Serious wave of cybercrime ahead, experts warn

Serious wave of cybercrime ahead, experts warn | Insurance Business

Serious wave of cybercrime ahead, experts warn
The now infamous cyber-attacks against Target may be just the first in a series of oncoming data breaches, and producers who aren’t already stressing the importance of cyber insurance may want to start doing so soon.

According to Carnegie Mellon security researcher Nicolas Christin, nearly two dozen companies have experienced data hacks similar to the Target breach this year and many more will suffer a similar fate in the coming months.

“You’re going to see more and more people trying this,” Christin told the Wall Street Journal. “If you just saw your neighbor win the lottery, even if you weren’t interested in the lottery before, you may go out and buy a ticket.”

Christin points to the recent conviction of Alexsandr Andreevich Panin, who designed SpyEye malware, as an example of hacker demand for malicious software and potential for an increase in future events. Panin reportedly sold SpyEye for as little as $1,000 through online forums and an estimated 150 hackers took advantage of the deal.

The cost to businesses can be devastating. According to a Ponemon Institute report, cybercrime cost US companies an average of $11.5mn in 2012, up 26% from the previous year. Despite those startling figures, however, Verizon Business Solutions found that only 11% of businesses practice industry standard security measures.

Even more worrying to producers, nearly 40% of private businesses feel they are adequately insured against cyber liability without a separate policy. According to the results of a recent Chubb survey, a large majority of employers feel their CGL policy will pay out for damages suffered in a cyber breach.

“This is certainly not the case, as a CGL policy has many gaps as it relates to cyber risk and was not written to cover cyber events,” said Christine Marciano, president of Cyber Data-Risk Managers—an independent agency focused solely on providing clients with top-notch cyber insurance. “Several breaches within recent years have been battled out in court with insurers versus CGL policyholders.”

Marciano believes sectors like healthcare and energy are particularly at risk of cyber-attacks in the coming months, and producers should be especially focused on addressing clients in these areas.

“The attacks aren’t going to be one size fits all,” she said. “[Hackers] will increasingly customize those attacks, and target places that hold large amounts of sensitive data. Those will be the top targets for hackers.”