Ed Stroz, co-founder and co-president of Stroz Friedberg, an Aon Company which responds to cyber attacks, says companies need to invest in creating spare capacity in their systems. They should not treat redundancy as a “nice to have” but a “crucial” way to cope with attack, for example, being able to use another production line if one becomes unusable because its controls have been hacked.
With so much uncertainty, companies are inevitably turning to the cyber insurance market for protection. The market is nascent — but that can play to customers advantage, argue many cyber security experts, as insurers are willing to pay out significant costs in order to build their businesses.
Christian Hoffman, national practice leader at Aon Risk Solutions, said more companies are realising that they need to spend on cyber insurance. “From property damage, to product liability, to coverage for business interruption, coverage continues to expand significantly within the cyber insurance market,” he said.
Some insurers are now even expanding directors and officers insurance policies to protect directors for the decisions they made about security and responding to a breach.