Summary

  • Report in collaboration with UK insurance market and top UK companies.
  • Report notes a significant gap in awareness around the use of insurance.
  • Less than 10% of UK companies have cyber insurance protection.

Original Author: Cabinet Office and Others
Original Links: https://www.gov.uk/government/news/cyber-security-insurance-new-steps-to-make-uk-world-centre

Content

Last year 81% of large UK businesses and 60% of small companies suffered a cyber security breach. A report published on 23 March by HM Government and Marsh, one of the UK’s leading insurance brokers and risk advisors, announces new joint initiatives between government and the insurance sector to help firms get to grips with cyber risk; to establish cyber insurance as part of firms’ cyber toolkits and cement London as the global centre for cyber risk management.

The report, ‘UK cyber security: the role of insurance in managing and mitigating the risk’, has been produced in collaboration with the UK’s insurance market and a number of top UK companies. It aims to make the UK a world centre for cyber security insurance. In particular, it highlights the exposure of firms to cyber attacks among their suppliers with a key agreement that participating insurers will include the government’s Cyber Essentials certification as part of their risk assessment for small and medium businesses.

Cyber threats are estimated to cost the UK economy billions of pounds each year with the cost of cyber attacks nearly doubling between 2013 and 2014. The report found that, while larger firms have taken some action to make themselves more cyber-secure, they face an escalating threat as they become more reliant on online distribution channels and as attackers grow more sophisticated. It issues a call to arms for insurers and insurance brokers to simplify and raise awareness of their cyber insurance offering and ensure that firms understand the extent of their coverage against cyber attack.

Companies are recommended to stop viewing cyber largely as an IT issue and focus on it as a key commercial risk affecting all parts of its operations. The product of collaboration between government and the sector following a summit held last November, the report recommends that firms examine the different forms of cyber attacks they face, to stress-test themselves against them and to put in place business-wide recovery plans.

The report also notes a significant gap in awareness around the use of insurance, with around half of firms interviewed being unaware that insurance was available for cyber risk. Other surveys suggest that despite the growing concern among UK companies about the threat of cyber attacks, less than 10% of UK companies have cyber insurance protection even though 52% of CEOs believe that their companies have some form of coverage in place.