FM Global warning - cyber insurance may create false sense of security

Research shows how much CFOs expect from their insurance policies

FM Global warning - cyber insurance may create false sense of security

Insurance News

By Mina Martin

New research by FM Global has suggested that cyber insurance may create a false sense of security among senior financial executives at some of the world’s major companies.

The FM Global-commissioned study found that seven in 10 senior financial executives at the world’s largest companies believe their insurer would cover most or all of the company losses caused by a cyberattack – despite some losses being nearly impossible to insure.

The poll of more than 100 chief financial officers (CFOs) and other senior financial executives showed that 45% of respondents expected their insurer to cover “most” related losses from a cyber security event, while a further 26% expected their carrier to cover “all” related losses.

Most of the effects these financial executives expect to experience in a major cybersecurity breach, however, aren’t typically covered by insurance policies, said FM Global. These effects include degradation of the company’s brand/reputation (46%), increased scrutiny from the investment community (40%), decline in revenue/earnings (38%), introduction of regulatory compliance problems (35%), decline in market share (24%), and decline in share price (24%).

Furthermore, 53% of senior financial executives expected cyber insurance to cover “new costs to mitigate the loss”. While it’s true that some of these costs, including expenses related to restoring data or equipment, litigation, and customer notification, would be covered by insurers, the rest of the listed costs in the study would have to be shouldered by the victimized company.

“As essential as cyber insurance is, the findings indicate financial executives may be deriving a false sense of security from it,” said Kevin Ingram, executive vice president and chief financial officer at FM Global. “While insurance is an essential part of the risk management formula, there are losses related to a cyberattack that insurance cannot cover—like damage to a company’s reputation, lost market share, missed growth opportunities, decreased valuation, and losses stemming from increased cost of capital. That’s why we’re so committed to helping our clients prevent loss in the first place.”

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!