Telecom and Logistics Associates 

new6.gif (1031 bytes) TLAalert    Security Service 
Translate this page from:  publication: Christian ALT 
  Save Time and Money

TLAnews: Security NEWs Service

 11.7.2000 SecurityHacker Insurance offered by Lloyd's
Lloyd's of London will offer up to $100 million in insurance coverage to clients of computer security management firm Counterpane Security Inc. against hacker losses to their business or their customers.

En français: La Lloyd's offre ue assurance anti-hacker
La Lloyds va offrir jusqu'à 100 million en couverture d'assurance aux clients de l'entreprise de sécurité Counterpane Security Inc. en cas de perte dues aux pirates sur leurs affaires et sur leurs clients. 

Home
Consulting
Tech Doc
FW-1 FAQ
Training
Products
TLAnews
Archive
Advertising
 

TLAnews.com
Information for security concerned people

 
Register to TLAnews letter
English version

Counterpane in its announcement Monday claimed to be the first Internet security service provider to provide a guarantee of direct financial reimbursement in the event a hacker breaks through its defenses and uses customer data. The guarantee is underwritten by insurance brokers Frank Crystal & Co. and SafeOnline, with additional coverage available for purchase from Lloyd's, the world's leading insurance market.

``This is not for your home user, this is for Yahoo!, this is for CDUniverse, which lost all those credit card numbers (to a hacker) in January,'' said Bruce Schneier, chief technology officer at Counterpane. ``It's threat-avoidance. This, along with monitoring, is just another arrow in your quiver.''
Résumé en français
Après l'annonce faite par Counterpane, il s'agirait de la première assurance de ce type selon les dires de cette entreprise.

Il ne s'agit pas d'une assurance pour le particulier mais pour les entrepeises comme Yahoo, CDUniverse. Dans la prestation sont inclus les firewalls, anti-virus et une surveillance constante ainsi que d'autres mesures de sécurité.

Selon les analystes ce nouveau marché peut représenter des sommes colossales, qui iront de paire avec l'extension du commerce électronique. Les assureurs sont néanmoins sur la réserve car ils estiment ne pas avoir d'outils pour mesurer le risque.


Standard computer security includes firewalls, antivirus software that is updated weekly and systems that can prevent the entry of hackers. But experts say much of that software contains weaknesses that can be exploited by enterprising hackers.

The most common forms of unauthorized computer intrusions are still viruses, stolen laptop computers and employees abusing their Internet privileges. But businesses increasingly are reporting more serious incidents, including system penetration from the outside, financial fraud, data network sabotage, or denial-of-service attacks — a deluge of repetitive requests sent to clog a Web site's computers until they seize up.

Various organizations have estimated that hacker attacks this year have cost businesses tens of billions of dollars, mostly in lost time. A study released last week by Jericho, N.Y.-based Reality Research estimated businesses worldwide will lose more than $1.5 trillion this year due to computer viruses spread through the Internet.

Counterpane's Schneier said a $20,000 annual premium will provide coverage for $1 million in hacker losses; the cost rises to $75,000 for $10 million in losses. The price any additional coverage, up to $100 million, must be negotiated with Lloyds.

Some regular insurance policies pay hacker losses under loss-of-business or act-of-vandalism clauses, but there are few policies written to specifically cover hacker attacks. And those that do often carry premiums that start at $100,000 and run up to $3 million.

Analysts say the hacker insurance market is expected to grow to billions of dollars in annual premiums by the end of the decade, reflecting the growing popularity of electronic commerce. But insurers have been reluctant to be the ground-breakers because there currently are no effective tools for measuring the risk.

INSUREtrust.com also assesses security risks, but provides protection only for what it calls ``residual risks.''

IBM and Sedgwick Group PLC, the world's third-largest insurance broker provide products ranging from security reviews to compensation for lawsuits brought by victims of online credit card fraud. And International Computer Security Association, an Internet security company, announced in 1998 it will pay corporations up to $250,000 if hackers successfully crack its computer system.

 
Author information.
Copyright © [Telecom and Logistics Associates Sàrl]. All rights reserved.
Revised: juillet 10, 2000 .

All information provided is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the facts of the particular situation.