Consumer credit reporting agency Equifax has become one of the latest victims of large-scale cyber hacking after the firm reported a data breach had exposed personal information of 143 million Americans and up to 400,000 UK customers earlier this month.
The firm is undergoing a Federal Trade Commission investigation of the company’s handling of the breach and could be subject to an insider trading probe.
Lloyds of London CEO Inga Beale said the Equifax breach serves as another reminder that no business is immune to the growing cyber hack threat, and that large-scale events like these catalyse the development of cyber protection and insurance as entities learn from damage assessment.
Speaking to Bloomberg’s Emily Chang, Beale said; “No business is immune from being hacked, and however complacent people might be, they really should be very aware of the threat.
“We’ve done some research and it actually showed that about 92% of businesses think they’re going to be hacked but very few of them buy insurance against it.
“And I think a lot of people have a lot of trust in their own risk mitigation, they think they’ve got firewalls, but a lot of breaches actually happen because of human error.
“So we’ve got all of the technology in place, but a lot of the time it’s actually some human mistake, genuinely not malicious but some employee mistake, so no business can think of itself as immune.”
The business world is undergoing a shift in its perception of cyber threat, as government’s and regulators introduce standards for protection of consumer data and firms are prompted to raise the bar in cyber risk prevention and liability protection.
Beale said regulation around the world is coming in and boosting demand for cyber insurance, “so next year, in the E.U., there’ll be data regulation, meaning businesses can be fined a hell of a lot of money if they’re found to not be looking after their customers properly, not looking after their customer data properly, not informing them of breaches.
“Go to other parts of the world where they introduced regulation, go to Australia, they saw a 2000 percent uptick in cyber insurance demand.
“Any headline news about cyber demand gets people thinking differently about it, and they go, wow, I’m not sure I can be immune here.”
As a massive emerging risk to societies and business, cyber has often been cited as one of the biggest re/insurance opportunities of the future, and this year so far has seen firms continue to expand their cyber cover solutions.
However, opinions within the industry vary as to how insurable the risk really is, Swiss Re CEO Christian Mumenthaler recently said he was extremely skeptical about whether or not cyber is a risk re/insurers can carry.
Beale commented that Equifax would serve as yet another learning event, to both re/insurers and businesses as the world comes to grips with the realities of transacting in the digital age: “We’re all learning, now there were an enormous number of customers affected with Equifax. We’re always trying to learn from events, learn from assessment of damages.
“People choose a limit on their insurance policy that seems to make sense at the time, now every time we learn something, we have to reassess the pricing, reassess the scale of damages.”