"The Sept. 11 terrorist attacks, which may cost
insurers up to $40 billion, will further weaken an already ailing
industry. Fewer reinsurers will share the risk borne by insurance
carriers, shrinking the supply of available coverage. That will
almost certainly result in upward pricing pressure on
cyberinsurance - a market the Insurance Information Institute
estimates could generate $2.5 billion in annual premiums by 2005.
"This is the toddler stage of a hard market," said Brian Brown,
Zurich Surety's regional manager for e -business solutions. Large
reinsurers were skittish about cyber-risk coverage long before
global networks were rocked by the Code Red and Nimda worms. And
the reinsurers continue to fear that all of their cyber-risk
clients could get hit by worms - and file claims - at the same
time. The worms are "potentially an earthquake across the entire
Internet. And we underwrite against that," Brown said.
Insurers are also paying more attention to software. This
summer, J.S. Wurzler Underwriting Managers raised premiums by up to
15 percent on clients that use Microsoft's Windows NT or Internet
Information Server. Wurzler found that system administrators who
use open source systems tend to be better trained than those who
use Microsoft. Wurzler's stance was bolstered last week when John
Pescatore, Gartner's research director for Internet security,
advised companies that were hit by both the Code Red and Nimda
worms to quit using IIS immediately and switch to more secure
platforms like Apache."