Cyber Insurance : Why do you need it? – By Kartik Ravindran

Edited By – Adya Mishra


We are living in a world surrounded by Internet. Internet has certainly made human life very smooth due to technologies like IOT, Cloud Computing etc. but on the flip side the risks involved are also huge.

Cyber Security and information protection is a big challenge for companies in today’s world. The amount of data breaches happening every year is an alarming sign for companies and it also gives an indication that the companies should go for Cyber Insurance in order to protect the assets and image of the company.

Let’s look at the few eyeing catching statistics.

  • From 2005 till July, 2016: There have been a total of6,333 reported data breaches,
    involving 864,236,208 compromised records!
  • The averagecost of a data breach in 2013 in the United States was $158 per breached record.
  • In the United States,the average cost of cybercrime amounted to 42 million U.S. dollars in 2015.
  • Only 3.8 percent of companies with revenues lower than 2.5 million U.S. dollars owned cyber insurance. Among companies with revenues exceeding five billion U.S. dollars, this number was equal to 25.9 percent.



The companies are subjected to a variety of risks because of the infrastructure, services offered on computer. The companies face threats in the form of denial of service attacks, phishing, spamming, ransomware attacks, eavesdropping etc.  In order to overcome the risks associated with these threats small or medium size companies opt for simple solutions like updating antivirus, updating firewalls, anti-spam software and other add-ons.

In spite of improvements in risk protection techniques it is difficult to implement a perfect cyber security protection. Some of the reasons are mentioned below.

  • Lack of sound technical solutions.
  • It is difficult to implement a proper solution because the attacker usually finds different ways to attack a system.
  • Difficulty to measure risks resulting in challenges to designing pertinent risk removal solutions.
  • Misaligned incentives between network users, security product vendors, and regulatory authorities regarding protecting the network.

Since many mid-size companies cannot opt for expensive risk management techniques, they usually opt for Cyber Insurance. Cyber Insurance is a risk management technique in which the risk is transferred to an insurance company in return for a fee i.e. risk premium.


Organizations are still skeptical in opting for Cyber Insurance because of the costs and complications that is involved in Cyber Insurance but the truth is Cyber Insurance is very much affordable and not that complicated as people think. Here are the main reasons for organizations to opt for Cyber Insurance.

  • Computer is used in your business – If your business is relying on computer and internet then it is important to opt for Cyber Insurance because there might be an incident in the future that your computer gets hacked and all your private information is exposed to the outside world. Due to this you will suffer huge losses and may even lose out on your business.
  • Not having a Risk Management Team – Unlike bigger organizations most of the mid-size companies don’t have a risk management team. Risk Management team craft policies and action plans in order to counter attack different risks. A good Cyber Insurance policy helps those organizations to overcome the risks which do not have the luxury of a risk management team.
  • A general policy may not cover Cyber Crime – Some organizations opt for general policy but the main drawback of General policy is that it doesn’t cover the losses incurred due to internet. It only covers losses occurred due to physical damage, since electronic data doesn’t come under physical property and since it cannot be physically damaged the general policy fail to recover those damages which in turn is a big loss to the organization. Cyber Insurance policy covers the first party as well as third party losses, breaches to the Privacy Act and loss of profits following the insured event.
  • You are responsible for the data even if you don’t host it – Organizations these days use cloud in order to store information. If a user has information in cloud database then he or she is legally responsible in handling the data. It is very much important to read the cloud hosting contracts, if your provider says that they are not responsible for mistakes or breaches to the organizations data then at least the organization is safe if it has opted for Cyber Insurance policy.
  • It is affordable – Cyber Insurance is not expensive as people think. With the right insurer, you can secure affordable cover that is also comprehensive.

As attackers are becoming smarter day by day the systems are becoming more vulnerable which means the attackers are always finding new ways to attack the system. Due to this the Cyber Insurance has become a necessary parameter in today’s IT world. “If you are not correctly insured then be ready to either shell out millions or shut down your business.”