47% of Organizations Have Cyber Insurance, Up From 34% in 2017: Study (zdnet.com) 28
Cyberattacks are now considered by most execs to be the top business concern, far outranking economic uncertainty, brand damage, and regulation, according to a survey by insurance consultancy Marsh and tech giant Microsoft. From a report: The global survey of over 1,500 business leaders illustrates the rapid change in business leaders' perceived risks to their organizations and shows that having a cyber insurance policy is now more common than two years ago. In 2017, Marsh and Microsoft found that 62% of respondents saw cyberattacks as a top-five risk, whereas this year 79% do. The share of respondents who see cyber attacks as the number one risk has also risen from 6% to 22% over two years. This year, the second most widely considered top-five risk is economic uncertainty, followed by brand damage, regulation, and loss of key personnel. [...] According to Marsh and Microsoft's survey, 47% of organizations have cyber insurance [PDF], up from 34% in 2017. Additionally, 57% of large firms with annual revenues of over $1bn report having cyber insurance compared with 36% of organizations with revenues below $100m. Nearly all respondents, totaling 89%, are confident their cyber insurance policy would cover the cost of a cyber event.
Re: (Score:2)
"Never trust a fart"
Also, always carry a spare pair of boxers in your EDC ;)
You will reek anyway, sooner or later. (Score:1)
Later only means the reeking already spreading even before you start running. So a bigger total amount of smell. So more shame.
I suggest you just dash to the toilet so fast nobody can see your dirty ass. And excuse it with a big fart and having eaten some really bad food that is not your fault.
Bonus points for saying it was place that people already assume is nasty, but will go there anyway.
And next time, don't be such a pussy, and act quickly. You can always think of reasonable excuses later!
Everybody will
F_CK YES (Score:2)
Please please please make this insurance a requirement so that I can go about my business in the same way that doctors and auto insurance does. Dude, can you IMAGINE what it'd be like to be an "IT guy" but where people HAD to pay you through an insurance program that sets the prices 10 times what they are now?
I'm sure the insurance companies aren't involved (Score:1)
Re: (Score:2)
These numbers are the kind of thing that would make a cynical person start to ask if the companies offering cyber insurance have contributed to the increase in cyber crime. From a pure profit perspective how could they ignore the opportunities that would arise from perhaps hiring black hats to increase their attacks? Not that I'm a cynical person at all...
Same conspiracy notion that Norton Antivirus was the actual source of new viruses back in the '90s.
Why hire black hats? That would be risky. Hire grey hats who don't give a flying shit about black or white.
But I doubt that high profile companies are going to employ tactics that can ruin their business and send them to jail. Disgruntled workers and all ...
Re: (Score:1)
Factually, their hires come from the dark hat scen (Score:1)
Which makes sense... both ways.
So it's not unrealistic at all.
Of course the most profitable company would focus on the kind of hacks that don't involve them actually paying, but involves people thinking they do.
So we have a hypotesis for measuring likeliness of them doing it themselves: ... VS the amount they had to pay out.
The total amount of damage of hacks of clients of an insurer
Next step: Make sure to exclude other reasons.
Re: (Score:1)
Of course they do. (Score:1)
* To get the premiums up and rebates for good behavior down.
* To upsell them.
* To keep them from ending an unnecessary money sink in the face of their own competition.
In face, you can either do it, or lose to your competition that does, get bought, and be made to do it anyway. Your choice.
Isn't the "free" market great?
s/In face/In fact/ (Score:1)
I'm too tired. Sorry.
We have it... (Score:2)
My workplace decided to opt for it. It's not terribly expensive and we have a $1MM policy that doesn't mandate we jump through a bunch of IT infrastructure requirements hoops. Although for larger companies that $1MM could be eaten up quickly.
For example, say you have a data breach where only customer identifying details like mailing address, phone number, and e-mail address are compromised. You'd still likely be required to purchase a year's worth of identity monitoring for all customers. Say that's $100/ye
Bad feedback loop. (Score:2)
This isn't really a good thing because it tells every criminal that ransomware WILL be highly profitable. This strategy may backfire as business specific ransomware may begin demanding significantly more money as they know the insurer will be forced to pay. The only way this could be any good is if there are strict security requirements in order for the businesses to be covered.
UL listed, fire code (Score:2)
Have you ever noticed the "UL Listed" or "UL Registered" marks on electrical products. Major retailers won't carry products that don't meet UL fire and safety standards, it's pretty much required in order to sell any product outside of eBay and Amazon fakes.
UL stands for Underwriters Laboratories. Underwriters as in insurance companies. Yep, that's an insurance company mark. By setting standards, the insurance company established standards for fire safety and electrical safety that virtually every manuf
Downside of cyber insurances (Score:1)
There is one serious problem with growing popularity of cyber insurances. Usually, cyber-insurance companies encourage their ransomware victims to pay for decryption keys, because it is the cheapest option for them (at least, in the short-term). However, that makes file-locking malware attacks much worse in the long run.
https://www.zdnet.com/article/... [zdnet.com]
Ah, insurance (Score:2)
Ah, insurance. The unexpected final doom of Microsoft! Insurers will require Linux in order to get the lowest rates. Even stupid people can understand that.
Re: (Score:2)
Even stupid people can understand that.
I see you understand that.
[Apologizes. Low hanging fruit and all ...]
Too bad replies are a tree without loops. (Score:1)
Because your comment could have your comment as its reply, and it would fit perfectly.
Good luck collecting... (Score:2)
Re: (Score:3)
Going by something like CIS 6 gives firms a standard that has to be followed and insurance investigators can verify that they are being followed.
Re: (Score:2)
Cyber (yber cyb3r cyBer cybercyber cyber. (Score:1)
An word that stopped being cool at the beginning of the 2000s; is a clear sign of people who print out their e-mails; and can be removed wherever it occurs, without changing the meaning in the slightest.
_ _ _ _
(Subject altered to circumvent:
Lameness filter encountered.
Your comment violated the "postersubj" compression filter. Try less whitespace and/or less repetition in the subject line.)
s/An word/A word/ (Score:1)
*bangs head on table*
Please ignore the typo.