BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Indian companies mostly uninsured against cyber attacks

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Tue, 28 Jul 2015 19:46:00 -0600
http://www.dnaindia.com/money/report-indian-companies-mostly-uninsured-against-cyber-attacks-2108378

Indian companies are increasingly suffering huge losses due to rising cyber
attacks that leads to interruption of business and loss of customer data.

However, with only 100-150 policies covering cyber crime liability
insurance being sold in the country, majority companies are inadequately
protected against the growing menace, according to insurance companies.

Financial sector that carries out financial transactions and handles cash
is among the high-risk targets, but most banks in India, barring a few
large private lenders, do not have cyber crime liability insurance.
Industry officials said this could potentially lead to heavy business
losses if the computer systems are hacked and customer data is stolen.

The cyber liability insurance coverage is the lowest in the hotel and
hospital sectors, which has critical data on customers, which if hacked and
stolen, can have devastating impact on clients and patients, and threaten
the business itself.

Sushant Sarin, senior vice-president - commercial lines, Tata AIG General
Insurance Co, said, “While cyber crime insurance is a widely bought cover
which takes care of monetary loss arising out of the loss of financial
data, cyber liability insurance related to hacking of computer systems
leading to business interruption, loss of customer data, bank data and
patient data is a slowing moving product with very few companies buying
such covers. Health records in certain cases if made public can have a
devastating impact on your health. We sell about 30- 35 cyber liability
insurance policies in a year.”

According to home ministry statistics, there have been 62,189 incidents of
cyber frauds till June 2014. About 28,481 websites were hacked in India in
2013 and cyber crimes have cost India Rs 24,630 crore in 2013, according to
a Delhi High Court-commissioned report. India is ranked as one of the top
three targets in cyber crime. According to available statistics, about
71,780 cyber frauds were reported in 2013, while 22,060 such cases were
reported in 2012.

Tanuj Gulani, vice-president - speciality lines & reinsurance, Prudent
Insurance Brokers, said, "New-age businesses like the e-commerce companies
fear network breakdowns more than anything else. Still many e-commerce
companies are not covered by insurance in India. The few policies sold in
the country are bought by the BPOs and the software companies at the
insistence of their foreign clients. The financial sector which transacts
in cash and in financial documents of customers are by and large uncovered
by cyber liability insurance covers.”

Cyber terrorism is ranked as high a risk as political unrest. Industry
experts say it could have a debilitating impact on companies and
individuals. For example, if customers information is compromised in the
US, the company has to individually inform each customer and the cost of
notifying a customer may vary from $10 to $30.

“The hacking business is said to be more profitable than the cocaine
business as customer email is the repository of all sorts of data from
private pictures to financial information like the bank accounts, credit
card details. Even for the traditional brick and motor companies a cyber
liability cover is important. It is electronically possible to control and
blow up a steel plant,”adds Gulani.

In India, such cover is sold only by four companies -- Tata AIG, which is
the market leader, Reliance General Insurance, Bajaj Allianz and HDFC Ergo.

According to an Assocham and PwC report issued earlier this month,
financial frauds leads to approximately $20 billion (Rs 1.26 lakh crore) in
direct losses annually.

This excludes the e-commerce companies and the brick and mortar retailers,
which would have had business losses due to hacking of their systems.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: