A recently published article in the L.A. Times titled “Spending On Cyberattack Insurance Soars As Hacks Become More Common,” takes a look at the evolution of cyberliability insurance over the past couple of years. While the insurance industry tried to justify the need for cyberliability policies a few years ago, that is no longer the case. Each new breach substantiates the need for companies to consider purchasing cyberliability coverage. The following are key takeaways from the article:
- “Spending on cyberattack insurance nearly doubled in 2014 from 2013, to about $2 billion.” Insureds are gaining an understanding of the importance of cyberliability insurance in the same way they understand they need property insurance for hurricanes.At present, it is nearly impossible to find any other segment of the insurance industry that has doubled its volume in a year.
- TheA. Times article also presents the perfect opportunity to once again consider the staggering costs associated with data breaches. Although insureds understand these numbers and understand the safeguards cyberliability insurance can provide, the numbers bear repeating:
- “Target spent $248 million after hackers stole 40 million payment card accounts…the insurance payout, according to Target, will be $90 million, leaving the company $158 million in the hole…”
- “Home Depot reported $43 million in expenses related to its September 2014 hack, which affected 56 million credit and debit card holders. Insurance covered only $15 million.”
- “…Sony Corp. announced a $15-million tab from the hack against Sony Pictures Entertainment a few months ago, but would say only that it received a ‘substantial portion’ back from insurance.”
The February 9, 2015, article quotes Ty Sagalow, former chief operating officer for AIG’s EBusiness division, as stating: “Think of a massive cyberattack as an intelligent hurricane…If it hits a house that doesn’t fall down it learns why the house didn’t fall and it changes.” We should not lose sight of the fact that data breaches and cyberattacks are easily understood perils.
Cyberliability insurance until recently has mostly been purchased by big corporations. Now, according the article, “smaller companies are now flooding into the market, industry watchers say, partly driven by mandates from companies with which they do business.