Cyber Security Insurance Market

Cross-industry standards could spur more affordable cyber security insurance.

William Jackson, Technology Writer

April 21, 2014

2 Min Read


Download the entire May issue of InformationWeek Government, distributed in an all-digital format (registration required).

One big question hangs over the NIST Framework for Improving Critical Infrastructure Cybersecurity: Will the operators of the nation's critical infrastructure use it?

The voluntary recommendations reflect industry's best cyber security practices, but self-interest and prudent risk management may not be enough to compel critical-infrastructure owners to adopt the framework. One incentive would be if compliance with the framework makes it easier and cheaper for companies to get insurance to cover cyber security incidents.

Various insurance industry sources estimate that cyber security insurance generates annual revenues of $1 billion to $2 billion -- most of it in the US. Double-digit growth is expected in coming years. But business requirements and government regulations, not insurance requirements, still are driving cyber security investments, says Thomas Reagan of the Beazley Group, which has been underwriting cyber security insurance policies since 2000. Beazley helps clients assess their exposure to cyber security risk, "but there is no bright line that is going to be a guarantee of security," he says. "The risk is going to be what it is."

[Learn more about NIST's cyber-security framework. See Protecting Critical Infrastructure: A New Approach.]

Reagan has seen the market evolve over the past decade. Since the late 2000s, it became apparent that the risk from breaches isn't just in the lost data, but also in the recovery costs, including the costs of forensic and legal assistance, notification, and credit monitoring, as well as crisis management and public relations.

A common framework for evaluating a company's security status could streamline assessments for an insurance policy, Reagan says, and put a strong emphasis on response: "When a breach happens, it's not the end of the road. It's the beginning of another road. Protection is not enough. You have to be ready to respond."

To read more,
download the May issue of InformationWeek Government
distributed in an all-digital format (registration required).

 

About the Author(s)

William Jackson

William Jackson

Technology Writer

William Jackson is writer with the <a href="http://www.techwritersbureau.com" target="_blank">Tech Writers Bureau</A>, with more than 35 years' experience reporting for daily, business and technical publications, including two decades covering information technology and cybersecurity in the federal government. You can read his column <a href="http://www.techwritersbureau.com/the-cybereye-column.html" target="_blank">The Cybereye</A>.

See more from William Jackson
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

cybercrime abstract with two locks
Cyber Resilience
10 Cyber Incident Response Tips From Those Who've Had a Breach and Lived to Tell About It10 Cyber Incident Response Tips
bySara Peters
May 8, 2024
6 Min Read
DNA (deoxyribonucleic acid) strand, illustration.
Data Management
DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?
byRichard Pallardy
May 7, 2024
15 Min Read
Paul Nakasone, former director of the National Security Agency, and a former commander of US Cyber Command, speaks at the RSA Conference 2024.
Cyber Resilience
Four Horsemen of Cyber Reunite at the RSA ConferenceFour Horsemen of Cyber Reunite at the RSA Conference
byJoao-Pierre S. Ruth
May 9, 2024
6 Min Read
Technologist and author Bruce Schneier addresses the crowd at RSA Conference 2024 about the future impacts of AI on democracy.
Machine Learning & AI
Bruce Schneier: 5 Ways AI Could Shake Up DemocracyBruce Schneier: 5 Ways AI Could Shake Up Democracy
byShane Snider
May 8, 2024
6 Min Read
Business innovative solution and creative concept as a paper boat tied to a light bulb
IT Leadership
9 Ways to Ensure Continuous Innovation9 Ways to Ensure Continuous Innovation
byLisa Morgan
Apr 2, 2024
9 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat Now