Good news: survey shows the number of UK organisations without cybersecurity insurance has fallen. Bad news: only 38% say their policy covers all risks.
According to the second annual cybersecurity survey from research and consultancy firm Ovum, which conducted the poll on behalf of analytics company FICO, the percentage of UK businesses reporting they are uninsured against cyber threats has declined from 31% in 2017 to 10% this year. Across all 11 countries surveyed – the UK, the US, Canada, Brazil, Mexico, Germany, India, Finland, Norway, Sweden, and South Africa – the figure stands at 24%.
However, while more firms in the UK now have cybersecurity in place in the form of insurance, the same poll found that not even half of the British respondents are protected by comprehensive coverage. In fact, most businesses described their cyber insurance as not being based on an accurate assessment of their firm’s individual risk.
“Although UK organisations perform well in terms of the uptake of cyber insurance, the fact that fewer than 40% have comprehensive insurance demonstrates there is still some way to go for these firms to have a broad view of their security posture and how to present it for insurance,” noted Ovum research director Maxine Holt. “It could also show that these companies have a current security posture that insurers are not prepared to cover comprehensively.
“We should not detract from the positive news here; 90% of UK organisations have elevated the importance of cybersecurity to a level that requires insuring, even if only partially.”
The global poll involved a total of 500 senior executives, mostly from the IT function, in the sectors of financial services, telecommunications, retail and e-commerce, and power and utilities.