In Ukraine, a cyberattack can mean a freezing night without power. But in the United States, it often seems like just one more unavoidable hassle of modern life. People change a few passwords, maybe sign up for credit monitoring, and then go on with life. But for the organizations on the receiving end—Target, Equifax, the federal government’s Office of Personnel Management, just to name a few—a cyberattack can mean scrambling to get systems back on line, setting up response war rooms, and, of course, paying huge bills for missed orders or new equipment.
And US businesses may no longer be able to rely on insurance to cover their losses. In an era of unceasing cyberattacks, including cases of state-sponsored hacking, insurance companies are beginning to re-interpret an old line in their contracts known as the “war exclusion.” Stripping away the metaphorical connotation of the term “cyberwarfare,” big insurers like Zurich Insurance have decided that state-sponsored attacks are basically just plain warfare. This shift comes as the US government is increasingly attributing state-sponsored cyberattacks to their alleged perpetrators, a development that some argue is a means of holding bad actors accountable.
But the policy certainly doesn’t seem to be doing any favors to the private sector.
(Score: 2) by Immerman on Tuesday April 30 2019, @01:47PM (1 child)
Really? I would think that a major insurance company easily has the budget to hire a few expert security people to periodically audit their customers' security practices to get a pretty good assessment of the actual risk.
It's not like incompetent security is difficult for an expert on the inside to recognize.
(Score: 2) by deimtee on Tuesday April 30 2019, @11:06PM
To: Mr CEO.
From: Lowly Insurance Agent
Re: Insurance for Information Systems.
If we spend a lot of money hiring the best cyber security experts there are, we will be able to judge how good companies' security is, and then we will be able to reduce premiums for those with good security.
...
To: Security
From CEO
LIA is fired. Block him from all data access and escort him from the building immediately.
If you cough while drinking cheap red wine it really cleans out your sinuses.