Protection from cyber threats will become even more important in 2017 — and cyber insurance needs to mature to keep pace, according to two experts from cybersecurity firm Telos Corporation.
Writing for VirginiaBusiness.com, Telos CEO and Chairman John B. Wood and chief security officer and senior vice president Rick Tracy said cyber insurance still has some maturing to do, primarily because the concept of cybersecurity is still in its infancy compared to other risks.
“Because cyber is so new, relatively speaking, there isn’t a great deal of actuarial data to help insurance carriers underwrite cyber risk,” they wrote. “The aggregate effect of cyber risk and the financial liability it poses are critical concerns for the insurance industry.”
But cybersecurity is a growing concern. Cyber attacks have increased over the last few years, and they’ll only get worse as time goes on, Wood and Tracy predicted.
“For example, as bad as the Target breach was, what if there had been multiple, similar breaches that occurred simultaneously?” they wrote. “What impact would this have had on the insurance carriers providing cyber liability coverage to these companies?”
Cyber insurance providers need to take a more holistic approach to viewing cyber risk data, Wood and Tracy maintained.
“Moving forward, not only will it be important for insurance companies to better understand the risks facing individual clients, but they will need to view this data over their entire portfolios to understand aggregate risk and ensure they are not over extended,” they wrote. “The good news is that the insurance industry is beginning to rely on the National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) to help standardize the view of cyber risk and ultimately manage aggregate, or portfolio, risk.”
Related stories:
Private cyber insurance provides adequate risk coverage: study
Morning Briefing: Cyber insurance market set to reach $14 billion