UK companies appear to be forging ahead globally when it comes to take-up of cyber insurance, although relatively few have full coverage, according to a new report from Ovum.
Predictive analytics firm FICO commissioned the industry analyst to poll 500 senior executives, mainly from IT, across 11 countries: the UK, US, Canada, Brazil, Mexico, Germany, India, Finland, Norway, Sweden and South Africa.
It found that 90% of UK firms have some form of insurance in place to mitigate the risk of cyber-threats, compared to an average of 76% in all countries surveyed.
Telecoms firms (17%) were most likely to have no insurance, compared to just 5% of financial services firms.
The figures overall are significantly better than last year’s findings, which revealed that just 69% of UK firms reported having cybersecurity insurance.
However, there’s clearly some way to go for the industry: just 38% of UK organizations claimed to have cybersecurity insurance covering all risks.
“Although UK organizations perform well in terms of the uptake of cyber insurance, the fact that fewer than 40% have comprehensive insurance demonstrates there is still some way to go for these firms to have a broad view of their security posture and how to present it for insurance,” said Maxine Holt, research director at Ovum.
“It could also show that these companies have a current security posture that insurers are not prepared to cover comprehensively. We should not detract from the positive news here; 90% of UK organizations have elevated the importance of cybersecurity to a level that requires insuring, even if only partially.”
Cyber insurance is widely regarded as a positive trend for the industry as long as it’s not regarded as a silver bullet. As most policies first require a baseline level of good security practice, it’s thought that the expansion of coverage will drive improvements in this area.