Remarks made during a CRN debate that cyber-insurance is "not worth the paper it's written on" have been blasted by an insurer working in that part of the market.
Reseller bosses came out strongly against cyber-liability insurance during a panel session at the recent CRN/Channelnomics Online Security Summit, which you can register to view here.
Marty Legg, cloud services director at SecureData, branded cyber-insurance - a market now estimated to be worth well over $2bn (£1.3bn) annually - an "immature way" of dealing with cyberthreats. Meanwhile, Garry Sidaway, senior vice president of security strategy at NTT Com Security, dismissed it as "not worth the paper it's written on". Sidaway has since expanded on his viewpoint in an opinion piece for CRN.
Graeme Newman, director of CFC Underwriting, which bills itself as a pioneer of this class of insurance in the London market, got in touch with CRN to say he was "gobsmacked" by the comments, which he read in our original story.
"I find the comments by Garry and Marty somewhat disturbing," he said.
"Would the providers of home alarm and security systems tell their customers not to purchase home insurance? Their equivalent argument would be that home insurance just pays for your financial loss but can do nothing to replace the sentimental value of lost items."
Newman (pictured below) added: "It doesn't matter whether you're covering cyber-risks, physical property or general liability - neither risk management nor insurance work in isolation, nor does one substitute the other. There is no way that the cyber-insurance market would come out and say 'don't buy any security technology, just get yourself a cheap insurance policy'. It is obvious to all involved that insurance is not seen as a substitute for risk management, but the two are designed to go hand in hand."
These views do not appear to be entirely inconsistent with Sidaway's, however, with the NTT Com Security chief arguing in his comment piece this week that insurance should never be considered "without having a robust strategy for preventing security breaches in the first instance".
Lior Arbel, chief technology officer at Performanta Ltd, another IT security consultancy, also had reservations about the growing use of cyber-insurance, saying it "ignores that the damage from a cyberattack goes far beyond specific infrastructure or hardware damages".
"The full effect of a cybersecurity attack could involve not only the loss of precious data, and the loss of trust, but also result in irreparable reputational damage with customers. Priority for budget must therefore be in technologies and strategies to prevent the cyberattack in the first place," Arbel said.
During the CRN debate, Legg described cyber-insurance as an "interesting new shoot" of how firms deal with cyberthreats, but argued it is a "very odd way of dealing with it".
"It's not particularly expensive and they feel all of a sudden I've got another tick in the box," he said. "But I feel it is an immature way of dealing with it. But I don't underestimate it..."
Sidaway then chimed in, demanding "you ask Sony about cyber-insurance!", arguing that, unlike car insurance, it is tough to quantify what exactly is being covered.
"So for me, it's a difficult one to justify," he said. "I understand why people are going that way but when it comes to a breach, or an incident, it's really not worth the paper it's written on."
Symantec contributes $400m to Broadcom's revenue
'Three of the directors had COVID at the same time' - how this security VAR battled the pandemic and is back in growth mode
After a rollercoaster few months, with three of its directors falling ill, Saepio has seen revenue double in July and August
Remote working tech expected to get boost from ongoing pandemic
Cybersecurity provider saw sales rise 41 per cent in last fiscal year
Canalys forecasts that overall security market will grow by 2.5 per cent this year even under a 'worst case scenario'
Vendor giant appoints new regional directors across UK and Ireland, Southern Europe, Nordics and DACH regions
UK-based partners also named as among first resellers to join vendor's new certified deployment programme
Is jacking it all in to follow a dream worth it? CRN catches up with six former channel bosses to find out....