Cyber insurance offers IT peace of mind -- or maybe not

Cyber insurance can protect your company against data loss and liability, but it's pricey, and coverage can be complicated.

1 2 3 4 5 Page 5
Page 5 of 5

The survey found various reasons for how companies arrived at their particular limits, but 36% said the limit was proposed by their broker and 15% said they reviewed the level of exposure with a third-party cyber risk management firm.

Plan B: Just say no

Some companies take a look at the cost of coverage and balk. Overly says, "One of the fundamental deciding factors [for not getting it] is that it's expensive."

Another concern: A few high-profile cases in which the insurer and the organization filing a claim, including Sony and the University of Utah, wound up in court.

Tipton, whose organization decided not to buy cyber insurance, worries that firms that do purchase cyber insurance can become lax. "A company should not let complacency set in just because they are insured," he warns. "Negligence is not insurable, nor is your reputation or stock price if due diligence is not practiced."

More important, Tipton maintains, insurance couldn't help his firm recover the greatest, most valuable loss it would suffer should a breach occur: its reputation.

"The reputational damage would be huge, and insurance couldn't fix that, so we spend our effort and time securing [our systems]," he says -- while acknowledging that, without insurance, the company would be on the hook if a significant breach were to happen. "There is no such thing as being 100% risk free. Our job is to evaluate and manage our risks -- not to try and eliminate all risks."

Not surprisingly, Chubb's Goldstein counters that position, saying that organizations might find that they can survive the hit to their reputation -- not all breaches are made public, after all -- only to realize that the costs of repairing other damage will do them in.

"You'd hate to assume you'd be out of business because of reputational damage, only to find what sunk you wasn't the reputation but the cost of the liability," he says.

Pratt is a Computerworld contributing writer in Waltham, Mass. Contact her at marykpratt@verizon.net.

Copyright © 2012 IDG Communications, Inc.

1 2 3 4 5 Page 5
Page 5 of 5
  
Shop Tech Products at Amazon