Insurance Against Cyber Attacks Gains Steam Alongside Rising Risk

Cybersecurity persistent threats

San Antonio—The news spotlight has shifted away from cybersecurity concerns in the weeks since the outbreak of the WannaCry cyber-hack.

But Bill Kelly, senior vice president for underwriting at insurer Argo Pro in San Antonio, says the threat of cyber attacks is ever present. “There’s many you don’t hear about because companies don’t want to publicize them and it’s not legally required to report every incident,” he says. “As more and more people and devices become ‘connected’ and companies and economies continue to advance technologically, the exposure to cyber incidents will grow and opportunities for criminals and hackers will increase.”

On Friday, British security officials concluded that a North Korean-affiliated group was responsible for the WannaCry virus last month, according to media reports. The National Cyber Security Centre, which is affiliated with the British intelligence agency GCHQ, believes that the Lazarus Group was behind the ransomware which, most prominently, affected Britain’s National Health Service. Lazarus is also believed responsible for the 2014 hack of Sony Pictures.

Such deliberate efforts to use cyber tools to disrupt business activity, the delivery of healthcare, and other crucial commercial interactions will continue to be part of the risks companies must plan for, Kelly adds. And insurance companies like Argo are developing software tools to help business assess those threats in order to offer insurance policies specifically targeted to cyber insecurity.

Traditional errors and omissions insurance policies don’t explicitly say that customer data is protected, Kelly says, such as personal tax return information that is taken through a cyber attack or even taken from a laptop that the customer left in the back of a taxi, for example. “We rewrote all of our forms,” he says. “ We thought, let’s just explicitly say it.”

Cyber insurance is a growing market. According to the Insurance Information Institute, more than 60 carriers now offer stand-alone cyber insurance policies, with about $3.25 billion in gross premiums underwritten last year in the U.S.

Argo is a mid-sized insurance carrier and sells cyber insurance as a secondary, or “excess,” layer of insurance on top of other coverage. That means

Pages: Page 1, Page 2

Author: Angela Shah

Angela Shah was formerly the editor of Xconomy Texas. She has written about startups along a wide entrepreneurial spectrum, from Silicon Valley transplants to Austin transforming a once-sleepy university town in the '90s tech boom to 20-something women defying cultural norms as they seek to build vital IT infrastructure in a war-torn Afghanistan. As a foreign correspondent based in Dubai, her work appeared in The New York Times, TIME, Newsweek/Daily Beast and Forbes Asia. Before moving overseas, Shah was a staff writer and columnist with The Dallas Morning News and the Austin American-Statesman. She has a Bachelor's of Journalism from the University of Texas at Austin, and she is a 2007 Knight-Wallace Fellow at the University of Michigan. With the launch of Xconomy Texas, she's returned to her hometown of Houston.