According to Symantec, a record-setting nine mega-breaches were reported in 2015, each compromising more than 10 million records. But cybercrime affects more than just large companies. Microsoft says 20 percent of small to midsized businesses have been victims of cybercrime as well.. Fitch estimates the 2015 cyber insurance market to be close to $1 billion in direct written premium, and estimates the market could grow to $20 billion by 2020.With cyber risks growing rapidly, directors and officer also need to be wary of the post-breach lawsuits. D&O and E&O policies often exclude cyber risks, so insurance buyers need to know their policy language.
The heat is on from the government as well, with federal agencies routinely investigating not only criminal hackers, but also the hacked corporation, which could be subject to regulatory investigations, fines and more.
Insurance companies are also subject to cyber regulation. New York State just announced regulations that require insurance companies and other financial services institutions to maintain a cybersecurity program. The proposed regulation is meant to protect consumer data and financial systems from terrorist organizations and other criminal enterprises.