The organization feels that this coverage is required for better EU IT security.
The European Network and Information Security Agency (ENISA) has released a report that claims that the European Union is in dire need of significant improvements to its cyber insurance marketplace in order to encourage companies to better protect their data and information systems.
The report showed that the current EU marketplace is lagging behind the United States.
It pointed out that there are only a small few insurers that are even offering cyber insurance, and that they are almost insignificant when compared to the 30 or 40 carriers selling these products in the U.S.
The agency has also suggested that if the European marketplace for these specialized products was in better condition, then the IT security would be greatly improved, both for individuals as well as businesses.
It indicated that cyber insurance providers would help to solidify current standards for IT security.
It also said that these insurers would then be able to lower the premiums that would be charged to companies that were conforming with those standards. The ENISA report said that “If a company can show that it has adopted a set of practices generally considered by the community to be worthwhile things to do with respect to cyber-security, then this will reduce information asymmetries and better demonstrate to the market that the firm takes security seriously.”
With a reduction in the premiums, it would be easier to encourage businesses and individuals to use IT security products which have undergone industry testing and certification, instead of those that are marketed well but that are relatively ineffectual in comparison.
The ENISA report stated that this is the opportunity to allow the cyber insurance marketplace to do its part for “overall social welfare”. The organization believes that this goal can be accomplished when the market keeps poor security under control in the private sector, without pushing the cost of that outcome, as well as its liability, back into the public sphere.
The report went on to suggest a number of measures that can be taken by European policy makers to assist in jumpstarting the cyber insurance marketplace among those countries.