Sneak Peek: Cyberrisk and Cyberinsurance

0 May 9, 2016 at 8:30 am by

The release of our upcoming study on the risks of digital interconnectedness, a.k.a. cyberrisks, is just 5 weeks away; time to give our readers a first peek at some of the data and/or conclusions.

For the study, we surveyed 800 insurers and 1,000 non-insurance companies, i.e. insurance clients – although not necessarily clients for cyber insurance. (Guessing game: how many of our sample have cyber cover?) Many of our questions were the same for both samples allowing some nice comparisons; i.e. we asked the companies “what do you…” and the insurers “what do you think your clients…”.

Today, we will look at one aspect without comparing: how well is the world prepared for risks of digital interconnectedness? Depending on your expectations, the answer is either “not nearly enough” or “better than I feared”: using a scale based on the Cybersecurity Capability Maturity Model, slightly more than half of companies report readiness either 2 or 3 (on a 0-3 scale), but only 14% report a 3.

Does that readiness include cyberinsurance? See for yourself:

image_thumb2

The answer seems to be “yes, but not much”.

On the other hand, insurance helps limit business damage after an incident, but doesn’t prevent the incident per se. So certainly, companies that experienced a cyberincident tend to be better prepared? Nope:

image_thumb3

Not very reassuring charts. Downright scary when you consider a remark by an acquaintance of mine who underwrites aviation insurance: “The question isn’t whether an airplane will be hacked, but when…”

Stay tuned for more peeks.



Disclaimer
Note: By submitting your comments you acknowledge that insBlogs has the right to reproduce, broadcast and publicize those comments or any part thereof in any manner whatsoever. Please note that due to the volume of e-mails we receive, not all comments will be published and those that are published will not be edited. However, all will be carefully read, considered and appreciated.