Cybersecurity insurance is designed to alleviate losses from various cyber incidents, including data breaches, damage to networks, and any interruptions to business operations. But while billion-dollar companies are all in desperate need of cybersecurity insurance and can afford to spend millions without thinking twice, cybersecurity insurance only transfers some of the risk of a breach to the insurer. It does not cover lost data, reputation damage or lost business.
The major issue facing insurers today remains insurance underwriting to quantify cyber risk. In 2015, the National Association of Insurance Commissioners (NAIC) adopted guiding principles for insurers underwriting cyber risk, but there is still no standard or valuation approach on which the insurance industry, as a whole, underwrites cyber liability coverage.
Senthil Rajamanickam, who is the FSI Strategy and Operations Manager at Infogix, discusses the issues in the cyberinsurance space.