How do you insure the intangible?

Cyber-liability: new and fast growing.

Cyber liability insurance is a newly-established insurance category in the UK, estimated by the industry to represent GBP3–4 million, or just 0.01 per cent of the country’s non-life gross written premiums. However, this belies the market potential, with an estimated 4.8 million private businesses registered in the UK and growing use of the internet among these firms.

Indeed, it is developments in the use of information technology for business that have highlighted the issue of liability in cyberspace. Firms collect, manage and store data electronically, social media interaction has increased and portable computing devices are growing in popularity. This technological evolution means UK firms are increasing their exposure to cyber threats such as hacking, extortion, data leaks and business downtime, all of which could result in an onerous financial burden to resolve.

A number of high-profile data leaks during 2011 and 2012 highlighted the costs involved when personal data is exposed. Beyond the obvious monetary costs of launching an investigation and settling compensation payouts comes the costs which are more difficult for underwriters and businesses to quantify: damage to reputation, business disruption and lost business all have to be taken into consideration. A joint industry and government report, the Information Security Breaches Survey for 2013, calculated that in the aftermath of its most serious data breach, the highest cost to a large firm (more than 250 employees) stemmed from damage to reputation, followed by response costs and business disruption (see chart, below). For smaller businesses the cost of business disruption is, on average, eight times higher than any other resulting cost.

Average cost of a large organisation's worst cyber incident (GBP, 2012)

Industry surveys suggest a low awareness of cyber liability products among UK businesses. In all likelihood, managers believe these intangible risks are covered by their existing commercial liability insurance policies, yet traditional policies do not tend to address issues related to the internet or electronic data.

If the growing risk in the impalpable world of cyber data does not provide the catalyst for uptake of cyber liability insurance, regulatory changes will likely prove the strongest incentive for British businesses. The European Commission (EC) aims to harmonize laws on the protection of personal data across the EU. In the event of personal data being exposed, firms will be mandated to notify national authorities - the Information Commissioner's Office in the UK - and will face fines for non-compliance. The new law is slated for introduction in 2014 and is expected to be the primary growth driver of cyber liability insurance over the next five years.

This piece first appeared on Timetric

Photograph: Getty Images

Rebecca Larkin is an economist at Timetric

Getty
Show Hide image

Watch: The evidence Nigel Farage said money sent to the EU should go to the NHS

After the EU referendum result, Nigel Farage said it was a "mistake" for Leave to suggest funds could go to the NHS. But what's this?

Remember Friday? (I know: it's not necessarily a pleasant thing to do, but bear with me.) On Friday, hours after the result of the EU referendum was announced, Nigel Farage appeared on Good Morning Britain and said that the Leave campaign advertising which linked the extra "£350m a week" Brexit would allegedly gift us with the NHS was a "mistake".

Sure, it was on posters, and emblazoned on a bus, and he didn't speak up to disabuse anyone of the notion. But let's give Farage the benefit of the doubt and pretend he does sorely regret the fact that, through no fault of his own, members of the electorate may have been led to believe that that money would be put into healthcare. It must be tough, when you ought to be high on your victory, to have to answer for other people's mistakes

Ah. Hold that thought.

It looks like the Independent has unearthed a video of Nigel Farage on television before the vote, and  strange thing  he tells Hilary Benn that the money currently being sent to Europe should be spent on, er, "schools, hospitals and the NHS".

Well, this mole isn't sure what to say. Maybe Farage doesn't remember this specific moment? Maybe when he said "schools, hospitals and the NHS" he actually meant something different, like "negotiating our exit from the EU", or "paying to access the common market despite no longer being a member"? Or maybe when he said that money should be spent on these things, he didn't mean it necessarily would be, and it would have been entirely unreasonable for the voting public to make such an absurd leap?

All I can suggest is that you watch and decide for yourself, dear reader.

I'm a mole, innit.