Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
Shows & Panels
Monday - Friday, 6-9 a.m.
Hosts Tom Temin and Emily Kopp bring you the latest news affecting the federal community each weekday morning, featuring interviews with top government executives and contractors. Listen live from 6 to 9 a.m. or download archived interviews below.
Vendors see a growing need for cyber insurance
Tuesday - 6/21/2011, 10:30am EDT
Federal News Radio
After recent cyberattacks on major companies such as Sony, Lockheed Martin and CitiBank, more industries are protecting themselves with cyber insurance.
Like other insurance types--home, life, auto--cyber insurance provides protection in case of critical data loss or other virtual disruptions that impact the business or economic structure of organizations.
Although cyber insurance is not new, there is a significant demand for companies to invest in more cybersecurity, said Larry Ponemon, chairman and founder of the Ponemon Institute, which provides privacy, data protection and information security policy for organizations in the private and public sectors.
"I think organizations--because of fear and concern and the reality that cyber crime is getting worse--are really starting to think that this might be a good backup mechanism to reducing their risk," said Ponemon in an interview on the Federal Drive Tuesday.
Ponemon said the risk is growing to companies, including federal contractors, because of a lack of industry standards for securing systems.
"We know there are security standards in place, but there is a lot of variance across industries," he said. "If we do it correctly, we need to have a standard that insurance companies are comfortable with. But right now, standards vary by industry and organizational size, and are not mandated by anyone."
Ponemon said his organization is looking into the cost of data breaches to industry. He said for a breach of 1,000 people to 100,000 people, the cost for a company could be as much as $8 million.
"It's not just cash resources, but lost customer support and a lost of reputation," he said. "What will happen initially is certain features of a breach that can be measured will be insured, but other features such as soft cost may not be included initially."
As the number of cyber-related attacks increase, small companies are finding that they are not exempt from hackers or security intrusion.
Ponemon said small to medium-sized businesses are at a greater risk of security issues, because, in part, they have fewer resources for protection.
As for the future of cyber insurance, Ponemon said he expects demand to increase over the next two-to-five years, particularly for industries that vary in type and size.
"The industry is starting to blossom," he said. "Organizations fear cyber breaches or attacks and are starting to see this as a good back up mechanism to reduce risk."
Courtney Thompson is an intern with Federal News Radio.
(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.