Greg Vernaci, senior vice president and head of cyber, U.S. & Canada, financial lines, at American International Group Inc., said interest in cybersecurity insurance “has reached a tipping point in the U.S. and has been fueled by the increased attention from the SEC on investment advisers and asset managers.”
High-profile security breaches at such familiar names as Target Corp, and The Home Depot have also raised awareness of cybersecurity sufficiently that money managers are buying progressively more cybersecurity insurance as a supplementary measure to their technology security strategies with the intention both of fending off data breaches and handling the consequences if security fails.
As of the start of this year, the proportion of U.S. institutional money managers with cybersecurity insurance coverage stood at approximately 30% of U.S. institutional money managers; this stands in contrast to the figure for the same time in 2014, which was significantly smaller at 5%.
Driving this move above and beyond even to hard-to-ignore news stories covering the hacking of major retailers is a new round of manager reviews by the Securities and Exchange Commission under its Regulation Systems Compliance and Integrity rule.
As part of the new round of Regulation SCI reviews, which focus on firms' technology safeguards in the event of a breach or a system failure, the SEC wants to know what, if any, cybersecurity insurance managers have.
