Demand for cyber insurance has surged in light of recent high-profile attacks including a breach at entertainment retailer CeX which compromised the details of up to 2 million people, according to a leading expert.

Belfast-based Willis Insurance and Risk Management (Willis IRM) said it had experienced a 50 per cent hike in demand over the past year.

The CeX breach resulted in personal data including names, addresses, phone numbers and email addresses being stolen by criminals.

Encrypted data from now expired credit and data cards dating from before 2009 were also taken.

Leslie Dick, Management Risks Client Director, Willis IRM
Leslie Dick, Management Risks Client Director, Willis IRM

Willis IRM Management Risks Client Director Leslie Dick said the incident and others had acted as a wake-up call to firms:

“This attack on CeX is clearly a major breach given the numbers of customers affected. However, it could have been much worse had the company not ceased storing credit and debit card information in 2009.

“It also leaves other organisations vulnerable as many of the personal details used by customers will mirror those used elsewhere meaning those who stole the data may be attempting to use it, for example at financial institutions, to carry out further fraudulent activity.

“It followed several other high-profile incidents including the WannaCry attack in June which crippled thousands of computers in hospitals across the UK and in firms and public bodies in more than 150 countries worldwide.

“What both incidents show is that a wide range of businesses are vulnerable to cyber attack, from smaller firms to large multinational corporations and public bodies.”

It is estimated the worldwide cyber insurance market is worth around £3 billion in premiums annually but analysts believe this could reach more than £15bn by 2025.

Leslie added:

“The industry has already experienced significant growth in the past year as reports of cybercrime become increasingly prominent.

“We have seen the number of clients taking out cyber insurance policies increase by 50 per cent since 2016. Enquiries have picked up again following the CeX breach.”

He said the costs of cyber attacks to businesses could be considerable:

“A UK government survey put the average cost of attacks to small businesses at between £65,00 and £115,000 while for larger firms, the cost is typically between £600,000 and £1.15m.

“These costs will only rise as the amount of information stored and transferred electronically continues to increase.

“No business could ever be fully protected against cyber attack but seeking robust insurance cover can provide protection for the effects such as extortion costs, system reinstatement and other costs resulting from regulatory issues raised by a breach of personal data.”

Willis IRM is hosting a free cyber crime seminar, covering both proactive and reactive solutions for businesses, at the new Titanic Hotel, Belfast on 5th October.