Cybersecurity insurance should be considered the “last line of defence” and not a replacement for investment in security tools, said experts at a panel discussion this morning.
Speaking at the eighth edition of the ISNR 2018 – a homeland security focused exhibition happening in Abu Dhabi this week, the panel highlighted best practices for organisations in anticipating, preparing for and responding to a cyber breach event.
Eddie Schwartz, EVP of cyber services at Dark Matter, spoke about while he couldn’t disclose specific breaches, he could confirm that he was seeing them happen on a “weekly basis” across the GCC, targeting both public and private entities.
“The perpetrators of such attacks range from organised criminal groups, to just some guys that will throw in some ransomware they’ve happened to get hold of,” he said.
But where organisations are going wrong across the region is believing that cyber insurance policies are sufficient forms of protection.
Simon Bell, vice president at insurance broking and risk management firm, Marsh Middle East, added that while it is encouraging to see a wider range of industries looking to invest in cyber insurance, more is still to be done.
“When cyber insurance first came to the market, purchases initially came from financial institutions who were concerned about their data vulnerability,” he said. “However, what we’re seeing now is telcos and organisations in oil and gas moving into this space, and looking at their core business systems that could see severe financial loss by cyber breaches.”
However, Schwartz added that while cyber insurance covers the cost of incident response, the fundamental bottom line still remains that even after covering these costs, the business is still vulnerable.
“Incident response investigations could take anywhere from 5 minutes to 5 weeks – if not more,” he said. “Depending on the vastness of a business’ infrastructure, this could cost up to a million dollars, therefore having a policy in place is obviously very useful. But having this cost covered should not act as a replacement for investing in high-end security in the first place, and this is crucial for organisations in the region to remember.”
Bell reiterated this, and said that cyber insurance must be considered the “last line of defence” for organisations, and should purely cover the financial implications of an attack – not act as a method of protecting the business.