Feeds

Anti-Hacking premiums 25% higher for Win NT

Third party, firewall and theft

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

An insurance policy against hacker-inflicted damage costs 25 per cent more for companies using Windows NT.

This is because "there are so many security holes in Microsoft products", John Wurzler, of Wurzler underwriting managers, told us today.

Wurzler's stance could be a little unfair - security is far more dependent on how well the infrastructure is designed and set up rather than the products used to build it, we argued.

Wurzler concedes this point but says his company has to charge premiums based on an insured organisation's turnover, the probability of an attack and the chances of success of an attack.

And the interesting thing is that such policies are available in the first place. Wurzler has sold insurance policies of between $5,000-$25,000 and, so far, the highest pay-out has been $200,000

Firms are being encouraged to guard themselves against the effects of a hacking attack on their business by taking out insurance.

Managed security service firms and insurance brokers are developing forms of cyber-insurance that cover Web site security breaches and virus attacks, which are not covered by general insurance business policies.

With the cost of hacking and security breaches put at $378 million in 2000 (according to a recent FBI-backed survey) it seems to make sense to use insurance as a way of managing risk.

Insurance policies, which are available through security firms like Counterpane Internet Security and insurance brokers Wurzler, are generally offered in tandem with a thorough security audit.

The introduction of security insurance policies, and we'll leave it to you to read the fine print on policies and decide which you prefer, could have important implications - if it influences customer purchase decisions on security technology or even operating system. ®

External links

Wurzler
MIS Corporate Defence's insurance policy
... and a policy from Counterpane Internet Security
Computer Security Institute and FBI2001 Computer Crime and Security Survey

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.