It’s already a booming market in the United States, but in Europe, companies are also waking up to the idea of cyber insurance to protect themselves against Internet attack.
And insurance companies are projecting strong growth in the coming years.
On the other side of the Atlantic, where companies are obliged to inform US authorities of online attacks, the cyber insurance market is already highly developed, totalling $1.3 billion (960 million euros) per year, according to Christopher Lohmann, head of Germany and central Europe at Allianz Global Corporate and Speciality.
Europe is still a long way off that.
“But we project strong growth in the coming years. We see the market amounting to 700-900 million euros by 2018,” Lohmann said.
For companies and private individuals, the dangers from the web are very real, ranging from data and identity theft to espionage.
Companies can see their infrastructure paralyzed, their computer systems infected with viruses and malware.
But these are not the only risks: human error and internal hiccups can also jam systems and wipe data.
Just last month, mobile phone operator Vodafone was the victim of massive data theft where personal information — including bank account details — of around two million people was stolen.
And with the exponential growth of electronic messages, and the increasing transfer of companies’ commercial processing and data storage to cloud computing, the dangers are only going to multiply.
In Germany, a total 64,000 acts of cyber crime were officially reported in 2012, representing around 42 million euros worth of damage, an increase of 7.5 percent over the previous year.
‘Europe is still very much behind on this’
And that is just the tip of the iceberg, experts say, because many companies prefer to remain silent over any breaches in their security systems.
“Europe is still very much behind on this,” said Nicolas Helenon, founder of the insurance broker NeoTech Assurances.
“Big companies armed themselves against these risks long ago. But most small and mid-sized companies are not insured,” Helenon said, arguing that many businesses found cyber risks more difficult to grasp than, say, fire or water damage.
“The threat of cyber crime is primarily a concern for companies who manage a lot of client data,” said Philipp Lienau at HDI Gerling.
“In case of an attack by hackers or data theft, it can be they who can be held responsible. But above all, it’s a major cost factor. Informing those affected by any cyber attack can be very costly,” Lienau said.
And it can also seriously damage a company’s reputation.
German’s Allianz launched an insurance against all types of online risks to companies in July. And HDI Gerling, a subsidiary of the Talanx group, followed suit, offering tailor-made products to industry since September.
French giant Axa is scheduled to enter the market at the beginning of October, while Zurich Insurance has been offering such policies to SMEs for a year now.
New legislation will come into effect in Europe, requiring companies to report cyber attacks and abide by tougher data protection rules. And that will boost demand for cyber insurance, experts say.
And it is not only companies that are at risk, but the general public too as use of social media, smartphones and online transactions rises exponentially.
In 2011, insurer Swiss Life launched an e-reputation insurance to protect individuals’ online reputation.
French group Axa is offering a “complete family protection” package to cover all digital risks.
Nevertheless, “the market is still not mature. Many clients do not sufficiently evaluate the difficulties they may encounter on the Internet. There’s still a lot of educating to do,” said a spokesman at Swiss Life.
According to software maker Norton, around 556 million people were the victims of cyber crime in 2012 with the losses estimated at 80 billion euros.