This article appeared in Cybersecurity Law & Strategy, an ALM publication for privacy and security professionals, Chief Information Security Officers, Chief Information Officers, Chief Technology Officers, Corporate Counsel, Internet and Tech Practitioners, In-House Counsel. Visit the website to learn more.
In an environment of moving targets, it seems unimaginable that insurance against cybersecurity attacks can be robust enough to provide real protection. There are many types of risks involved, and some include physical damage to property.
In 2014, the Department of Homeland Security addressed the topic of cybersecurity insurance and suggested that a robust cybersecurity insurance market could mitigate risks and even reduce the number of successful cyber-attacks by: 1) promoting the adoption of preventative measures in return for more coverage (monitoring and securing); and 2) encouraging the implementation of best practices by basing premiums on an insured’s level of self-protection.
In the space devoted to the topic, they also admit companies may forego insurance because of the perceived high cost…