What Black Mirror and Cyber Risk Have in Common
Black Mirror, a British science-fiction Netflix series, has gained popularity among viewers since its release in late 2016. The series dives into new technologies in futuristic or near-future settings. The stand-alone episodes explore a twisted, high-tech world where humanity’s greatest innovations and darkest instincts collide (IMBD).
One episode of the series focuses on hacking for blackmail. In “Shut Up and Dance,” the third episode of the third season, a hacker breaks into a series of personal devices, steals personal information, and blackmails the device owners into performing a variety of criminal acts in a dystopian-justice scenario.
Black Mirror is a science-fiction series fabricated in the minds of the writers and directors, but based upon reality. Last week we learned that the Equifax breach had become even larger, with Equifax reporting that another 2.4 million were impacted bringing the total to 147.9 million. The information compromised included names, addresses, social security numbers and any active credit disputes.
Related: Download the Infographic – Cybersecurity is No Longer Optional – Plan to Prevent Threats
Cybersecurity is no longer optional; not today, not in the future. A cyber breach will impact an organization on many levels, including human, operational, reputational, and financial. Large, small, public and private organizations are at risk. Today, 65 percent of all businesses with fewer than 1,000 employees have been hacked. The chance of a breach striking an organization increases every day. A hacker needs one access point into your organization’s information to create a cyber crisis. What can you do to protect your organization and people?
One layer of protection is cyber liability insurance. Firestorm COO, Hart Brown, recently sat down with Security Magazine to discuss what you need to know about cyber liability insurance.
Hart Brown: In the simplest possible terms, cyber liability insurance is a means of weeding out inadequate software providers and of holding people accountable for doing their job properly. Just like with any other insurance policy, there are certain conditions which must be met before a policy is issued. This helps to set a minimum bar for the cybersecurity of an organization and its suppliers. It gives you peace of mind that should you be struck by a cyber incident you will be able to access some funds to manage the response and get back up and running. Just as importantly, if you choose to only work with partners and suppliers who have cyber liability insurance it gives you the confidence that should their incompetence cause harm to your business then you will be able to successfully file a claim and get compensated. Sure, you can also try to sue those without it if you can demonstrate they were the cause of the loss. However, it won’t do much good if they don’t have the resources to cover the liabilities!
Q: How big is the market?
HB: The cyber liability insurance market is still in its relative infancy with many insurers having only recently started selling polices at any real volume. Right now, the estimated written premiums for policies around the world is valued at $2.5 billion. Yet, Allianz estimates published in the Financial Times last year suggest the figure could grow to $20 billion by 2025. Cyber-related risks are significant, so your premium will be high too. However, that doesn’t mean it won’t deliver good value.
Additional questions include:
Q: What isn’t cyber liability insurance?
Q: What should boardroom professionals know about cyber insurance? How does it work, and if the need arises, how do they file a claim?
Q: What are the key considerations when procuring cyber liability insurance?
Q: What factors do insurers take into consideration when pricing cyber insurance? What can companies do to reduce their premium?
Meet the Hacker
Hart is a former Program Director for the U.S. State and certified ethical hacker with more than 20 years’ experience. On March 25th, he will test the cyber response of DRJ (Disaster Recovery Journal) Spring World Attendees. During his Meet the Hacker exercise from 1-2:30 p.m., Hart will conduct live hacking demonstrations using actual techniques and tools. Attendees will engage in trying to mitigate activities and impacts while responding to the escalating crisis and security elements in real time. This hands-on session will test and benchmark attendees’ knowledge and plans against an ‘Ethical Hacker.’
Unable to attend the DRJ Spring World and Hart’s session, but interested in a live hacking demonstration for your organization? Contact us and we’ll schedule a date and time for your organization to experience an ‘Ethical Hack’ with Hart. Cybersecurity is no longer optional – the time to plan and test is now, before the hacker gains access.