A growing number of businesses are looking to protect themselves against the risk of data breaches and other security problems by purchasing specialist insurance, a new study has shown.
Research conducted by Veracode and the New York Stock Exchange revealed that the majority of public companies in the US have some form of cyber security insurance, Dark Reading reports.
Of these, 91 per cent of policies include protection for business interruption and data recovery expenses. Meanwhile, 54 per cent have coverage that can reimburse them for fees such as PCI fines, breach notifications and extortion, while 35 per cent of respondents say they want protection against software coding and human errors that lead to data loss.
Chris Wysopal, co-founder and chief technology officer at Veracode, said such precautions are becoming the norm in an environment where costs for rebuilding after an incident are growing. He noted that as interest in this area grows, it will be up to the cyber insurance industry to define standards and best practices for what firms can expect to be covered.
“I was surprised that 35 per cent already are [seeking] insurance for coding and human errors,” he said. “That number will increase when there’s standardisation around what that means.”
The research also found that nine out of ten executives agree that regulators should hold companies responsible for breaches if they have failed to secure their data adequately.
However, many respondents also agreed that third parties should also bear their share of responsibility in the event of a security incident. Some 90 per cent of companies say software vendors should be held liable for vulnerabilities found in their software, and 65 per cent have either already or are planning to include liability clauses in their contracts with their software suppliers.
More than half of executives at public companies expect their shareholders will demand more transparency surrounding cyber security in the coming years, with Mr Wysopal noting that boards are increasingly concerned about the brand damage that can result from a breach.
R3 Data Recovery is an excellent emergency data recovery service that I would have no hesitation in recommending to anyone.
From the initial telephone conversation I had with them I was extremely impressed by their implicit understanding and sensitive handling of my stress and panic, believing I had possibly lost 10 year’s worth of invaluable documentation, imagery and archiving from my highly respected research held on a USB stick.
They worked efficiently and conscientiously to retrieve data urgently for me and made provision for me to receive it and all in time for an important PP presentation, the success of which was crucial to my career.
They were mindful in keeping me informed of their progress with the recovery process, hence putting my mind at rest, and they accomplished this all within a working day/evening. They worked hard and consistently until the job was completed successfully and made themselves available for me to talk to during out-of-work hours. They transferred all the remaining data that was not urgent onto a USB stick and returned it in the post to me, thus very satisfactorily completing an exemplary and outstanding service.
Adrian Howells (Performance Artist and Honorary Research Fellow ) - University of Glasgow
R3 Data Recovery is rated (4.6) by 294 customer reviews on Reviews.co.uk