Taking out house contents insurance is something most of us do without a second thought, despite the fact we lock our doors and take other precautions to protect our valuable possessions. Most of mine are of more value to me than anyone else I might add, but that's not to say that each year I still consider their worth when I renew my policy. Indeed each renewal re-affirms my commitment to do my bit when it comes to keeping them secure.
That said we now live in a world where an increasing number of our possessions reside on a hard disk or more than likely somewhere in the cloud. Most policies will cover the physical replacement of a laptop, however that's as far as it goes. Whether or not it was appropriately backed up is another matter! The reality is that when it comes to data, it is really the consequential loss that matters and that is never going to be covered by a traditional contents policy.
So with that in mind it is worth considering the fact that mainstream cyber insurance is very much in its infancy. As things stand, most organisations seem to satisfy themselves with technology, the locks & keys so to speak, assuming that this will do the job. But as we know insurance is there for when the stuff we rely on to mitigate most the risk lets us down. And as we have come to realise cyber security technology is a darn sight more challenging to manage than the humble lock & key. For many businesses its really a case of hoping, rather than trusting that our defences will not let us down. What's more we are not even considering the residual risk that comes with our defences being circumvented!
Whichever way you look at it, GDPR is placing the protection of personal data very much on the agenda and in so doing likely to encourage us to all take a long hard look at the way we are doing things today. Noticing ones own failings will be critical, having someone notice them before you do could be disastrous. Either way the cost of a security incident will be drawn into sharp focus and the need to be adequately cyber insured apparent.
Cyber security will improve considerably in the UK as a result of the government’s new National Cyber Security Strategy and the EU’s General Data Protection Regulation (GDPR). The GDPR is expected to increase the number of companies that hold cover, due to the requirement to report data breaches and investigate and deal with issues with undue delay. Insurance will help by providing financial support to do this, and may additionally give access to extra technical support from experts called out to help with a claim. Businesses will also have more accountability and conditions to comply with, making them more liable under the new regulation. The additional risk this creates means businesses are more likely to seek cover, which will grow the market.