A growing number of businesses are looking to protect themselves against the risk of data breaches and other security problems by purchasing specialist insurance, a new study has shown.
Research conducted by Veracode and the New York Stock Exchange revealed that the majority of public companies in the US have some form of cyber security insurance, Dark Reading reports.
Of these, 91 per cent of policies include protection for business interruption and data recovery expenses. Meanwhile, 54 per cent have coverage that can reimburse them for fees such as PCI fines, breach notifications and extortion, while 35 per cent of respondents say they want protection against software coding and human errors that lead to data loss.
Chris Wysopal, co-founder and chief technology officer at Veracode, said such precautions are becoming the norm in an environment where costs for rebuilding after an incident are growing. He noted that as interest in this area grows, it will be up to the cyber insurance industry to define standards and best practices for what firms can expect to be covered.
“I was surprised that 35 per cent already are [seeking] insurance for coding and human errors,” he said. “That number will increase when there’s standardisation around what that means.”
The research also found that nine out of ten executives agree that regulators should hold companies responsible for breaches if they have failed to secure their data adequately.
However, many respondents also agreed that third parties should also bear their share of responsibility in the event of a security incident. Some 90 per cent of companies say software vendors should be held liable for vulnerabilities found in their software, and 65 per cent have either already or are planning to include liability clauses in their contracts with their software suppliers.
More than half of executives at public companies expect their shareholders will demand more transparency surrounding cyber security in the coming years, with Mr Wysopal noting that boards are increasingly concerned about the brand damage that can result from a breach.
One of our main RAID Servers went down. We needed the data urgent. R3 organised a courier, within 1 hour it was collected and soon back with them. They worked throughout the night, keeping me consistently up to date. The whole issue was resolved within 24 hours, ensuring we were back up and running. I cannot thank and Praise these guys enough!!
Aaron Roach - Andrew Wommack Ministries - Europe
R3 Data Recovery is rated (4.6) by 294 customer reviews on Reviews.co.uk