|
| Current Newswire:
Penguinista.org: CRACKER Insurance: they're 'crackers,' not 'hackers.'Jul 10, 2000, 21:44 (0 Talkback[s])(Other stories by Brent Toderash) [ Thanks to Brent Toderash for this link. ] "C|Net is running a story today (as is ZDnet) reporting that Lloyd's of London will offer up to $100 million in
insurance coverage to clients of computer-security management firm
Counterpane Security against hacker-related losses to its business
or its customers.
How nice. But naturally, I have a few complaints to make - and here
they come."
"First, let's be clear that this is already old news. Back in mid-February, HP announced that a group of HP users, Interex, had arranged insurance for loss of ecommerce revenue through J.S. Wurzler, and American International Group (AIG) began offering "hacker insurance" in January of this year through Tri-City Brokerage, Inc., but according to the product info, this is now underwritten by Lloyd's." "Besides - and this is the biggie - I question the ability of the insurance industry as it stands to properly underwrite this exposure. Don't forget, you simply can't innoculate yourself against DDos attacks, no matter how much fear they spread... and that's the exact reason you want this coverage, isn't it? For circumstances beyond your control? I'd suggest managing your risk through whatever the IT department comes up with, backed with contract language. Maybe you're asking your provider for an uptime guarantee that is broad enough to include outages as a result of DDos attacks - but if you're the provider, you shouldn't be giving such assurances, because as you recall from a Penguinista report last February, you can't. DDos attacks are the standard motivation for insurance, but remember the phrase, "Well, you weren't cracked, you were smurfed." Related Stories:
|