The British government has partnered with the private sector in an effort to ensure that cyber insurance becomes part of companies' IT security measures, to help manage the risk faced from data breaches.
UK Cabinet Office Minister Francis Maude - who is responsible for Britain's cyber security strategy - said the initiatives were part of the government's long term economic plan to make the UK "one of the safest places in the world to do business online."
While insurance wasn't a substitute for good cyber security, Maude said it formed an important addition to a company's overall risk management.
"Insurers can help guide and incentivise significant improvements in cyber security practice across industry by asking the right questions of their customers on how they handle cyber threats," Maude said.
A report by the government and Marsh insurance brokers uncovered a large awareness gap when it comes to cyber insurance protection.
More than half of chief executives believed their companies were covered by insurance in some form, when in actual fact less than 10 percent of British companies were protected, the report found.
An estimated 81 percent of large British businesses, and 60 percent of smaller companies suffered one or more cyber security breaches last year, according to the report.
Furthermore, the number of security incidents are steadily rising, and the report recommended that businesses review how they manage cyber risk.
This would include having a board-level individual responsible for cyber risk, a coherent recovery plan and the use of stress testing to confirm an organisation's financial resilience against cyber threats, the report suggested.
Insurers should include the UK government's Cyber Essentials certification for IT security best practice as part of their risk assessment, the report recommended.
The report writers also suggested that more data pooling between insurers should also take place to better develop pricing models and coverage for policies.
.JPG&h=271&w=480&c=1&s=1)
