According to research carried out by the Corporate Executive Programme (CEP), an executive level forum that brings together representatives from Fortune 500 companies to share knowledge on security risk, only 13% of UK businesses have cyber insurance cover. This is compared with 40% of businesses in the US.
In conducting its research, CEP interviewed officials at 30 UK and 10 US businesses that operate in a range of areas – financial services, manufacturing, retail and IT services. Over half of those companies generate an annual turnover in excess of £1 billion. Whilst a quarter of the companies had reportedly suffered a business impacting cyber incident within the last year, less than 30% of those companies had dedicated cyber insurance cover.
CEP’s research revealed that 25% of the companies interviewed set aside their own money to deal with incidents, 23% relied on their general insurance cover to address cyber risk, and a fifth of the businesses had no cyber cover at all. Query whether the new data breach and cyber incident notification requirements set to be introduced under new EU legislation will encourage more UK companies to purchase dedicated cyber insurance cover in the future.