Cyber Insurance is a relatively new method of helping to mitigate cyber risk in an organization. It
Question:
Cyber Insurance is a relatively new method of helping to mitigate cyber risk in an organization. It seems really silly on its surface. Why would you pay an insurance company in case you get hacked and all your data is posted online? What can the insurance company actually do to help you recover from such a scenario? Shouldn't we be spending that money on people/equipment that will actually help reduce/respond to cyber incidents instead of insurance once our defenses fail? Discuss.
How do you feel about cyber insurance? Do you believe it is worth a company to invest in cyber insurance? Should a company 'eat the cost' of a cyber incident, possibly going bankrupt, or adopt cyber insurance just in case something happens? What obligations does a company have to fulfill their insurance plan so they do not lose their coverage? There are arguments against having even just car insurance that could also apply to cyber insurance. Do you believe this arguments hold merit in the cyber realm? Is this is good long-term strategy to risk avoidance or is it merely risk transference?