Despite all the headlines, remarkably few payouts have actually been made. That looks set to change…:
A recent report by the Association of British Insurers found that a surprising 99 per cent of claims made under cyber insurance policies held by its members were paid in 2018.
Perhaps more surprising are reports that only 207 claims were made in 2018.
Anecdotal evidence tends to show that the number of cyber breaches is growing exponentially, particularly as they become ever-more sophisticated.
The fall-out from cyber breaches can be huge in terms of theft of data and funds, disruption to business, loss of customer trust and costs associated with auditing systems and repairing damage. The damage to reputation caused by these attacks can be substantial, and the fines levied by the Information Commissioner’s Office (ICO) could destroy profit and put firms out of business.
Perhaps the slow start in issuing fines under General Data Protection Regulation has contributed to the relatively low uptake in insurance to cover this type of risk. While the ICO has now had powers for more than a year to impose fines of up to the higher of €20 million (£17.9m) or 4 per cent of global annual turnover, it is only relatively recently that it has started to flex its muscles.