Hacking is the process of exploiting vulnerabilities to gain unauthorized access to systems or resources. Hackers steal confidential data like income details, credit card details and social security numbers for identity fraud or theft. Hackers, in most of the cases target the organizations that stores the above mentioned details of various individuals. In some cases hackers do look for passwords to access confidential online transactions. The most recent and high profile hacking involves accessing the confidential records of millions of customers of Anthem Inc., which is the second largest health insurer in the U.S. Even technology companies such as Microsoft, Apple and Facebook have been the victims of hackers and one of the recent & largest known attacks was against Sony.
In a survey of 800 members that happened last year, the National Small Business Association reported that almost half had experienced security breaches from external sources, with nearly 60 percent of those incidents resulting in business interruption. The average recovery cost of the attacks approached to $8,700.
Insurance companies have come up with products that provide coverage against the theft money or the loss incurred due to the unauthorized use of a computer. Hack Insurance covers the financial loss incurred due to the loss of confidential information regardless of how it might be lost or stolen. The coverage typically covers both first-party and third-party losses suffered. This can be explained in two parts: Firstly, it covers the liability arising from the loss, like the lawsuits filed by individual victims or from businesses who incurred losses because of the hackers attack. Secondly, it covers the organization’s own costs to intimate and calculate the credit of the victims, perform investigation and handle the public relations campaign.
Analysts predict that the total annual premiums of hack insurance products is expected to grow to billions of dollars by the end of year 2020.
Some tailor made business owner insurance policies pay computer security losses under act-of-vandalism or loss-of-business clauses, but there are few policies available in the market specifically to cover the loss due to attack from hackers. Such policies for large organizations ideally carries yearly premiums that range from $100,000 to $3 million.
Insurance companies have to be more innovative in the risk measurement part as currently there are no effective risk measuring techniques available.