A recent survey by analytics firm FICO found that while the number of US firms with cyber insurance has shot up in the past year, less than a third have full coverage cyber policies.
The annual cybersecurity survey was conducted by research and consultancy firm Ovum through telephone interviews. Five hundred (500) senior executives took part – mostly from IT departments – in businesses from the US, the UK, Canada, Brazil, Mexico, Germany, India, Finland, Norway, Sweden and South Africa. The respondents represented firms in various industries: financial services, telecommunications, retail and ecommerce, and power and utilities.
FICO found that the number of US firms reporting that they have no cybersecurity insurance dropped, from 50% in 2017 to 24% in 2018. However, the same report found that only 32% of US firms said their cybersecurity insurance covers all risks.
“It’s is great to see that progress is being made but still surprising, that nearly a quarter of US firms surveyed have no cybersecurity insurance coverage,” commented FICO vice president for cybersecurity solutions Doug Clare.
Clare believes the increase in cybersecurity insurance coverage numbers is due to the rise in publicized data breaches.
“Given the number of large-scale and very public breaches in recent years, it’s not surprising that we’ve seen a big increase in US organizations investing in it over the past 12 months, but there’s still some way to go,” he explained. “As the insurance market matures and the litigation and fines increase we expect more firms will also go beyond basic coverage to seek insurance that is more comprehensive.”
Despite the promising increase in overall insurance coverage, some industries continue to lag behind in adoption. The survey found that 70% of US healthcare firms said that they had no cybersecurity insurance – compared to 10% of financial services firms saying they had no cyber coverage.