Tripwire: More Executives Turn to Cyber Risk Transfer
As cyber threats grow in scope and potential impact, the complexity of enterprise digital data protection grows to astonishing proportions. Last year, a Fortune 500 survey revealed that cyber security is the second biggest concern for CEOs, who keep looking for new solutions to keep their data safe and their clients happy.
The enterprise data is worth more than gold, so it is unsurprising that the issue of cyber security grows in importance. This particularly gains in weight as clients and customers increasingly expect companies to show a proof of compliance and demonstrate that they have cyber risk strategy in plan.
As one of the strategies to mitigate potential risks and comply with cyber security standards, risk transfer is a strategic decision that more and more enterprises are making.
CYBER INSURANCE MARKET GROWTH
Although cyber insurance is not an entirely new notion, its importance grew parallel to the rise of cyber crime. With hacking attempts becoming more sophisticated and more frequently targeted at enterprises, a larger number of executives start taking cyber risk transfer into consideration.
Correspondingly, this market has skyrocketed in the last few years with the number of carriers reaching 25 and providing up to $300M in limits.
Furthermore, the Advisen report from October 2015 reports that 60 percent of respondents are buying cyber risk insurance, which is a considerable figure compared to 2011, when this form of risk was relatively new. Evidently, risk transfer is becoming a more popular strategy for mitigating cyber risks, which trigger the rise of companies called cyber captives.
Providing services ranging from security and privacy liability, data recovery and cyber extortion, these companies offer a new set of options for a modern enterprise.
However, prior to taking this step, CIOs need to evaluate the usefulness of this strategy and find the best way to implement it.
CYBER RISK MANAGEMENT
To be able to understand the extent to which they are exposed to cyber risks, enterprises need to carry out a proper assessment of the key systems. Only after getting the right insight into the actual state of cyber risk exposure, managers can make the right decisions concerning risk management and transfer.
In relation to this, Managing Director Cyber Security and Privacy at Protivity, Michael Porier suggests a set of steps to be taken in order to create an actual strategy. In one of his presentations, he outlines a full cyber security framework consisting of the following steps:
- Cyber assessment – evaluating the actual level of risk;
- Cyber risk mitigation – implementing the cyber security strategy;
- Cyber Insurance, risk transfer – deciding on the proper risk transfer option suitable to the particular company.
The full process involving these steps comes down to planning and executing the following…
Read the full article on Tripwire.