A series of headline making cyber-attacks on big name organizations, including Sony and Citibank, has lead to a dramatic spike in the demand for cyber security insurance.
Companies and government organizations are seeking financial protection against cyber-attacks, and are taking out insurance policies to cover costs associated with a breach, including administrative costs, government issued fines, and civil suits.
In the case of Sony, hackers infiltrated the company’s networks and accessed personal information from more than 100 million user accounts. Sony was forces to shut down their online gaming network for close to a month, and the costs associated with the attack are estimated to reach $172 million in security upgrades, legal fees, compensation, and administrative costs.
According to Kevin Kalinich, co-managing director at Aon Corp.’s professional risk group, the price tag related to cyber-attacks exceeds $20 million in less than five percent of cases. Many large corporations, however, have taken out policies to protect themselves against losses up to $200 million. With the scope of attacks ever-increasing, more and more organizations are opting to err on the side of caution.
On a lesser scale, a number of local government organizations have taken out smaller policies to protect themselves against cyber-attacks, and the associated costs not covered by their general liability policies.
Although cyber insurance is a relatively new practice, insurers and insurance brokers say business is booming, and many predict within five to ten years it will be the norm.