While legislation is important, we should avoid seeing cyber insurance exclusively through this lens. Its important to stress that while notification laws might prompt consideration of cyber amongst businesses and seem to be driving claims, cyber insurance is not just about covering the losses associated with a data breach. Its much broader than that and our data shows it provides cover for a whole host of cyber-related risks, ranging from theft of funds and cyber extortion to system damage and business interruption.
For example, non-malicious data breaches refer entirely to those caused by lost laptops and other devices or doing things like inadvertently sharing sensitive data. In addition, many funds transfer fraud requests are due to employees failing to follow-up urgent wire transfer requests with a phone call. Even malicious data breaches, ransomware and extortion claims often begin with hackers gaining system access through phishing links, which employees unwittingly click on.
The second is also something briefly touched upon already real-time payment facilities. The UKs funds transfer fraud rates are noticeably higher than other regions, and the main driver of this difference is the UKs implementation of the Faster Payments Service (FPS), which allows businesses and consumers to transfer funds instantaneously instead of it taking the day or two it might take in other territories.
This is a good backward look but does 2019 have anything new in store for us?
Secondly, when it comes to data breaches, there's a misconception that a large part of the costs stem from notifying individuals, but we're finding this to be one of the cheapest aspects of these types of claims. Instead, consequential reputational harm from data breaches is proving very costly and these types of claims are amongst our most severe.
And finally, with the potential for costly business interruption events on the rise, we believe that more industries will consider cyber insurance, such as manufacturing. After all, its not just businesses that hold sensitive data who are exposed anymore its every business.
Original article posted by CFC Underwriting.
This guide is for information purposes and based on sources we believe are reliable, the general risk management and insurance information is not intended to be taken as advice with respect to any individual circumstance and cannot be relied upon as such.