Emerging trends in insurance coverage: Massive encryption attacks create urgent need for business interruption and cyber coverage

Click the button below to download the full text of the article.

Abstract: The evolving online digital threats to businesses have created an urgent need for insurance coverage products to mitigate the risk of loss due to business interruption. This need is driven by the expanded digital environment in which our information resides. The amount of data generated, transmitted and stored by businesses continues to expand at exponential rates. A related trend is that many businesses are going ‘paperless’, and an increasing number of professional services firms are storing all their data in the Cloud for enhanced security.

Unfortunately, the more valuable the target, the more likely that it will be attacked. Consequently, malicious actors continue to follow the data into the cloud, which is not immune to data breaches. Businesses of all sizes, and in all sectors, continue to be targeted. If they have sensitive data (and most do), it can be stolen and monetised. If they have operational data (and all do), it can be encrypted and leveraged for extortion. If that were not enough, the cost of data security incidents continues to rise, in part due to increased regulation. All this is causing risk managers to pursue, with a sense of urgency, expanded business interruption and cyber insurance coverage to help mitigate both first and third-party economic risks. This paper reviews the trends in online digital threats, the corresponding trends in insurance coverage, and enterprise risk management measures that can be taken to better protect sensitive and operational data and mitigate the economic harm from data security incidents.

KEYWORDS:  cyber security, data privacy, cyber insurance, risk mitigation, insurance coverage, business interruption