You are leaving risk-strategies.com
By accessing this link, you will be leaving Risk Strategies website and entering a website hosted by another party. Please be advised that you will no longer be subject to, or under the protection of, the privacy and security policies of Risk Strategies website. We encourage you to read and evaluate the privacy and security policies of the site you are entering, which may be different than those of Risk Strategies.
Cyber insurance has undergone continuous change over the past decade and evolved into one of the most complex and important coverages an organization can have in their toolbox. The cyber insurance market is challenging and volatile, however, with enterprise-wide adoption of proper protocols, an organization can weather the storm.
Initial protection for cyber-related risks was covered by “silent” cyber coverage buried in other insurance policies such as property, general liability, professional liability and/or kidnap & ransom.
As businesses’ reliance on technology grew, insurance carriers gained awareness of cyber-specific risk and silent cyber coverage were replaced by standalone cyber policies.
When standalone cyber insurance was first introduced insurers largely saw the revenue potential and focused on gaining market share. This created a competitive environment with overly broad policies and competitive pricing. What insurers may not have fully appreciated, or priced in, was how large and expensive cyber losses could be.
In recent years, as threats and incidents escalated so did cyber claims—in the form of more frequent and larger loss payments. Threat actors have been relentless as gains from their endeavors have increased. Insurers are taking corrective action on their portfolios by increasing premium rates, increasing retentions, adding restrictive language and carefully underwriting risks.
Growing Threats and Issues
The following issues are driving industry-wide change.
Looking Ahead: A Reason for Optimism
Despite hardening market conditions in 2020-2021, there is reason to believe that rates may soon start to plateau for insureds who meet the carriers' standards and display ongoing cyber security efforts. In the fourth quarter of 2021, there was a slowdown in ransomware attacks. At the same time, many businesses were better educated about potential threats and implemented controls to mitigate such incidents. However, for businesses that do not meet the minimum standards or make the necessary investments, cyber insurance may no longer be a feasible option.
The stability of the market could be quickly derailed by a large-scale systemic event or the current Ukraine and Russia conflict.
Stay Informed, Stay Alert
The future of risk in the cyber landscape will require businesses to institute best practices, which will continue to change, and to continually educate themselves and their employees.
Any business that purchases cyber insurance should utilize the onboarding process with their carrier in order to understand the services at their disposal. By working closely with their broker and carrier, businesses can get the most out of their policy.
Stay informed, stay alert and stay tuned.
Want to learn more?
Connect with the Risk Strategies Cyber Risk team at cyber@risk‐strategies.com
Throughout 2022, Risk Strategies experts are exploring the evolving nature of risk in-depth, exploring predictions and considerations across industries. Join us as The Future of Risk series continues.