Thursday, August 15, 2013
Weighing up the cost of risk against the cost of coverage seems to be the perpetual dilemma of some insurance buyers.
In the case of cyber insurance, it would appear that concerns about the cost of coverage diminish once companies make the decision to purchase a policy. And the longer that policy has been held, the greater the satisfaction.
According to a recently released Ponemon study, only 31 percent of risk management professionals at companies surveyed say they have a cyber security insurance policy. However, among those companies that donâ€™t have a policy, 57 percent say they plan to purchase one in future.
Companies with no plans to purchase this coverage (43 percent of respondents) say that itâ€™s because of cost and too many exclusions, restrictions and uninsurable risks.
Yet among those who do buy cyber insurance, 62 percent believe the premiums are fair given the nature of the risk.
Satisfaction with policies also runs high. Some 44 percent of survey respondents say they would be extremely likely to recommend their insurance provider to a colleague or friend.
Furthermore, most companies (62 percent) believe the insurance has made them better prepared to deal with security threats.
So how do cyber security risks compare to other insurable risks? Some 41 percent of respondents believe cyber security risks are greater than other insurable business risks such as natural disasters, business interruption and fires.
Ponemon notes that the average financial impact to companies for one or more security or data breach incidents is $9.4 million, while the average cost for each lost or stolen record was $188 in 2012.
As the study says, a cyber insurance policy can be one way for companies to protect themselves against future losses.
CFO Journal has more on this story.
Check out the I.I.I. paper Cyber Risks â€“ The Growing Threat.