Cyber Events Hedron Newsletter Website Banner

Digital disruption: increase in cyber events makes cover even more essential

1 in 7 businesses have lost a day or more to a cyber event in the last 12 months, according to recent QBE research 

Organisations are no longer asking themselves if, but when, they’ll be affected by digital disruption. Significant and successful cyber events have increased 42% in Europe and North America from 2023 to 2024, and are projected to keep growing in number. Of the businesses that experienced a cyber attack in the past year, almost half lost revenue as a result.  

We spoke with QBE about how businesses can be better aware of cyber risks, and the vital role of brokers in helping assess exposure and put the right cover in place.  

With the rise of digital transactions and e-commerce, what specific cyber risks should businesses be aware of, and how can commercial cyber insurance help mitigate these risks?

There are two key areas of consideration for businesses when looking to defend themselves against cyber threats. The first is having the right technical security tools and procedures in place, while the second is the human element – both are important for businesses to focus on.  

From a technical perspective, it is essential businesses secure the perimeter of their IT network, managing remote access through multi-factor authentication (MFA) as well as ensuring any security vulnerabilities are discovered and remediated quickly through a robust patching policy. However, even with the most sophisticated tools implemented, human error still plays a major part in cyber attacks, meaning awareness and education of employees on threats is important.  

Cyber insurance policies will respond to a range of cyber attacks, and provide comprehensive incident response support, whether the incident is caused by a failure in security tools or simply by an employee clicking on a malicious link in a phishing email. 

How can brokers help businesses asses their exposure to cyber threats, and what types of coverage are essential for businesses handling sensitive customer data or financial transactions? 

Within their client portfolio, brokers will have a range of companies of varying sizes, industries and geographies. This broad make-up gives them a real advantage when it comes to advising clients on trends appearing in terms of different types of attacks that may be affecting one industry or another, as well as providing data on how the attacks are launched and average cost of losses. Insurers also provide this data, and we are able to leverage our global portfolio to support our clients with best practice and recommended actions.  

The key elements of a cyber policy include incident response support, where insurers will provide access to experts to help a business recover its operations quickly, as well as cover for any ongoing business interruption losses. 

In industries with high-value online transactions or customer-facing platforms, what are the key considerations when choosing commercial cyber coverage to protect against breaches, data theft, or ransomware attacks?  

A good cyber policy will include support services for individuals who may have been affected by a data breach. This will include access to a call centre to help with any concerns around privacy exposures, as well as being provided with credit and ID monitoring service to provide peace of mind in the event personally identifiable information has been stolen.  

If a business has suffered a cyber event and is being held to ransom, their cyber policy will provide expert support services to assist with negotiation with the threat actor, and ultimately if there is no other course of action recommended, will provide indemnity for the ransom payment itself.  

The intelligence and advice provided by the expert incident response services is invaluable in assessing the credibility of the cyber threat and supporting clients through the incident. 

As cybercrime continues to evolve, how can businesses ensure that their commercial cyber insurance policy evolves as well, and what role can brokers play in keeping businesses updated on emerging cyber threats and coverage options?  

Cyber insurance policies provide a broad range of incident response services and cover for business interruption losses, as well as liability claims that may arise following a cyber attack. They often also include cover for social engineering or telephone fraud losses.  

Businesses know their own risks better than anyone else. It's essential that insurers, brokers, and clients communicate regularly in order to understand the threats facing businesses, and insurance policies will evolve to respond to emerging threats. 

 

 

 

This article has been written with source material from our partner insurer QBE as well as publicly available information. The content reflects the views and expertise of the respective contributors and is intended to offer insights on current industry topics. Please note that this article does not necessarily represent the views of Hedron Network or its affiliates.