Cyber insurance, as Tryg points out in this article, is a growing trend for businesses...and rightly so.  As Mr. Hubbe implies, it will become as common as insurance on buildings and cars.  As important though as it is, it is not going to solve all cyber risk issues.

Companies need to be able to accurately assess their cyber risk, in terms of external factors, such as their market presence, industry, profile and location, as well as internal factors such as the controls they have in place to mitigate cyber risks, how they are adherred to and how they would respond to an incident.  They should be able to gain a concept of the value at risk through cyber, and thus make informed decisions on how to seek additional protection through insurance and other measures.

Not only do these assessment excercises help the internal thinking and protection within companies, it also provides comfort to insurers which may lead to more attractive terms from them.

Therefore, performing an independent and comprehensive cyber risk assessment is something companies of every shape and size should consider, in addition to cyber-insurance.