Businesses using technology for compliance reasons are likely to find the lack of cyber attack data makes risk management and insurance more complicated.
Speaking to Businessesinsurance.com, Tim Stapleton, assistant vice president and product manager of professional liability at Zurich North America in New York, said that the shortage of information available about data security breaches makes risk management decisions a challenge.
He explained that as few organizations are willing to publish reports about their own data breaches, most companies are dependent on general statistics provided by the Ponemon Institute and Verizon Communications.
"A lot of insurers are not willing to put their cards on the table when it comes to how much is spent [on cyber attacks]", so chief financial officers "are not getting the benefit of that information", Mr. Stapleton said.
New research by Harris Interactive of 3,400 employees in the US, UK and Australia found that a significant proportion would be comfortable passing on their employer's or client's private data.
Posted by Paul Newman