Why Cyber Insurance Is Emerging As Mandatory Cybersecurity Tool In Today's Age

Cyber insurance is a tool that alleviates the financial risks of companies in the occurrence of any data breach, ransomware attack, investigations, lawsuits and even extortion payments. EvaaSaiwal, Practice Leader Liability & Financial Risk, Policybazaar.com, recently spoke with the editor of siliconindia about the significance of Cyber Insurance in today’s businesses.

How Cybersecurity is a top priority for most of the businesses today?

In today's fast-paced digital world, cybersecurity is a priority for most businesses as well as individuals. This is true across the world, including in India. Government data indicates that over 6.7 lakh cybersecurity incidents were reported in India till June 2022 alone. This translates to around 3,600 incidents every day, or four to five such incidents every two minutes.

It, therefore, comes as no surprise that the authorities have acknowledged the importance of protection of digital data. The recent release of the draft Digital Personal Data Protection Bill 2022 validates this fact. The bill focuses on measures aimed at protecting digital personal data, seeks to allow transfer of data outside India, and provides for hefty penalties regarding data breaches and inability to contain such breaches.

However, with the rising number of data breaches, it’s important to understand that how not just individuals but companies too need to protect themselves from these cyber-attacks.The one such tool that effectively shields enterprises and helps them mitigate cyber risks is Cyber insurance.

With thousands of ransomware attacks being reported every day, while cybersecurity threats are easier to spot, it is equally possible to miss just one of them. One such miss can lead to loss of data worth millions, and perhaps can even have direct financial implications on the company. Cyber insurance can help protect against these types of attacks by paying claims on behalf of or to your company, in an event in which its data is hacked by a malicious attacker, or if your business suffers from a breach.

What is Cyber Insurance?
It is essentially an insurance plan that mitigates thefinancial risk exposure to a business or individual by ensuring that they are covered not only against the costs related to damages and recovery after a data breach, ransomware attack, or another cybersecurity incident, also against costs of investigations, lawsuits, compliance regulatory fines, forensic costs, and even extortion payments.

Cyber insurance is finding growing popularity in India with corporates choosing to insure themselves against cyber risks. It provides peace of mind, which can be difficult to come by when dealing with the threat of computer attacks.

The price tag on cyber security has been rising steadily over the last few years as threats continue to evolve at an alarming rate. As such, businesses are looking for ways to reduce their exposure and keep their data safe from hackers, who are on the lookout for sensitive information from companies that don’t have robust security measures in place.

Why Cyber Insurance is Critical?

The need to have a cybersecurity policy is critical as those who do not deploy one may face monetary losses and other legal repercussions. As cyber crimes continue to grow in frequency, it's important that organisations have a clear definition of what constitutes a breach. In addition, regular updates are required for the policy itself to protect against new threats that emerge over time.

This is where the need for cyber insurance comes into play: if you don't have an updated policy in place and you're a victim of a cybercrime, then your company could be liable for damages or fines from regulators or law enforcement agencies investigating those breaches. For example, if one of the employees takes confidential information home with them on their laptop, this could lead to an investigation by authorities who may fine both parties involved—and even prosecute them criminally.
The best way around this problem is having proper cybersecurity practices along with a cyber insurance policy in place so not only such breaches can be prevented before they happen, but there is also a mechanism in place to mitigate damage after they occur.

What is covered?
There are two main types of cyber insurance coverage — third-party liability cover and first-party cover. The first-party cover protects a company when it incurs expenses from a data breach or when its data is hacked. On the other hand, third-party cover provides protection when a customer, vendor, partner, or any other third party sues the company for allowing a data breach to occur. A comprehensive cyber insurance plan should offer both these coverages to help mitigate the costs of data breaches.

With data breaches becoming more frequent, insurance companies are taking this into account when calculating premiums. If a company’s data has been breached, it will be costly to repair the damage caused by it. So the security protocols implemented to protect data often play a role in how much the insurance would cost.

In a nutshell
Over the last few years, insurance companies have launched Cyber insurance as a  product to cater to the growing needs of cyberattacks in digital space. These products offer coverage for damages caused by cyber-related incidents and acts as a safeguard against data breaches. This kind of insurance is becoming mandatory for certain industries and for those who want to stay safe from potential financial losses as well as legal repercussions following such attacks.