It’s not surprising that many businesses are not fully prepared to for cyber risks. The nature of this threat continues to evolve as technology advances, cloud computing grows, social media continues its advance and cyber criminals become more sophisticated. Mega-retailer, Target, recently announced a bomb-shell. Hackers had accessed private information for millions of Target customers. The retail giant has announced that all customers who have shopped at Target since Black Friday are at risk of having their identities stolen due to this enormous cyber breach.
In many ways, captive insurance companies are ideal vehicles for addressing cyber risk. Because cyber threats are relatively new and ever-changing, it can be difficult for third party insurance coverage to keep up. Also, cyber threats can have a tremendous spill-over effect, touching off a chain of secondary losses. Target will likely suffer from this cyber disaster well into the future as it will not only incur liability costs from the data breach, but it will also likely suffer lost sales as it endeavors to regain the trust of its customers.
Because captive insurance companies can issue customized, more flexible coverage to their parent companies, they can serve as an ideal insurance solution for cyber risk. Furthermore, a captive’s flexibility also enables the parent company to maintain third party commercial cyber insurance and supplement third party coverage with a broad insurance policy from the captive to address gaps and secondary losses caused by a cyber incident.
A recent article in CAPTIVE REVIEW titled “Cyber, The Unseen Giant” by Stephanie Tassone noted that “Cyber risk remains high on the agenda for risk managers globally, with over 80% of captive directors commenting that cybercrime is one of the most underrated risks.” Tassone interviewed Stephen Cross, the chairman of Aon global Risk Consulting. Cross told CAPTIVE REVIEW that “Captive insurance companies are an obvious home to incubate cyber coverage. Captives can act as a hub to gather data and insight as well as develop an understanding about what enterprise cyber risk really means for an organization.” AON surveyed over 100 captive executives and directors on their opinion on the rankings of various global risk findings. The survey found that “Cyber risk, including computer crimes, hacking, viruses and malicious codes, was the most contested risk, with 82% of captive owners commenting that the risk’s ranking of 18 was severely underrated.”
Businesses that have third party cyber insurance in place, should consider supplementing their cyber insurance with a blanket cyber policy in a captive insurance company. Many businesses do not have cyber insurance policies in place. And, it is difficult to get excited about purchasing additional insurance. For many businesses, insurance is a necessary evil..it is definitely a necessity but can also be viewed as a sunk cost. Owning a captive insurance company gives a business an additional tool to address “non-traditional” but very real risks like cyber attack. A business can purchase cyber insurance from its captive insurance company and simultaneously grow profit in its captive insurance company when claims are low.
Also, because captive profits are at stake, the business has an even greater incentive to take active security measures to reduce the likelihood of cyber attack and other digital threats to business data.
To read the entire article in CAPTIVE REVIEW, click the link below.