New findings by Zurich North America and Advisen Ltd. show that the number of corporate risk managers who have purchased some form of cybersecurity insurance coverage has more than doubled since 2011. The need for such coverage has increased since the coronavirus pandemic began and many more employees started working from home.
- Seventy-eight percent of corporate risk managers have purchased some type of cyber insurance coverage, up from just 34% in 2011.
- As more employees work from home because of the pandemic, risk managers see increased potential for ransomware and business interruptions.
- Other major risks that companies are looking to insure against include funds transfer fraud, system failure, and reputational harm.
Working From Home Has Increased the Risks
More than four in 10 people in the labor force are now working from home full-time, according to nationwide surveys conducted by Stanford University. While the new work arrangement is good for fighting a pandemic, corporate risk managers see the potential for more cybersecurity risks.
Top concerns in the Zurich North America and Advisen study included employees unintentionally infecting the company’s network with malware or giving sensitive information to a third party.
Other cyber hazards that risk managers are interested in insuring against, according to the study, include:
- Bricking (when a cyberattack renders a device unusable) – 72%
- Contingent business interruption – 72%
- System failure – 70%
- Funds transfer fraud – 66%
- Social engineering – 66%
- Internet media liability – 63%
- Reputational harm – 60%
Of the firms that have cyber insurance, 55% purchased coverage in the form of a standalone policy, while 13% got it as part of a professional liability or other type of policy.
Price Is an Obstacle for Some Companies
The study found that 12% of risk managers do not have cyber insurance and aren’t in the process of buying it. The primary reasons given by the respondents were the price of coverage and a lack of buy-in from executives and IT professionals in the organization.
That said, the results of the study made it clear that most organizations no longer view cyber coverage as an extravagance but as necessity.
The study included organizations across a number of sectors, including finance, banking, insurance, manufacturing, healthcare, technology, education, and nonprofits.