Tech-giant Yahoo is facing the fallout from its second revelation this year of a major data-breach, after the company confirmed Wednesday that it had suffered another hack.
Data from over one billion user accounts was compromised by a third-party in August 2013 – double the number of the previous breach which Yahoo reported in September – making it the largest known data breach in history.
But while unprecedented in size, the Yahoo attack is just the latest in a string of cyber-crime events against private corporations, and even governments, which are helping to fuel the demand for cyber insurance.
“We’re starting to see more and more focus on the fact that cyber can be more than just personally identifiable information (PII),” Christine Terplan, Partner, Clyde & Co, told
Insurance Business at a cyber-focused event on Wednesday.
The CIA confirmed this month that during the U.S election, the U.S Democratic National Committee (DNC) received numerous phishing emails, one of which led to Russian hackers accessing thousands of emails in the private inbox of John Podesta, chairman of Hillary Clinton’s campaign – which the CIA says may have influenced the election.
While it’s hard to determine whether cyber events are actually becoming more frequent – or whether they are just more frequently reported on – they are certainly becoming more high-profile.
President-Elect Donald Trump lists cybersecurity as a key priority on his website, stating that he will order an immediate review of all U.S. cyber defenses and vulnerabilities, including critical infrastructure, and he has spoken of cyber-crime as a national security issue.
Terplan said that historically, U.S cyber laws have focused on PII, with no overarching federal laws outside of the healthcare space – but that could change when Trump takes office.
With the U.S cyber market far-outstripping other regions, that could have knock-on effects on the global market.
Here in Europe, the landscape looks a little different.
“In Europe we’ve got moderately weak but broad regulations at the moment, but that’s going to change,” said Nigel Brook, UK partner at Clyde & Co.
The upcoming GDPR, coming into force in 2018, “is going to ramp things up,” Brook said, but will be a strengthening rather than a change in direction.
As it becomes clear that the effects of cyber-crime extend farther than simple loss of data – and can in fact range from business interruption to even influencing an election – insurers need to ensure that they are informed as to the spectrum of risks, but the cyber insurance market seems set to boom regardless.
“Nothing else is growing as quickly as cyber,” Bob Parisi, cyber product leader for brokerage
Marsh, told the
Wall Street Journal.
“Some of the leading carriers are telling us they are doubling their book every year.”
Related stories:
Yahoo discovers another data breach, reveals one billion accounts exposed
What trends will impact insurance in 2017?
