My House Is My Castle, and It’s About to Get Stormed

Does cybersecurity begin at home? It appears the answer is yes, at least for high net wealth individuals, as seen by insurance giant AIG. AIG just announced that it is offering cyber insurance to its high net worth personal lines insurance clients. The insurance product will be offered to policyholders of AIG’s Private Client Group who are victims of threats including cyber extortion and cyber bullying.

What will AIG’s clients get under this insurance? Well, according to an article in Insurance Journal, the insurance will cover expenses related to data restoration, and crisis and reputation management, among other claims. In addition, “AIG’s Private Client Group clients receive supplemental risk mitigation services, including a holistic assessment of devices, home networks, wireless access points and secure online accounts; training services for family members; online monitoring that assesses and tracks the availability of personal information; and a set of cyber assistance tools and resources including assistance from experienced fraud experts, provided by the identity and data defense specialist, CyberScout.”

It would seem that effectively evaluating risk posed to high net wealth individuals would be a bit daunting, but other insurance providers, including Chubb and HSB, are already in the home market, and we can expect that market to grow as smart, connected homes become ever more prevalent. We are introducing risk and becoming both more attractive and potentially vulnerable with each new device we add.

So, should you be looking at cyber insurance for your home? Here are some suggestions courtesy of the Wall Street Journal.

Does a service offer protection beyond what I’m already getting? Individuals who keep most of their money in bank checking or savings accounts and use credit cards generally are at less risk…because banks and credit-card issuers typically offer protection against liability for fraud. People with investment accounts should ask advisers and brokerages whether they offer written guarantees that clients will be made whole after a breach. Just 15% of broker-dealers and 9% of advisers have such written policies, a Securities and Exchange Commission survey found.

How much do I have to lose? For people with several million dollars’ worth of liquid and investible assets, the cost of extra security would be negligible…. But even for those with less money, any loss might feel painful, so people should make sure their funds are protected either by the Federal Deposit Insurance Corp., which protects deposits in checking, savings and money-market accounts, or a written policy from the investment firm.

Do I handle valuable financial data or intellectual property? A company executive or the founder of a startup who accesses financial or other sensitive information on a personal device or home computer may be a target. The concern is that hackers may target these types of individuals for their intellectual property or company details, and then make away with personal information while worming through their networks.

Not unlike insurance offerings aimed at the business market, in the end the best value of the home market offerings might lie in the way they offer the ability to strengthen home security defenses and educate people about cybersecurity realities and best practices. Risk reduction is the name of the game.

By Tom Davis, SDI Cyber Risk Practice

April 11, 2017

active