Cyber insurance can impede real security

Financial services industry is at risk of depending on insurance rather than knowledge in fight against attacks

The financial services industry is placing its trust in cyber insurance rather than companies ensuring their own security defences are up to scratch, it has been claimed.

The sector suffered 300 per cent more cyber attacks in 2014 than any other sector, according to research published by security firm WebSense in its 2015 industry drill-down report for financial services. It also found that certain malware families were observed up to 400 per cent more frequently in financial services than the norm.

However, the investigation also found evidence that companies operating in the area may be putting their faith in the relatively new field of cyber insurance rather than ensuring they are as secure as possible.

Carl Leonard, WebSense's principal security analyst, told IT Pro: "The focus really needs to be on making sure that you have the best [security posture] possible, so that you can work dynamically, embrace new technologies and work in a fast-paced environment, rather than simply focusing on cyber insurance.

"Insurance is not going to solve the underlying root problem of being able to understand what threats you are faced with and how best to mitigate those."

That is not to say that insurance should be abandoned altogether, though. Rathermore, it should be a part of the security patchwork.

Indeed, according to Leonard, if a company takes the approach of being as prepared as possible, they may also come off better if there is a breach both in terms of being more prepared in the face of future, similar attacks and filing an insurance claim.

"It might be that when we go into the cyber insurance details that they want some sort of proof that a business has taken the necessary steps for their payout to be valid," Leonard said.

"We can draw parallels with other industries, and we have seen that claims in the healthcare sector are already being disputed, so I think we're going to get to the point where it's up to businesses to show that they have necessary steps to show they have done all they can to mitigate risk," he concluded

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021
Hackers develop Linux port of Cobalt Strike for new attacks
Security

Hackers develop Linux port of Cobalt Strike for new attacks

14 Sep 2021