Federal and state efforts to deter cyber threats are being discouraged by large companies because in most cases they will raise compliance costs, according to a top insurance industry official.

Peter Foster, executive vice president of Willis North America and the broker's resource for global network security and privacy, made the observation in the wake of a Senate panel's action on legislation that will give U.S. officials strong authority to combat computer espionage and theft of valuable commercial data.

The bill, reported out by the Senate Intelligence Committee Tuesday, must be approved by the full Senate and reconciled with similar legislation that passed the House of Representatives in April.

Foster said interest in cyber insurance is growing, and is projected to reach $1.4 billion in annual written premiums in 2014. This compares to $1 billion in annual written premiums in 2012.

Foster said the view of major corporations is that more legislation means more paperwork and more compliance costs. He also noted that large companies fear greater legislative involvement because it means fines will be levied on companies for non-compliance.

On another issue, Foster said the insurance industry is hopeful that legislation reauthorizing a federal backup for terrorism risk insurance will contain a cyber component, but officials are unsure.

The “Cybersecurity Information Sharing Act” reported out by the Senate committee in a closed session Tuesday would require the director of national intelligence to increase the sharing of classified and unclassified cyber threat information to the private sector, consistent with the protection of sources and methods.

The bill would also offer liability protections to companies that appropriately monitor their networks or share cyber threat data and limit the government's ability to use data it receives.

The bill is sponsored by Sens. Dianne Feinstein, D-Calif., and Saxby Chambliss, R-Ga., chairman and ranking minority member, respectively, of the Intelligence panel.

Sens. Ron Wyden, Oregon, and Mark Udall, Colorado, both Democrats and members of the intelligence committee, said after the vote that they had opposed the bill because they felt it did not include sufficient privacy protections.

At the same time, there are signs that the Intelligence Committee bill has bipartisan support in the House. The Republican chairman and top Democrat on the House Intelligence Committee issued a statement on Tuesday backing the measure and urging the full Senate to vote quickly.

Foster said interest in cyber insurance is growing across the board, with special interest from regulated institutions, such as financial companies, healthcare-related businesses, point-of-sale retailers and technical service providers.

There is also growing interest from manufacturers, Foster said.

Foster said widely-publicized breaches do cause an “uptick” in demand, and noted cyber insurance has shown 20% annual growth over the last five years.

Interestingly, there is growing interest from insureds to buy this product through the admitted market. “Our clients are asking for 'written paper,' as underwriters become more comfortable to move from surplus to the written market,” he said.

Foster said the number of underwriters writing this risk is growing, estimating that 50 underwriters are now providing a stand-alone policy.

He said that despite growing demand, rates on cyber insurance policies are remaining steady. “Competition is definitely keeping premiums steady, but recent losses are affecting rates,” Foster said.

Moreover, he said, “Growing regulatory interest is also impacting rates.”

He also said that the only area where rates are going up is point-of-sale retail.

In a new white paper, the Insurance Information Institute said Congress is proposing legislation because of a rising number of high profile mega data breaches—most recently at eBay, Target and Neiman Marcus.

The I.I.I. white paper said that this is leading to increased calls for legislation and regulation, “placing the burden on companies to demonstrate that the information provided by customers and clients is properly safeguarded online.”

Robert P. Hartwig, I.I.I president, said, “Clearly, given that there is bipartisan support for cyber-related action, and there is also support within the Obama administration for legislation, this issue will be with us for a long time,” regardless of whether there will be action this year.

Special Reports /

Large companies wary of Senate cyber bill, but there is wide support in Washington

Related Stories

Recommended For You