everyone: older news
What is Wrong with Cyberinsurance?
by Brent Kirkpatrick
(Date Published: 9/10/2018.)
What is wrong with cyberinsurance?
Hi, my name is Brent Kirkpatrick. Today, we are going to talk about a response to a recent article in the Wall Street Journal. The article is titled "Big Cities Insure Against Cyberattacks", published last Friday. The reference will be at the bottom of this article.
This article claims that the city of Atlanta, with its recent ransomware attack, that the cost of that attack was more than twenty million dollars. And that is one of the reasons that a number of cities around the country are purchasing cyberinsurance planes. For example, this article states that the city of Houston bought three different cyberinsurance policies, from three different companies, for a total of 10 million for each plan, total of 30 million dollars coverage and the total premium is 471 thousand. Fort Worth purchased a five million dollar coverage plan, just one of them, and their premiums are 99 thousand. And the city of Seattle is self-insured.
This seems like a perfect way to address concerns about cyberattack. If there is a big event, naturally, we would by insurance. But what is wrong with cyberinsurance?
Well the premiums, the money from the premiums, goes and sits in a bank account until one of the people who purchased the policy gets attacked by cyberattack. Then the premiums collected from all the cities are used to pay out to the one city or several cities that actually experience a cyberattack. So, cyberinsurace is a way to spread out the pain, the cost, of the big event, the big cyberattack, a way to amortize the cost of a cyberattack across multiple parties that help pay for it.
What is wrong with that? The biggest problem is that the premiums are paid and they sit in a bank account until something happens. Cyberinsurance is not a solution, it is just a way to pay for a big problem. We would be better off if we invested in developing solutions. So, if we took the money that was paid in for premiums, if we took that and invested it in research to develop actual solutions. We would be better off. We would be investing in our future.
Trojan Hunter (TM). Digital forensics for Trojans at an accessible, fixed price. For any operating system.