Gerrit Mets, Vanbreda cyber expert: “2016 was the breakthrough year for cyber insurance. While only a dozen or so Belgian firms insured themselves against cyber risks in 2014 and 2015, in 2016 this suddenly grew to several hundred.”
Small companies as well as larger firms are taking out policies and these companies hail from every sector imaginable, according to Jan Van Hecke, cyber expert and Deputy Director of Vanbreda. “This includes not only financial institutions, hospitals and retailers but also production companies, building companies, transport firms, notaries and legal offices and even sheltered workshops. This ‘broadening’ of companies that want to protect themselves against cyber crime is understandable. Each of these firms heavily depends on its IT system. If it no longer functions as a result of a cyber attack, activity will come to a standstill and enormous financial claims will ensue.
The fact that more and more cyber cases are being reported is, according to Gerrit Mets, the number one reason why we are seeing such a rise cyber insurance policies. “These days, hackers are professionally organised gangs. We are aware of groups that even have their own call centre where they offer a form of Hacking on demand. These cases are being reported on the news more often causing a rise in company awareness. And companies themselves are also increasingly discovering that they are not immune to cyber crime. Today, firewalls are being bombarded by viruses and phishing mails. We are noticing that the companies themselves are contacting us more often now because they have come to realise that the financial impact of cyber crime is not sufficiently covered in their current insurance package.
The implementation of the new European data directive (GDPR) also plays a role in the increase of the number of cyber policies. Gerrit Mets: “This new legislation, that will go into effect at the start of 2018, imposes high standards for private data handling. Companies only have one year left to get organised in order to comply with this legislation. Violations of these standards will be met with stiff penalties of up to 4% of total annual turnover. A cyber insurance policy provides coverage and compliance. That is why we expect that the number of companies taking out cyber insurance will only rise during 2017.”
According to Jan Van Hecke, the insurance market is prepared to deal with cyber risks. More than prepared: right now it is attractive for companies to take out such a policy. “At the moment, insurance policies are quite affordable despite the competition among insurers who are all keen to acquire a share of the market and despite the lack of reliable damage statistics available. Once the market has matured, the statistics become available and insurers have acquired a sufficient share of the market, the pressure on the insurance premiums will increase. That is why we recommend companies to act now.”