The second annual cybersecurity survey from research and consultancy firm Ovum, for Silicon Valley analytics firm FICO, found that the number of Indian firms with cybersecurity insurance was 82 percent. This places India second, behind only the UK across the 11 countries surveyed. However, the number of firms reporting comprehensive coverage sits at about half (48 percent) showing there is still a level of risk taken by business in India.
“It is very encouraging to see the high uptake of cybersecurity insurance across India,” said Vishal Goyal, country manager for India at FICO. “India has a well-developed IT sector and is on the front-foot with this issue. The data breaches in India in the past 12 months have continued to have an impact on local businesses, so there is recognition that insurance plays an important role in risk mitigation and is an important consideration to minimizing disruption.”
Last year, a study by the Ponemon Institute investigated the cost of data breaches to Indian companies and discovered that in 2017 the average total cost increased 12.3 percent, the size of breaches increased 6 percent and the loss of existing customers increased by 4.3 percent.
When FICO’s respondents were asked if they felt their insurance premiums were based on an assessment that accurately reflected their risk profile, 44 percent of firms said yes. Only 17 percent said firms said premiums were based on an inaccurate analysis, 32 percent said they were based on industry averages and 7 percent on unknown factors.
Indian telecommunications firms were the most likely to have cybersecurity insurance – 80 percent had insurance while 60 percent reported it as comprehensive to their level of risk. This compares well to financial services, where 40 percent of firms have comprehensive coverage.
“Indian companies are clearly leading the way when it comes to the take-up of cyber-insurance, with almost half having a comprehensive policy and a further one-third with at least some cover,” said Maxine Holt, research director at Ovum. “Around two-thirds of surveyed organizations in India either use software to give a breach likelihood score, or use an external agency to carry out risk assessments.
Ovum conducted the survey for FICO through telephone interviews with 500 senior executives, mostly from the IT function, in businesses from the UK, the US, Canada, Brazil, Mexico, Germany, India, Finland, Norway, Sweden and South Africa. Respondents represented firms in financial services, telecommunications, retail and ecommerce, and power and utilities.
In July, FICO announced that it is offering free subscriptions to the Portrait portal of the FICO® Enterprise Risk Suite, which gives businesses access to their FICO Cyber Risk Score. The score, a machine learning-based cybersecurity rating service, can show organizations how business partners and cyber insurance underwriters see their network security, and can help them benchmark their performance.