Data protection in the current IT landscape

Numerous companies and organisations struggle when it comes to understanding how to deal with cybersecurity and data protection issues. However, the vast majority are aware that they have to put effective strategies in place to safeguard their business from cybercriminal attacks.

The amount of online services and the ensuing exchange of personal data are constantly on the rise, with present business models relying on cutting-edge IT services and connectivity to meet consumer demand. With connectivity comes potential threats from external sources.

Traditionally, data protection strategies have been based on a three-level framework:

• Staff awareness: making sure employees are informed on the current threats.

• Process: a seamless, applicable process to mitigate hazardous malware, ransomware or cyber-attacks.

• Technology: modern endpoint’s technology protection (such as firewall or anti-virus).

However, albeit the above steps are crucial, they do not completely guarantee the safety of an organisation. Hence the staggering increase in popularity of cyber insurance. Indeed, this business is growing almost at the same pace of the threats it is intended to cover. In 2016, the cyber insurance market accounted for an astounding $2.5 billion worldwide, projected to rise to $7.5 billion in 2020.

Obstacles to cyber insurance coverage

Nonetheless, both insurance companies and the consumers have a number of barriers to overcome.

From the insurer’s perspective:

• Ever-evolving cyber-attacks.

• Lack of data on the risk involved.

• Tunnel vision in coverages offered.

• Potentially dangerous risk accumulation.

From the consumer’s perspective:

• Inability to fully understand the cyber-risk, or the insurance options available.

• Hesitation in apportioning a part of the risk to a third party.

• Lack of standardization in cyber policies (as yet, there are no common terms for cyber risk resulting in differing terminologies from carrier to carrier).

• Ever-changing legal landscape.

• Cyber-risk often included as part of a broader range of coverage.

Cyberwatching.eu can help both parties better understand the legal framework, difficulties of interpretation and even support R&I teams.