Cybersecurity insurance finally appears to be coming of age in the UK after Lloyd’s of London reported a 50% year-on-year increase in submissions during the first quarter.
The news from Lloyd’s, one of the world’s largest insurance marketplaces, will provide a hefty PR boost for a fast-growing industry which appears to be expanding on the back of a series of high profile data breach incidents last year.
These include a destructive cyber-attack on Sony Pictures Entertainment which led to the leaking of sensitive data and the deletion of key files, and the audacious $1bn virtual bank heist carried out by hackers using the Carbanak malware.
“In general terms, we're continuing to see new customers purchasing cyber insurance and existing customers purchasing higher limits following recent high profile attacks,” Lloyd’s cyber underwriting manager Geoff White told The Telegraph.
“In terms of our customers, approximately 70% are first time purchasers. We're also seeing customers in those sectors which were affected last year – and in particular in the retail sector – looking to buy higher limits.”
The view from White, who works at Lloyd’s syndicate Barbican, is somewhat different to Stephen Catlin – head of Lloyd’s largest insurer the Catlin Group.
He told the Insurance Insider London conference in February that cybersecurity represents the “biggest, most systemic risk” he has ever encountered and liabilities are simply too big for insurers to cover.
As such, governments need to establish insurance plans to cover major events, he said, according to the FT.
However, it’s unlikely that such calls will deter a growing number of businesses keen to cover themselves financially by taking out cyber insurance.
Citing a new report by Trend Micro and the OAS, AEGIS London this week predicted a greater volume of destructive cyber-attacks will occur this year.
“This trend is going to continue, with affected businesses squeezed between a shrinking top-line due to reputational harm and rising costs to get back on their feet,” said AEGIS cybersecurity specialist, Joe Hancock.
“In 2015 we fully expect a business to fail due to the financial consequences of a cyber attack.”
Greg Day, EMEA CTO at FireEye, argued that businesses have historically looked at risk too much in the near term.
“However, more and more, we’re seeing breaches have longer term implications and the growth of cyber insurance is going to allow much better qualification of short and long term financial impacts that will eventually lead to actuarial tables of risk and costs,” he added.