Hacktivism – the act of hacking into a computer system for a politically or socially-motivated reason – just might be the next cyber risk every local government will be purchasing insurance for.
Officials of Lancaster County, Nebraska, and the city of Lincoln have recently convened to discuss the threat of hacktivism and have considered insurance as a way to protect themselves from the costs of a cause-driven data breach.
Celebrate excellence in insurance. Join us at the Insurance Business Awards in Chicago.
According to the Lincoln Journal Star, Lancaster County commissioners had recently agreed to purchase a $2 million, one-year cyber insurance policy for roughly $25,600.
Lancaster County had considered cyber coverage in the past, but found that some products had too many insurance exclusions.
“[It] didn’t match what we needed,” said county risk manager Sue Eckley.
Meanwhile, the city of Lincoln had purchased a $3 million, 16-month cyber insurance policy that started May 01 for about $33,000.
Although Lincoln has insured itself against cyberattacks since 2015, it chose this year to purchase an insurance policy for cyber liability exposure, said city risk manager Bill Kostner.
“We have been fortunate,” said Kostner, pointing out that the city has not had a major breach.
He, however, thinks that it is still safer to have the protection at hand.
“We don’t want to be held hostage,” he explained.
County commissioners have expressed that they plan to coordinate with Lincoln staff about purchasing a joint policy in the future, as both governments share an information technology department.
Lancaster County Board chairman Todd Wiltgen discussed during recent board meetings that hacktivists are more often than not motivated by revenge, which makes the data breaches they inflict even more dangerous. Hacktivists will attack a computer system to punish a municipality or a county, Wiltgen explained.
“It’s not a matter of if local government will be hacked, but when,” he warned.
: Today’s control may not be adequate for tomorrow’s threats
Burns & Wilcox announces new cyber extortion product