Computer Attacks Leading To More Cyberinsurance by CIARAN McEVOY

30/07/2014 19:49

Insurers put food on the table by preparing for disasters that most people would rather not think about: fires, hurricanes, earthquakes, car accidents, collapsing buildings. Now they're increasingly writing policies for another worry — cyberattacks.

One of the many changes brought by the Internet revolution is that stealing customer data or a company's proprietary information is easier than ever. One doesn't even need to be on the same continent anymore to commit the theft. And it can be weeks or even months before the damage is even detected.

In response, insurers are selling more cyberpolicies . Coverage may include loss or corruption of business data, lost business activity, legal defense costs, the cost of posting cash rewards to catch cybercriminals, crisis communications management, identity theft and defamation via social media.

While these hazards can be difficult to underwrite, insurers have had years to refine their products.

"It's probably the fastest-growing aspect of the insurance market right now," said Bob Parisi, leader of network security and private practice for insurance broker and risk adviser Marsh USA. "We've seen nothing to indicate that acceleration is going to wane any time soon."

In May, a federal grand jury indicted five Chinese officials for allegedly committing industrial espionage by hacking into the data systems of U.S. Steel (NYSE:X ), Alcoa (NYSE:AA ), Allegheny Technologies (NYSE:ATI ) and others.

A Chinese businessman was arrested last month for allegedly hacking into the computer systems of Boeing (NYSE:BA ), Lockheed Martin (NYSE:LMT ) and other companies that have large defense contracts with the U.S. government.

Recently cyberattacks moved into the top 10 list of global business risks, according to the Allianz Risk Barometer Survey, which polled more than 400 corporate insurance experts from 33 nations.

"It's more prevalent now than it was and harder to detect," said Murray Jennex, a management information systems professor at San Diego State University.

Yet challenges remain to raise awareness that cyberinsurance can be an effective tool to protect against the costs of repairing and defending against cyberattacks.

With $2 billion paid in cyberinsurance premiums in 2013, the specialty still makes up a small percentage of the $1 trillion total paid in U.S. insurance premiums last year, said Marsh Management Research, a division of Marsh USA.

Average coverage limits purchased by firms with more than $1 billion in revenue rose by 10% in 2013 to $28.2 million each, says Marsh. The estimated cost varies widely. A 2014 study sponsored by the software security firm McAfee estimated that cybercrime costs businesses worldwide $445 billion annually. An old Symantec (NASDAQ:SYMC ) study put that total at $114 billion — 13 years ago in 2001.

Read More At Investor's Business Daily: 
Follow us: @IBDinvestors on Twitter | InvestorsBusinessDaily on Facebook