More Businesses Buying Cyber Insurance against Security Risks
Cyber hacking, which gained more attention a few months ago when Target experienced a massive data breach, has become such a security risk that businesses are now rushing to buy insurance coverage against the threat of their customers’ information being compromised.
In Target’s attack, more than forty million credit cards and debit cards had information—customer names, card numbers, card expiration dates, security codes, and PINs—stolen when customers checked out at Target stores last holiday season.
However, the nation’s third-largest retailer has $165 million of insurance that could be used to help pay claims. Its coverage, according to industry reports, is composed of at least $100 million of cyber insurance, including self-insured retentions, and $65 million of directors and officers liability coverage.
According to Mondaq, which analyzes legal and financial issues, Target’s insurance polices could help cover “costs of notifying customers of a data breach, offering credit monitoring services, and defense costs and damages for any resulting lawsuits. They may also cover any data or systems lost or destroyed as a result of a hack. Some policies may also cover any resulting loss of revenue, or even damage to a company's reputation following a data breach.”
In the wake of Target’s hacking attack, specialized cyber risk insurance policies have been cropping up, and businesses are making sure they’re covered.
“In today’s age and situation and in the wake of the TGX event, people should have had [directors and officers] coverage,” Craig Johnson, president of retail consulting and research firm Customer Growth Partners LLC, told MarketWatch. “I suspect ever since the Target data breach broke, other retailers reviewed their coverage and ramped it up.”
Though it’s been around for a decade, cyber insurance has only recently seemed like a necessity. Where recently businesses mostly wanted to buy insurance to mitigate losses if a fire destroyed their offices and computer equipment, now they’re finding that the information on those computers is just as valuable—and could be just as costly.
“Awareness of cyber and privacy risks continues to grow, especially in the wake of a number of highly visible data breaches, hacking attacks, litigation, and increased government focus on cyber security,” Bob Parisi, network security and privacy practice leader for insurance broker Marsh, said in a press release. “As a result, companies are now looking to manage their day-to-day cyber risks in the same way they do more traditional risks—through the purchase of insurance.”