Is Cyber Insurance for All Unrealistic? Or Is It Our Destiny?

By Shawn Dougherty September 22, 2014

Shawn DoughertyIn the rapidly changing world of cyber risk, you have to think ahead. So when I read that Ari Schwartz, the White House Director of Cyber Security, had offered his views on the future of cyber insurance at a recent conference, it was hard to ignore. Schwartz said that by 2020, private firms will be buying cyber insurance, just as they do for property and liability coverage and other basic insurance policies. According to Schwartz, it will be a coverage that all businesses need to buy. He said that although cyber insurance is growing, insurers are reluctant to underwrite policies without the actuarial data they need. Demand for cyber insurance, he said, is surpassing supply.

Usually, I’m not comfortable predicting the future. In this case, though, I think Schwartz may be spot-on. The need for cyber insurance is growing every day as phishing, cyber extortion, and data breaches become more common and affect more and more people. The data breach at Home Depot is only the most recent example to make the news. Healthcare.gov, Bartell Hotels in San Diego, and Memorial Hermann Health Systems in Texas are all among those that have recently suffered data breaches.

Such incidents are still relatively new from an actuarial perspective, Additionally, it can be difficult to predict costs and price insurance. Taking this into account, ISO announced  a strategic collaboration in July with IDT911™ (IDentity Theft 911®). The collaboration will help ISO better understand the cost of data breaches and provide a more complete picture of cyber risk.

In the meantime, if you want to enter the cyber insurance market or learn about any of ISO’s various cyber offerings, visit the ISO Cyber Risk Solutions website, www.verisk.com/cyber or e-mail me at sdougherty@iso.com. You can also follow me on Twitter @doughertyshawn.


Shawn Dougherty

Shawn Dougherty is the assistant vice president of ISO's Specialty Commercial Lines Division. He is responsible for providing the overall direction, leadership, and client service for ISO's cyber liability (e-commerce), D&O (management protection), businessowners, crime and fidelity, financial institutions, employment-related practices liability, and professional liability (other than medical) insurance programs. He is also the ISO product manager for the Lloyd's Wordings Repository, an electronic database of policy wordings and clauses regularly used within the London market. Mr. Dougherty has worked at ISO since 1988.