Cyber insurance can impede real security

Financial services industry is at risk of depending on insurance rather than knowledge in fight against attacks

The financial services industry is placing its trust in cyber insurance rather than companies ensuring their own security defences are up to scratch, it has been claimed.

The sector suffered 300 per cent more cyber attacks in 2014 than any other sector, according to research published by security firm WebSense in its 2015 industry drill-down report for financial services. It also found that certain malware families were observed up to 400 per cent more frequently in financial services than the norm.

Advertisement - Article continues below

However, the investigation also found evidence that companies operating in the area may be putting their faith in the relatively new field of cyber insurance rather than ensuring they are as secure as possible.

Carl Leonard, WebSense's principal security analyst, told IT Pro: "The focus really needs to be on making sure that you have the best [security posture] possible, so that you can work dynamically, embrace new technologies and work in a fast-paced environment, rather than simply focusing on cyber insurance.

"Insurance is not going to solve the underlying root problem of being able to understand what threats you are faced with and how best to mitigate those."

That is not to say that insurance should be abandoned altogether, though. Rathermore, it should be a part of the security patchwork.

Advertisement
Advertisement - Article continues below

Indeed, according to Leonard, if a company takes the approach of being as prepared as possible, they may also come off better if there is a breach both in terms of being more prepared in the face of future, similar attacks and filing an insurance claim.

Advertisement - Article continues below

"It might be that when we go into the cyber insurance details that they want some sort of proof that a business has taken the necessary steps for their payout to be valid," Leonard said.

"We can draw parallels with other industries, and we have seen that claims in the healthcare sector are already being disputed, so I think we're going to get to the point where it's up to businesses to show that they have necessary steps to show they have done all they can to mitigate risk," he concluded

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now
Advertisement

Recommended

Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Australia announces $1.35 billion investment in cyber security
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
CSA and ISSA form cyber security partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
UN report points to a 350% rise in phishing websites at start of 2020
phishing

UN report points to a 350% rise in phishing websites at start of 2020

7 Aug 2020