Hackers are wreaking havoc on big organizations, but they’re also spurring a new market – cyberattack liability insurance.
Once-complacent businesses, stung by debilitating cyberattacks at Target Corp., JPMorgan Chase Co. and other well-known companies, are on a cyberattack insurance shopping spree.
“Everyone’s swamped with new applications,” said Nick Economidis, an underwriter at cyberattack insurance provider Beazley Group.
The hack of health insurer Anthem Inc.’s computer system – a breach disclosed last week affecting up to 80 million customers – is bound to create more demand.
Spending on cyberattack insurance nearly doubled in 2014 from 2013, to about $2 billion, according to industry analysts.
Insurance offices are struggling to keep pace. Nearly every insurance agent polled last fall by reinsurer PartnerRe Ltd. reported growing demand for cyberattack liability insurance, with 45 percent reporting a “significant” uptick. Beazley said the number of policies in its book rose 150 percent from 2012 to 2013 and 100 percent from 2013 to 2014.
Ty Sagalow, an industry consultant and former chief operating officer for AIG’s EBusiness division, said the growing sense that cyberattacks are no longer unusual events dials up the fear.
“Think of a massive cyberattack as an intelligent hurricane,” he said. “If it hits a house that doesn’t fall down it learns why the house didn’t fall and it changes. “It is a scary thing. … Scary things sell insurance.”
The insurance policies can cover the long lists of costs and losses, including patching holes in computer networks, locating culprits, notifying affected consumers and battling lawsuits, as well as foregone business and public relations campaigns.
As the costs of cyberattacks rise, insurers are limiting their maximum payouts and requiring high deductibles, said Karl Pedersen, senior vice president at insurance brokerage and risk advisor Willis.
Target spent $248 million after hackers stole 40 million payment card accounts and the personal information of up to 70 million customers. The insurance payout, according to Target, will be $90 million, leaving the company $158 million in the hole – plus what it paid for the insurance.
Home Depot reported $43 million in expenses related to its September 2014 hack.
Copy the Story LinkSend questions/comments to the editors.
Success. Please wait for the page to reload. If the page does not reload within 5 seconds, please refresh the page.
Enter your email and password to access comments.
Hi, to comment on stories you must . This profile is in addition to your subscription and website login.
Already have a commenting profile? .
Invalid username/password.
Please check your email to confirm and complete your registration.
Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.
Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.