While it feels like we've been talking about Cyber Liabilitycover for years now, the fact is, in relative terms it's still newterritory for insurers. Appropriate pricing is best determinedthrough solid analysis of a variety of data, and underwritershaven't yet been able to gather enough history on this type ofexposure to do an ideal job of quantifying this risk.

|

However, there's no denying that the threat is quite real. As ofthis writing, Sony Pictures is the latest high-profile victim of amajor cyber breach, one from which some are saying it might neverrecover. In December, the situation for Sony executives—andstockholders—went from bad to worse each day. The real lesson ofthe Sony incident is that it could happen to any company thatdoesn't focus heavily on its cyber security, no matter its size.Which is why it's concerning that A.M. Best reveals in its Fall2014 Insurance Industry Survey that 53% of insurer respondents saidthey currently do not purchase Cyber insurance for their owncompanies.

|

That's right: More than half of the insurers polled by A.M.Best—the bulk of which were primary carriers, and 68% of which werefrom the property & casualty industry—admit they do not buyCyber Liability cover. Some 30% of respondents who said they dopurchase this coverage maintain $1 million to $5 million in limits;the rest acquired slightly larger amounts.

|

This statistic is all the more alarming upon considering that15% of the responding companies admitted to having suffered a databreach or cyber attack, so it's a good bet that the real percentageis actually higher than that—and more than 37% of those insurancecompanies that were breached possessed more than $500 million incapital and surplus. The amount of surplus and capital held by thissmall concentration of large companies (about 92% of the overallpie) is disproportionate to the rest of the industry, and so too isthe amount of client data and other sensitive information theyhold. These larger, data-rich insurers present a prime target tocyber criminals.

|

The true security of data stored in the cloud is a point ofongoing debate—and A.M. Best found that nearly three-quarters (73%)of companies with more than $500 million in capital and surplus usethe cloud for storage purposes. Respondents using the cloud findvalue in it for storing client and company information, includinge-mails—and the majority of those insurers (72%) have third partiesrunning their cloud storage.

|

Third parties. That means the keys to unlocking much ofthe confidential information held by some of the largest insurersin the U.S. aren't even held internally. Think about that.

|

It's hard to ponder what the impact on the P&C insuranceindustry as a whole would be, if one of its largest companiesshould ever fall victim to a cyber attack of crippling proportions.And fooling yourself into thinking “that couldn't happen to us” isthe first step to inviting disaster. Just ask the people atSony.

|

If criminals with the technological means to do so have a motiveto steal information from you, they'll get it. It's only a matterof time. Let's hope that the P&C industry possesses enoughforesight to start talking about how it can better protect its ownhighly valuable assets, lest its executives wake up one day verysorry that they didn't.

Want to continue reading?
Become a Free PropertyCasualty360 Digital Reader

  • All PropertyCasualty360.com news coverage, best practices, and in-depth analysis.
  • Educational webcasts, resources from industry leaders, and informative newsletters.
  • Other award-winning websites including BenefitsPRO.com and ThinkAdvisor.com.
NOT FOR REPRINT

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.

Shawn Moynihan

Shawn Moynihan is Editor-in-Chief of National Underwriter Property & Casualty. A St. John’s University alum, Moynihan has earned 11 Jesse H. Neal Awards, the Pulitzers of the business press; seven Azbee Awards, from the American Society of Business Press Editors; two Folio Awards; and a SABEW award, from the Society of American Business Editors & Writers. Prior to joining ALM, he served as Managing Editor/Online Editor of journalism institution Editor & Publisher, the trade bible of the newspaper industry. Moynihan also has held editorial positions with AOL, Metro New York, and Newhouse Newspapers. He can be reached at [email protected].