Businesses are buying Cyber insurance “in a mad panic”

Cyber attacks are only becoming more powerful and frequent. Annual losses from cyber crime now top £290 billion, the Centre for Strategic and International Studies Estimates.

Charl van der Walt of SecureData says that so many businesses are buying cyber insurance “in a mad panic”.

Ransomware, which became popular in 2016, is particularly common. It involves freezing and encrypting all your data so you cannot access it. It then threatens to delete it all unless you pay a ransom through bitcoin.

Businesses have stocked up on Bitcoins just in case they need to pay a ransom quickly.

The reason so many businesses pay the ransom is that there is a lot of underlining costs associated with a cyber breach including payment for loss of data, PR and legal costs, cost to rebuild data, and reputational costs to the company.

May 2018 sees the start of the EU’s General Data Protection Regulation (GDPR). If regulators think you haven’t protected customers’ personal data adequately, they could fine your business. This fine is up to 4% of your turnover or £20 million – whichever is greater.

The Pressure is on for Businesses to Ensure Their Cyber Security is Adequate

There are now more than 70 insurers offering cyber insurance via Lloyd’s London. This number has doubled since just a few years ago. One insurer, Hiscox has seen annual growth of around 40%.

But how do Cyber Insurers know how to calculate the risk accurately?

Gareth Wharton from Hiscox says “Cyber isn’t like car or house insurance where the risks are known and the products haven’t changed that much. The types of risk are changing all the time and there’s no easy way of quantifying the cost of stolen data.”

Mr Wharton goes on to say that the first thing cyber insurers need to understand is how seriously the board takes cyber-security.

The following items are checked by insurers when assessing cyber risk:

  • Is there a Disaster Recovery plan and if so how often is it tested?
  • The presence of Anti-Virus.
  • The presence of a Firewall.
  • How often are security patches pushed?
  • Is there back-up and if so, how often is it tested?
  • Is critical data encrypted?


Nik Whitfield, Chief Executive of cyber risk assessment company Panaseerm says “Businesses must understand that cyber insurance is not a silver bullet – you don’t get car insurance and drive like a maniac”.


If you would like to find out more about your businesses cyber security, and what you can do to improve it, call us on 01273 806211 or email [email protected].