcomed the ‘necessary’ introduction of insurance to the online retail industry by IMRG.”

Ron Gainsford, Chief Executive at the TSI stated: “It is crucial for the continued development of the online market that smaller businesses receive the support and protection they need, allowing consumers to shop with greater confidence on their sites safe in the knowledge that a safety net exists should the business be threatened by circumstances beyond their control.”

Lockton’s Tom Draper pointed out that some of the most damaging losses for online retailers are from data breaches that involve personal information held by third parties such as credit card companies and website hosts. “A website going down for a day will cost retailers in lost revenues, but loss of personal data through a malicious attack or through an employee mislaying a laptop can be even more damaging for a company’s reputation and will have costly consequences,” he explained.

Lloyd’s added that in addition to the threats from cyber attacks, “online retailers are also increasingly exposed to fines from the Information Commissioners Office – which issued its first fines for data breaches in November, including a £60,000 [$97,680] fine for an employment services company for the loss of an unencrypted laptop that contained personal information relating to 24,000 people.”

Malcolm Randles, underwriter at Kiln, noted that there is an increasing awareness of cyber risk, and insurance to cover it has been increasing in the UK as brokers like Lockton have been educating online companies and as the risk has grown more prevalent. Specialist insurance for cyber risks is now more widely purchased as the price has come down and as the cover has become more tangible, he added.

Source: Lloyd’s of London.

Topics Cyber Excess Surplus Lloyd's Lockton