Information Security and the role of cyber insurance


One of the latest trends in the information security marketplace is cyber insurance. Numerous companies are now offering policies and cover for a variety of different kinds of cyber incident, especially about managing the fallout from data breaches and any legal costs or fines they may need to pay once the breach goes public. But the reality of what cyber insurance can do for us is somewhat limited by what the insurance company knows about the risk, which is why it’s only possible to get cover for tangible costs rather than intangibles.

What’s Important to your Business?

Customer data and credit card data breaches are in the headlines every week, so the layman should be forgiven if they forgot that cybercrime was so much more multifaceted. In the middle of December, German steel conglomerate, ThyssenKrupp AG, provided a stark reminder that so much more is at stake than PII and CVVs and the clean-up after a cyber incident.

ThyssenKrupp, worth around $14 billion (USD), disclosed that they had, ‘become the target of a massive cyber attack,” in April 2016. When their internal computer emergency response team (CERT) discovered intruders on their network, evidence suggested the unknown threat actors had been pilfering intellectual property (IP) from their systems for at least two months. ThyssenKrupp’s announcement suggested the attackers originated from somewhere in southeast Asia and that the stolen IP belonged to several of its global businesses.

Identifying and Managing Cyber Risk.

It pays to remember that cybersecurity teams must have the people, processes and technology to tackle cybercrime from all aspects of the risk profile. Each of the top-level risk categories need to be assessed, considered and managed to make sure that you’ve tried to protect what’s most important to your organisation. Risks fall into several of these top-level categories, such as the loss of trade secrets (IP), financial loss, loss of reputation or credibility and the loss of life. Clearly, we’ll see individual risks on each of these categories, depending on the means of the attackers, coupled with their motivation and intent….Click HERE to read full article.