I read an article the other day about a recent speech given by the UK’s Chief of Metropolitan Police. 

Detective Chief Inspector Gary Miles admitted to the audience that cyber crime today ran rampant in London because historically their force was “not very good” at detecting it.

As well as loving his honesty, I really liked the example he used to describe how traditional models don’t necessarily respond to the cyber risks we now face:

Miles described one instance where a woman had been pushed to the floor and robbed of £20 at a cash point.  The Metropolitan Police Service immediately put 4 officers on the case, seized CCTV footage, caught the thief by the end of the day and put him in court the following morning (where he got a 3 month suspended sentence after pleading guilty).

But a woman who complained she had been defrauded (online) of £11,000 was dismissed by police because they believed she was not vulnerable…

“Why are you going to go out and commit a robbery when the police are going to throw a team of 10 or 12 people at you?It’s highly likely you’re going to get convicted.The conviction rate was 53% for robbery last year.And you’re going to get 15, 16 years.Why not sit down and do 10, 15, 20 small £5,000 frauds?” said Miles.

Source: computerweekly.com/news

I often have brokers and underwriters tell me that cyber insurance, even in this soft market, is a hard sell – not least because customers think it won’t happen to them. I often wonder if people are turning a blind eye because they have reached saturation point when it comes to the “bad news” stories we hear every week about hacks and cyber extortion; or perhaps because cyber incidents can still fly under the radar in this country, their consequences haven’t fully resonated within our community?

But if the scary stories that are reported don’t convince potential customers to have a re-think, then perhaps the simple analogy drawn by DCI Miles will.

Why go through the front door, guns a-blazing, when valuables can be stolen, corrupted or destroyed by anyone with a laptop and a little bit of IT nous?

The recent hack of Aussie Travel Cover is a fantastic example.In January it was revealed by ABC News that the insurer had been hacked, with around 870,000 personal and financial records of its insureds stolen and (partially) published online.When the ABC tracked down the culprit, he turned out to be a 16 year old Queensland teenager who told the news outlet that he did it because he was “bored”!

The enemy is no longer predictable or visible; the event likely to cause loss increasingly difficult (if not impossible!) to forecast.The only certainty seems to be that loss is inevitable, in some form, for everyone in the not too distant future.And that alone should give customers the impetus to look more closely at their risk management strategies and available solutions, including their investment in cyber insurance.