security, penetration test

Senior information security officials in U.K. do not trust cyber insurance products will pay out: KPMG

New insurance products meant to protect businesses from cyber attack-related losses are being met with skepticism in the United Kingdom, with just shy of half of polled senior information security officials reporting that the thought their policies would pay out, notes a survey released Friday by KPMG International.

In all, 48% of survey respondents – whose organizations are members of KPMG’s International Information Integrity Institute (I-4) – reported that they think their respective cyber policy may not pay out if they need it, notes a statement from KPMG LLP, a U.K. limited liability partnership that operates from 22 offices across the United Kingdom.

That lack of trust was also evident among those survey respondents had, in fact, not purchased cyber insurance policies. The survey found the most common reason for not purchasing a cyber insurance policy was the belief that insurers would not actually pay out on a claim.

While 79% of respondents reported believing that cyber security threats are likely to increase over the next 12 months, 74% of poll participants stated their businesses had no cyber insurance in place. The biggest perceived cyber threat, cited by 74% of respondents, was organized crime and state-sponsored activity.

“Distrust around insurers honouring their contracts is leaving businesses vulnerable to the effects of cyber crime,” notes the KPMG statement.

“It is worrying to see that so many businesses would rather risk having no insurance in place to protect themselves against a threat they believe is very real,” Mark Waghorne, head of KPMG’s I-4, says in the statement.

Waghorne reports that 30% of the information security professionals polled believed “the market for cyber insurance does not appear to be sufficiently mature yet. Insurers will need to deliver more comprehensive packages in order to convince the business community that they can, and will, protect against losses on cyber crime.”

That said, he notes that following discussions during a later debate, it was shown that “the availability of specialist, focused cyber-related insurance has much improved during the past year, with clear evidence that carriers do pay out.”

Read more here – http://www.canadianunderwriter.ca/news/senior-information-security-officials-in-u-k-do-not-trust-cyber-insurance-products-will-pay-out-kpmg/1003603697/?&er=NA

Blog English, Cyber Security