Cybersecurity Insurance Not Applied by 30% of Healthcare Companies

August 31, 2018


A survey conducted by Ovum for analytics company FICO has pointed to the fact that there has been a quick increase in firms signing up for cybersecurity insurance, however, the healthcare sector generally has been sluggish to follow this tendency.

In 2017 when the preceding survey took place, 50% of U.S. firms disclosed that they had not taken out a cybersecurity insurance policy. That fraction has decreased to 24% in 2018. Though many companies see the worth of paying insurance premiums to protect the expenditure of alleviating cyberattacks and data breaches, that doesn’t appear to be the case for healthcare companies.

Just 30% of healthcare groups have signed up for cybersecurity insurance plans. 70% have absolutely no cybersecurity insurance protection whatsoever, although the sector is aimed by hackers. The financial services sector, which is also greatly focused on by cyber crooks, has been swift to avail of cybersecurity protection. Just 10% of interrogated financial companies had no coverage for cyberattacks.

The survey targeted 500 businesses in 11 countries including the U.S., India, Canada, and the UK. The figures for the United States were the precise average across all analyzed countries, which is the main improvement in 2017 when U.S. companies rated bottom out of all 11 countries for cybersecurity insurance uptake.

Among the main problems concentrated on by the survey was unjust premiums which had not been correctly calculated based on the level of threat. Just a quarter of surveyed businesses said their underwriters had set premiums using on a correct analysis of their company’s risk profile. Most supposed the premiums were based on industry averages, incorrect analyses or unidentified elements.

The heightened danger of cyberattacks and the legal action that usually comes after this has resulted in several businesses to take out policies, however, in numerous cases, the cover supplied isn’t complete cover. Just a third of U.S. firms (32%) said their plan included all cybersecurity dangers. Although plans have been applied, they might not pay out in the event of a breach happening.

Doug Clare, vice president for cybersecurity solutions at FICO said “Given the number of large-scale and very open breaches in current years, it is not astonishing that we’ve seen a big surge in US companies investing in it throughout the past 12 months, however, there’s still some way to go. When the insurance market develops and the lawsuits and fines rise we expect more companies will also go beyond basic coverage to look for protection that is more comprehensive.”

Nevertheless, Maxine Holt, research director at Ovum, said it might be a case of businesses having a risk profile that underwriters are not willing to cover in total.