A growing number of companies in the UK have taken out specialist cyber security insurance in the last year to protect them in the event of an attack, but many of these policies may not actually provide them with the comprehensive coverage they need.
This is the warning of a new study conducted by Ovum and FICO, which found that the number of firms in the UK without any form of cyber insurance coverage dropped to just ten per cent in 2018, compared with almost a third (31 per cent) last year.
However, while this is significantly better than the global average – the overall figure for the 11 countries examined in the study found almost a quarter of companies (24 per cent) have no protection – the majority of British businesses still have gaps in their coverage.
Less than four out of ten UK firms (38 per cent) reported that their cyber security insurance offers full protection from all risks. The majority of firms stated that their premiums have been calculated based on industry averages or other unknown factors, rather than an accurate analysis of their individual risk profile.
This could leave them exposed to significant financial risk if they fall victim to an attack that falls outside the limitations of their policy.
Steve Hadaway, FICO general manager for Europe, the Middle East and Africa, noted that cyber security insurance has become a "must have" for British business in a very short period of time. However, with this comes more pressure on providers to ensure they are fair and transparent in how their premiums are set, and reflects the increased efforts firms are making to secure their networks.
"Businesses will demand that their investments in cybersecurity protection – and the strength of their cybersecurity posture – drive their premiums down," he continued.
Maxine Holt, research director at Ovum, said that with less than 40 per cent of businesses having comprehensive insurance, it's clear there is some way to go before firms have a full understanding of their security posture and how to present it for insurance.
However she added: "We should not detract from the positive news here; 90 per cent of UK organisations have elevated the importance of cybersecurity to a level that requires insuring, even if only partially."
Share This Post, Choose Your Platform!
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.