The 2019 Information Security and Cyber Risk Management Survey is out from Advisen, the leading information vendor for the insurance industry, and finds that risk managers now identify business interruption as a top risk along with the traditional leader, data breach – and that the insurance industry needs to catch up.
“In order to be of more value to buyers, the cyber policy’s business interruption coverage may need to evolve in sophistication, becoming more like the business interruption coverage available for other perils,” Advisen concludes.
Many survey respondents find cyber business-interruption policies “too generic”, a result, Advisen suggests, of insurers adapting policies mainly aimed to protect data holders. “Current coverage offered by the market is OK for retailers or others that customers avoid after a breach,” the report quotes one respondent, “(i.e., I’m not shopping at Target), but doesn’t really work for companies like mine — real estate, leases in place, so no immediate revenue drop, but may not be able to secure new tenants due to breach.”
Among business-continuity cyber risks, the surveyed risk managers ranked as the top five:
With the RiskLens Platform, built on the FAIR model for quantifying cyber and operational risk, organizations make insurance purchase decisions informed by a clear picture of their top risks based on probable financial loss – in fact, the platform incorporates Advisen data to help risk analysts refine their estimates based on industry-wide data in addition to the organization’s own loss experience. This latest Advisen survey is a useful warning that the burden is on cyber insurance buyers to know their risks—and quantify before they buy.
RiskLens is leading a revolution in the way cyber risk is assessed, measured and managed by bringing to market a Software as a Service solution that makes cyber risk quantification a reality.
We help organizations translate cyber risk from the technical into the economic language of business.