Is the insurance industry facing a Cyber-Cat? Thousands of websites at risk to heartbleed bug...
Create a vendor selection project & run comparison reports
Click to express your interest in this report
Indication of coverage against your requirements
A subscription is required to activate this feature. Contact us for more info.
Celent have reviewed this profile and believe it to be accurate.
9 April 2014Craig Beattie
No no - I'm not referring to an animated cat on an App but rather the announcement yesterday regarding the Heartbleed bug affecting the security of over 50% of the Internet according to some estimates. The bug affects the OpenSSL package and is believed to have been in the package since 2011. It affects the way the package deals with heart beat messages, hence the moniker given to the bug. There are already tools in use that exploit the bug and provide access to recent user data on compromised servers. There have been security alerts before with many large brands facing fines and media inquiries about their losses but this bug potentially affects hundreds of thousands of websites and many businesses globally, but why characterise this as a catastrophe and why would insurers be interested? In the last 2 to 3 years with the cost of data breaches growing significantly businesses have been offsetting the risk of a breach or loss through Cyber Liability Insurance Covers. Whilst the practice and cover is arguably in it's infancy it's popularity suggests that this sort of event could constitute a significant liability to insurers globally offering this cover. Further the event has some characteristics in common with other events requiring catastrophe response:
- Many insured are at risk.
- The event will likely draw the attention of governments and regulators.
- Swift response will mitigate further loss.