Insurance Underwriter Charges Extra To Insure Windows NT Against Hacking

ZDNet is reporting on an insurance carrier who charges higher premiums for hacker insurance to clients running Windows NT than clients running Unix or Linux. J.S. Wurzler Underwriting Managers is an underwriter that provided hacker insurance to companies looking to guard against the expense of being hacked. According to the ZDNet piece, Windows gets hacked more:

J.S. Wurzler Underwriting Managers, one of the first companies to offer hacker insurance, has begun charging its clients 5 percent to 15 percent more if they use Microsoftis Windows NT software in their Internet operations.

"We saw that our NT-based clients were having more downtime" due to hacking, says John Wurzler, founder and CEO of the Michigan company, which has been selling hacker insurance since 1998.

Wurzler said the decision to charge higher premiums was not mandated by the syndicates affiliated with Lloydis of London that underwrite the insurance he sells. Instead, the move was based on findings from 400 security assessments that his firm has done on small and midsize businesses over the past three years.

About half of his clients use Windows NT, Wurzler said; the rest use Linux or Unix. Given that breakdown, he said itis easy to justify higher rates for NT machines. "Why should a Unix player with fewer vulnerabilities subsidize NT users?" Wurzler asked.

And Wurzleris not through with Microsoft. He said his firm is looking at vulnerabilities in Microsoftis Internet Information Server software, and that it may soon begin charging higher premiums for that product, too.

Microsoftis response in the article:

Microsoft spokesman Jim Desler said the hacker insurance market is still too young to declare Wurzleris move a trend. "Thereis not enough history or business to draw conclusions about rate-setting practices," Desler said. As the market matures, rates are likely to be based on best practices, rather than on platforms or products, he predicted. "We provide unparalleled support in the area of security."

There is much more information in the article that we did not quote, and we recommend it as a good read. Thanks to Observer David Nelson for his help with this article.