Network World reports on cyber insurance policies. While an attractive safety net for companies handling data, the policies don't always cover as much of the costs resulting from a data breach as some originally had hoped. Heartland Payment Systems discovered this after its 2008 breach, for example. Larry Ponemon, CIPP, of the Ponemon Institute says policies tend to "have limitations and constraints similar to act-of-God provisions, and that has created a lot of uncertainty about what is covered and what the risks are." Another expert notes that an organization's cyber insurance application may be accepted, but that doesn't mean that the insurance offered will be worth having. Editor's Note: The IAPP recently hosted a Web conference on Evaluating Cyber Liability Insurance. The archive is available on our website.
If you want to comment on this post, you need to login.