Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Monday - Friday, 6-9 a.m.
Hosts Tom Temin and Emily Kopp bring you the latest news affecting the federal community each weekday morning, featuring interviews with top government executives and contractors. Listen live from 6 to 9 a.m. or download archived interviews on our daily show blogs.
Vendors see a growing need for cyber insurance
Tuesday - 6/21/2011, 10:30am EDT
Federal News Radio
After recent cyberattacks on major companies such as Sony, Lockheed Martin and CitiBank, more industries are protecting themselves with cyber insurance.
Like other insurance types--home, life, auto--cyber insurance provides protection in case of critical data loss or other virtual disruptions that impact the business or economic structure of organizations.
Although cyber insurance is not new, there is a significant demand for companies to invest in more cybersecurity, said Larry Ponemon, chairman and founder of the Ponemon Institute, which provides privacy, data protection and information security policy for organizations in the private and public sectors.
"I think organizations--because of fear and concern and the reality that cyber crime is getting worse--are really starting to think that this might be a good backup mechanism to reducing their risk," said Ponemon in an interview on the Federal Drive Tuesday.
Ponemon said the risk is growing to companies, including federal contractors, because of a lack of industry standards for securing systems.
"We know there are security standards in place, but there is a lot of variance across industries," he said. "If we do it correctly, we need to have a standard that insurance companies are comfortable with. But right now, standards vary by industry and organizational size, and are not mandated by anyone."
Ponemon said his organization is looking into the cost of data breaches to industry. He said for a breach of 1,000 people to 100,000 people, the cost for a company could be as much as $8 million.
"It's not just cash resources, but lost customer support and a lost of reputation," he said. "What will happen initially is certain features of a breach that can be measured will be insured, but other features such as soft cost may not be included initially."
As the number of cyber-related attacks increase, small companies are finding that they are not exempt from hackers or security intrusion.
Ponemon said small to medium-sized businesses are at a greater risk of security issues, because, in part, they have fewer resources for protection.
As for the future of cyber insurance, Ponemon said he expects demand to increase over the next two-to-five years, particularly for industries that vary in type and size.
"The industry is starting to blossom," he said. "Organizations fear cyber breaches or attacks and are starting to see this as a good back up mechanism to reduce risk."
Courtney Thompson is an intern with Federal News Radio.
(Copyright 2011 by FederalNewsRadio.com. All Rights Reserved.)
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.