Skip to main content

Bure Valley Group is an investment brokerage business which links successful investors with exciting, innovative UK startups seeking funding. This content is for information purposes only and should not be taken as financial or investment advice.

Everybody’s talking about cybersecurity. Yet what about the insurance aspect, which is vital for helping address things when they go wrong? After all, cyber breaches are still commonplace and will likely continue into the future.

With new technology comes new solutions to people’s problems, but also unforeseen loopholes which malicious individuals, companies and software can exploit. Indeed, in March 2020 alone, data breaches and cyber attacks totalled 832 million records in the midst of the COVID-19 outbreak and lockdown – precisely at the point when many businesses are already on their knees. The total could even be higher, given that it can take over 100 days to discover that a cyber breach has even occurred.

This is where cyber insurance steps in. It’s a form of cover designed to protect a business from unforeseen data breaches, cyber hacks and similar threats in the digital age. In this article, our investment team here at Bure Valley Group explores how the relationship between cybersecurity and insurance impacts investors, and how this is likely to evolve in the near future.

For more information, or to enquire about our latest projects and funding, you can reach us via:

+44 160 334 0827
[email protected]

The future of common cybercrimes

One important question on investors’ minds is the sustainability of cyber insurance. After all, if technology can eventually reach a point where breaches and hacks are almost unheard of, then perhaps cyber insurance has no long-term future. Alternatively, cybersecurity could also evolve at such a pace that loopholes become increasingly impossible to identify and address, leaving companies even more vulnerable to attacks. As such, cyber insurance could become more limited, expensive or possibly unviable.

Here at Bure Valley Group, we do not envisage a near-term future where cybercrime outpaces cybersecurity, or where digitally-based threats are completely eradicated. The near-equilibrium we see in 2020 seems likely to continue for a while. Cybersecurity is here to stay; as are the actors and software which seek to subvert it. This leaves an important continuing role for cyber insurance, which can help companies repair at least some of the damage from attacks such as:

● Hacking. This refers to the partial or total possession of a computer or part of its systems and/or functions. Here, the goal of the attacker is generally to attain sensitive data such as passwords, personal data and financial information.
● Ransomware. Here, malicious code or software intercepts a company’s computer system and encrypts the data. This makes it difficult, if not impossible, to access and/or interpret your own data. The attacker will then hold your data to ransom, demanding a certain payment or asset in exchange for its return.
● Malware. This type of cyber threat involves the installation of malicious software on your company’s computer systems. It might occur through a simple, innocent action by an employee such as opening a malicious link in an email on a work computer. Once the software installs itself, it can spread to other company computer systems and allow external actors to spy on the organisation, stealing data and other assets.

The impact upon the cyber market

Whilst there doesn’t appear to be a great asymmetric relationship between cybersecurity and cybercrime, it certainly true that cyber threats are on the rise and that attacks are becoming more varied and sophisticated. Advances in technology have led to more code exposed to attack, and the limited capacity of global law enforcement makes it difficult to identify and apprehend hackers who do not necessarily limit themselves to national borders. This situation is likely to lead to two possible outcomes in the cyber market in the coming years.

The first sees cybersecurity firms increasingly unable to “keep up” with the inventive methods of cyber criminals. The second sees growing difficulties in a company’s efforts to quantify the cost/benefit of a cyber strategy, as well as the damage that a cyber breach could cause. In either case, cyber insurance is poised to step in and address these uncertainties, helping companies ascertain an appropriate cyber budget and resource allocation plan. There are at least three reasons for this:

1. End goals. Quite simply, both the insured and cyber insurance companies want the same outcome – to ensure cyberattacks are thwarted.
2. Leverage. Cyber insurance companies are likely to improve the offering of cybersecurity firms. This is because the existence and interests of the former apply pressure upon the latter to be measured by their ability to reduce cyber threats and risks.
3. Data. As the cyber insurance industry grows providers are only going to acquire more data, including proprietary information. This increasingly enables insurers to collect data which minimises cyber threats such as company details, company demographics, technology solutions and practices and, crucially, actual losses.


Both cybersecurity and cyber insurance are fascinating, growing industries with exciting opportunities for investors. As long as the internet exists, they are both likely to increase in importance in future years as the need for threat minimisation persists.

If you are a successful investor looking for EIS investment opportunities, or if you are a business owner looking for funding, then we’d love to hear from you. Get in touch today to start a conversation with our team, and discuss some of the great investment memorandums we have available:

+44 160 334 0827
[email protected]