The Leading News & Information Service For The Facilities, Workplace & Built Environment Community

Cyber Threat Crisis? What Cyber Threat Crisis?

06 May 2016 | Updated 01 January 1970
 

While businesses state that Insurance against cyber attacks is ‘vital’ only 41% are covered for both security breaches and data loss.

The findings are according to the 2016 Risk:Value report looking at attitudes to cybersecurity and risk from NTT Com Security, the global information security and risk management company which also reported that just over a third of businesses have dedicated cybersecurity insurance.
Research among 1,000 non-IT business decision makers in organisations in the UK, US, Germany, France, Sweden, Norway and Switzerland reveals that one in 10 (12%) have no insurance cover at all for either eventuality. This is despite most business decision makers admitting that there is an increased cyber security threat and that the cost of recovering from such an attack could start from around £1.2 million.
While cyber liability insurance has become increasingly popular and can include cover for data/privacy breaches, extortion liability and network security liability, only 35% of businesses currently see the need to take a policy out, although a further 43% are getting one or thinking about it. Businesses in the USA are most likely to have this type of insurance – 51% compared with 26% in the UK. Notably, wholesale organisations (43%) are most likely to take out dedicated cyber insurance, together with business/professional services (43%) and utilities companies (39%).
Less than half (46%) of those respondents whose organisation has company insurance that covers data loss or a breach, expect it to cover legal costs. Fewer expect it to cover regulatory fines (43%), government fines (41%) and remediation (41%). Covering loss of business and loss of IP (intellectual property) is even less likely, according to the report, at 25%.

When it comes to the validity of insurance cover, half of respondents cite that lack of compliance with necessary security criteria could invalidate their insurance, while 46% feel that not complying with business policies could be a problem and 43% point to the lack of an incident response plan.
 

Quick-fix rather than strategy

“Faced with risks every day, it’s easy for organisations to look for quick-fix solutions rather than focusing on building a solid security and risk management strategy,” explained Garry Sidaway, SVP Security Strategy & Alliances, NTT Com Security.

“Rather than relying solely on an insurance policy to cover losses, businesses need a different game plan. Buy insurance by all means but ensure that you can demonstrate that you have put controls in place to reduce your risks, and what these controls cover because this way you know what is being insured. Being able to demonstrate that these controls are being tested and monitored is essential. Insurers need to know what they are insuring and the controls put in place to protect assets – this is the only way they can agree on cover.”

The NTT report also reveals that only 52% of businesses have a full information security policy, while 49% have a disaster recovery plan in place.

Picture: Garry Sidaway, NTT Com Security – 'businesses need a different game plan'




 

Article written by Robin Snow | Published 06 May 2016

Share



Related Articles

On Trend - Can Hackers Turn The Heat Off?

Ken Munro of Pan Test Partners has written a blog - the original of which and more pictures can be accessed if you Click Here  Munro says he has found...

 Read Full Article
Andromeda Strained - International Cyber Op Dismantles Botnet

On November 29, the Federal Bureau of Investigation, in close cooperation with the Luneburg Central Criminal Investigation Inspectorate in Germany, Europol’s...

 Read Full Article
NHS Seeks Friendly Fire Power In Cyber War

NHS Digital has announced (Nov 28) a £20m project to boost its ability to support the NHS with its data security - including making funds available to encourage...

 Read Full Article
WannaCry - Don't...Just Learn the Lessons

Earlier this year, ransomware took centre stage in one of the largest outbreaks ever, hitting a huge number of companies across the globe, writes Ravid Circus. There...

 Read Full Article
Phishing Docs and the Digital Signature?

Protecting digital documents and being able to verify that the sender of a file is, in fact, who they say they are, is fast becoming a major concern for many...

 Read Full Article
Ransomware - the Protection Racket

ThisWeekinFM has been making a racket about Cyber Security because vulnerabilities are exploited at a personnel and personal level - where FM's should have some...

 Read Full Article
Who's Taking on the Cyber Men?

One in five businesses have fallen victim to cyber attacks in the past year, according to the results of a survey released this week ending April 21 by the British...

 Read Full Article
Phishing, Crashing and Nicking - a Security Digest

The City of London Police’s National Fraud Intelligence Bureau (NFIB) is urging university staff to take preventative action following more than 100 reports from...

 Read Full Article
What's in a Domain Name?

An analyst report detailing how the Domain Name System (or DNS), which helps address Internet traffic to the correct recipients, is the primary source of data...

 Read Full Article
Ransomware - Universities and Students Under Attack

63% of British universities who responded to a Freedom of Information request made by SentinelOne, admit to being the target of a ransomware attack. Over half, 56%,...

 Read Full Article