Several events have contributed in particular to this, least threatening events such as NotPetya and regulatory developments such as the passing of the European Union’s GDPR, which has resulted in cyber insurance premiums growing nearly 25 times since 2015 alone.
One size does not fit all: a cyber risk insurance perspective
Most attacks on major healthcare network systems in recent years have involved payment, with a confirmed $22 million Bitcoin payment made by Change Healthcare’s parent company UnitedHealth Group (UHG) among the most recent examples. More importantly, prompt payment makes sense from the main point of view that affects the victim’s perception of risk during a disaster – that of the insurer.
If risk is an uncertainty that one can put a value on, insurance companies rely on data about threat behavior and risk potential to develop an actionable view of the likelihood of all risk categories. Car accidents, for example, lend themselves well to statistical modeling, given the decades of data from all parts of the developed world available for analysis. Cyber risk, in contrast, is less specific and suffers from a relative lack of available examples.
Source link