As more and more of our lives migrate online, and news of security breaches at large internet companies proliferates, now is a good time to assess the cyber insurance market to make sure you and/or your employer is properly protected against future attacks.
A December report in the [New York Times](http://bits.blogs.nytimes.com/2011/12/23/insurance-against-cyber-attacks-expected-to-boom/) shared a study that only one in three companies surveyed had purchased a cyber insurance policy. This number is expected to go up significantly, however, as the SEC will soon require companies to disclose to shareholders when they have suffered a cyber attack.
Another reason for the projected jump is that cyber attacks are becoming more and more costly for companies. In the wake of the recent disclosure that LinkedIn’s security system was compromised, the fallout has been tremendous. On top of the man hours and diverted production needed to shore up the problem, the loss in consumer confidence and brand equity can costs companies tens of millions of dollars.
Companies also face complexity when shopping for cyber insurance. Offerings can vary greatly depending on the size of the company’s infrastructure and the extent to which they want to cover it. There is no standard, one-size-fits all cyber insurance policy for companies.
Unfortunately, these a la carte offerings are where companies tend to cut corners and leave themselves vulnerable to losses, as hackers and their malware are generally more sophisticated than the insurance policies designed to protect against them. For now cyber protections for corporations remain a balancing act between hiring more engineers to further buffer the product, and spending those same dollars directly on insurance policies.
If you do believe that cyber insurance is the right move for your company contact a major carrier like MetLife, Esurance or Progressive. Or let a CoverHound expert point you in the right direction.
Personal cyber insurance is a novel concept that for is now is just that -- limited to the realm of science fiction novels. Perhaps there will soon come a day when a concierge of sorts can monitor your collective accounts and indemnify you against any breaches.
For the now the best advice we can is to keep your passwords nuanced and diversified. Additionally, try to not keep them all in the same place; there is no need for a spreadsheet with all your passwords on there -- as misplacing that or having it fall into the wrong hands could be exponentially troublesome. And if you do feel that your account on a given site has been compromised you should phone its customer service immediately.