Senior Security Heads Don’t Trust Cyber Insurance Products Featured

Senior Security Heads Don’t Trust Cyber Insurance Products

New insurance products launched to protect businesses from suffering the losses of cyber-attacks have been met with great scepticism, according to new figures revealed today.  A survey of senior information security professionals, whose organisations are members of KPMG’s International Information Integrity Institute (I-4), found that the most common reason for not purchasing a cyber insurance policy was the belief that insurers would not actually pay out on a claim.

Distrust around insurers honouring their contracts is leaving businesses vulnerable to the effects of cybercrime. Seventy-four per cent of those surveyed stated their businesses had no cyber insurance in place. This is despite 79 per cent believing that cyber security threats are likely to increase over the next twelve months, with three quarters (74 per cent) perceiving organised crime and state sponsored activity to pose the biggest threat. For those whose businesses have purchased cyber insurance, 48 per cent think that the policies may not pay out if they need it. 

 
Mark Waghorne, Head of KPMG’s International Information Integrity Institute, says, “It is worrying to see that so many businesses would rather risk having no insurance in place to protect themselves against a threat they believe is very real. It is also disappointing that cyber insurance is viewed as providing little comfort to those who have it, as almost half don’t believe they would be compensated properly if push came to shove.

“Of the information security professionals we spoke to, 30 per cent believed the market for cyber insurance does not appear to be sufficiently mature yet. Insurers will need to deliver more comprehensive packages in order to convince the business community that they can and will protect against losses on cybercrime.  However, discussions during a later debate at the most recent I-4 Forum showed that the availability of specialist, focussed cyber related insurance has much improved during the past year with clear evidence that carriers do pay out. Indicating that those organisations which have avoided cyber insurance in the past should perhaps revisit their positions.” 

back to top