Cyber insurers are seeing increased demand from cities and municipalities as a result of recent high-profile cyber incidents, said a panel of experts speaking on Advisen’s quarterly cyber risk trends 2018 Q2 webinar.
In just the past few weeks, for example, two municipalities in Alaska were essentially shut down due to cyberattacks, and earlier this year Atlanta was subject to a ransomware attack that impacted many of its critical municipal systems.
“Municipalities and public entities are very much low-hanging fruit for hackers,” said Brad Gow, global product leader at Sompo International. “In terms of information, they are a pot of gold. They have mortgage documents, deeds, birth and death certificates, medical records, and military discharge records,” among other information.
One challenge for municipalities is decentralization, multiple entities running different operations with different exposures.
For example, “You have a county or city, or combined county and city, that runs a transit operation, an airport, schools, a library, and real estate revenue operations for writing permits and collecting taxes,” said Erin Walters, national practice advisor, technology, privacy & network risk at USI Insurance services.
“There are so many different components within municipalities, you really have to look at everything and where the potential loss may be,” said Walters. “If they are shut down for a period of time where is your loss going to be? Where is your extra expense going to be? What’s your loss of income going to be if you cannot operate?”
Budget considerations of municipalities also present challenges.