A recent survey found that while Canadian firms are “ahead of the curve” when it comes to cybersecurity risk insurance, over a third (36%) of the respondents said that they have not taken out cybersecurity insurance at all.
The survey was conducted by research and consultancy firm Ovum for analytics firm FICO.
While 36% of Canadian firms said that they lack cybersecurity insurance, the figure is far better than the percentage of firms in the US that lack the coverage – 50%. The global average of firms that do not have the insurance came in at 40%.
Browse and compare product listings for Cyber Insurance from specialty market providers here
Among those Canadian firms that said they have cybersecurity insurance, only 18% say that their policy will cover all likely risks.
“Without cyber-risk insurance, organizations are leaving themselves in a very vulnerable position,” FICO Canada vice-president and managing director Kevin Deveau commented on the data.
“It’s important for businesses to assess the strength of their cybersecurity defences and to make sure they are covered if they are faced with a data breach. The ripple effect of a breach can be felt throughout the organization for a very long time, especially now that Canada’s Digital Privacy Act will require organizations to report any breaches to regulators and customers.”
The confusion over how cybersecurity insurance premiums are set might be a factor that could be preventing businesses from purchasing coverage, data suggests. Eighty per cent (80%) of respondents say insurers should do more to explain how they price risk coverage. More than a quarter of the survey’s participants (26%) say that the introduction of an established industry standard to benchmark cybersecurity risk would greatly help. In the same survey, it was found that 20% of the respondents feel that the premiums calculated based on their business do not accurately reflect their risk profile.
Related stories:
SMBs need cyber liability insurance now more than ever: Experts
SEC attention drives need for cybersecurity insurance