The Cybersecurity Investment Opportunity Everyone Is Missing

With cyber-attacks on U.S. corporations hitting more and more frequently, many investors have already realized that cybersecurity companies have a bright future.

But cybersecurity isn't the only business experiencing growth as a result of the rise in cyber-attacks.

As the attacks have increased, so have losses, creating an opportunity for insurance companies.

The Betterly Report, which tracks specialty insurance products, said in a report last year that it expected cyber-insurance premiums for 2012 to add up to about $1 billion in the U.S. alone.

Betterly expects that figure to rise by 20% this year.

With cyber-attacks now hitting companies large and small, and in almost every industry, cyber-insurance, like cybersecurity, has years of growth and evolution ahead of it.

"Clearly, people are now paying attention. Cybersecurity is no longer a footnote in the needs of supporting a business end-to-end," Frank Cilluffo, director of George Washington University's Homeland Security Policy Institute, told FOX Business.

Just yesterday (Tuesday), hackers slowed access to the consumer website of JPMorganChase & Co. (NYSE:JPM) in a "denial-of-service" attack, which floods a site with bogus requests.

It was the latest in a series of cyber-attacks on U.S. companies, including Apple Inc., Facebook Inc. (Nasdaq: FB), Bank of America Corp. (NYSE: BAC) and The New York Times Co. (NYSE: NYT).

And with many companies reluctant to publicize every incident, the actual threat is much bigger than most people realize.

"There are far, far more attacks than are being reported," Roy Zisapel, CEO of networking solutions company Radware (Nasdaq: RDWR), told FOX Business. He estimated that companies admit to only about 1% of all cyber-attacks.

Losses Create Need for Cyber-Insurance

Some cyber-attacks can cost a company by thwarting productivity and damaging its reputation, like the JPMorgan attack. Other cyber-attacks seek to steal customer credit card data or a company's intellectual property.

And besides the harm inflicted by the breach itself, companies may need to pay for damage control, especially if customers are affected.

All cyber-attacks inflict losses.

A study by the Ponemon Institute last year found that cyber-attacks cost 56 U.S. companies an average of $8.9 million annually, ranging from $1.4 million to $46 million. The companies reported an average of over 100 cyber-attacks per week, a 42% increase from the previous year's study.

Estimates of the total losses inflicted by cyber-attacks on businesses vary widely, but generally fall in the range of hundreds of billions of dollars.

Security software company Symantec Corp. (Nasdaq: SYMC) estimated the global cost of cyber-attacks at $388 billion in 2011.

Corporate leaders have taken notice. A recent survey of 258 executives taken by insurance giant American International Group Inc. (NYSE: AIG) revealed that 85% were very or somewhat concerned about cyber-attacks, and particularly about income loss (82%), property damage (80%), and securities and investment risk (76%).

"It's becoming a C-suite problem," John Gambale, head of Professional Liability & Lexington Financial Lines at AIG, told CNBC.

Insurance Companies Winning Cybersecurity Dollars

The pronounced concern among executives is making cyber-insurance a relatively easy sell.

In a Deloitte survey of business executives taken last week, 58% said they expected to increase spending on cybersecurity in the next year and 79% said they lacked faith in their current cyber-defense measures.

The biggest opportunity may be with small and medium businesses, as they face similar threats but many haven't gotten around to buying cyber-insurance yet.

And a joint study by the U.S. Secret Service and Verizon Communications Inc. (NYSE: VZ) showed 72% of all data breaches happened to small and medium-sized businesses and cost an average of $5 million per attack.

Dozens of insurance companies should benefit from this trend.

Some of the major players in cyber-insurance include AIG, The Chubb Corp. (NYSE: CB),The Travelers Companies Inc. (NYSE: TRV), CNA Financial Corp. (NYSE: CNA), Marsh & McLennan Companies Inc. (NYSE: MMC) and Hartford Financial Services Group Inc.
(NYSE: HIG).

Some companies have already seen huge increases in sales of cyber-insurance.

Maria Treglia, chief sales officer at Program Brokerage Corp., a division of privately held HUB International, told CNBC that cyber-insurance sales at her company had increased tenfold in the past year.

And such sales leaps could continue for years.

According to a recent survey by Chubb, 65% of public companies still don't have cyber-insurance, even though a quarter of the respondents said they expected a cyber-attack on their company within the next year.

"That's cyber-insurance in a nut shell," Jacob Olcott, a principal with Good Harbor Consulting's cybersecurity team, told The New York Times. "Everybody needs it, and most companies don't realize they don't have it until it's too late."

Related Articles and News:

[epom]

Recommended