New Challenges in the Cybersecurity Insurance Market| December 19, 2022
Cybersecurity insurance is an innovative concept for many small businesses, having only been created in the 1990s. It was initially developed to provide protection for bigger corporations including data processing errors and online media coverage.
Since then, the policies for this type of liability insurance have been revised. Today’s cyber security policies provide financial coverage for typical costs associated with a data breach such as resolving malware intrusions and maliciously accessed accounts.
Cybersecurity insurance policies will cover the costs for things like:
- Notifying users about a breach
- Recovering compromised data
- Repairing systems
- Providing personal identity monitoring
- IT forensics to investigate
- Legal expenses
- Ransomware payments
2021 set a staggering record for the most data breaches ever, and statistics show that in just the first quarter of 2022, these cyberattacks have increased by an astonishing 14% from last year.
Unfortunately, no one is safe—even small businesses are targeted and often experience more severe losses than larger enterprises. In fact, studies suggest that around 60% of SMBs close down within 6 months after a digital security incident occurs.
As the cyber danger intensifies and data breach expenses continue to rise, so too must businesses adjust their cybersecurity insurance policies. The industry is in a constant state of flux; therefore it’s essential for companies to stay informed about these surges if they wish to remain protected from potential threats.
Here are some of the cyber liability insurance trends you need to know about.
Demand is Going Up
As data breach costs balloon, hovering around an average of $4.35 million globally and a staggering $9.44 million in the U.S., more people are turning to cybersecurity insurance as their go-to solution for protecting themselves from financial losses associated with breaches.
Corporations of all kinds are recognizing the significance of cyber insurance. It is just as essential to their business as liability coverage. Without it, they risk crumbling in an instant if a single data breach occurs – something that can happen without any warning at all. So why take this chance? Investing in cyber insurance is not only smart but necessary for companies looking to stay afloat and remain competitive today.
With demand increasing, look for more availability of cybersecurity insurance. This also means more policy options, which is good for those seeking coverage.
Premiums are Increasing
As the number of cyberattacks continues to climb, insurance companies are struggling to keep up with staggering payouts. As a result, premiums have been raised in order to cover these costs. In 2021, cyber insurance premiums rose by a staggering 74%.
To prevent taking a loss on cybersecurity policies, insurance carriers have been raising their rates. As the costs of lawsuits, ransomware payouts and other forms of remediation increase, so does the need for these plans – meaning they are becoming both more expensive and essential at the same time.
Certain Coverages are Being Dropped
As insurance companies become more selective in their policies, it’s becoming increasingly difficult to obtain coverage for certain risks. For instance, many insurers are now withdrawing coverage for “nation-state” attacks that originate from a government entity.
Many governments have ties to known hacking groups. So, a ransomware attack that hits consumers and businesses can very well be in this category.
In 2021, 21% of nation state attacks targeted consumers, and 79% targeted enterprises. So, if you see that an insurance policy excludes these types of attacks, be very wary.
Another type of attack payout that is being dropped from some policies is ransomware. Between Q1 and Q2 of 2022, ransomware attacks increased by 24%.
Fed up with clients lacking protection and expecting insurance payouts for ransomware, various carriers are now excluding those from their policies. This leaves organizations in the lurch, having to bear the burden of ensuring that their backup and recovery processes have been thoroughly planned out.
It’s Harder to Qualify
If you’re looking for cybersecurity insurance, qualifying isn’t easy. Insurance providers are getting stricter and stricter with their requirements, steering clear of any businesses with a subpar cyber hygiene regimen. Don’t be fooled into believing that obtaining coverage is guaranteed — it’s essential to firmly understand the qualifications before pursuing an insurance policy.
Some of the factors that insurance carriers look at include:
- Network security
- Use of things like multi-factor authentication
- BYOD and device security policies
- Advanced threat protection
- Automated security processes
- Backup and recovery strategy
- Administrative access to systems
- Anti-phishing tactics
- Employee security awareness training
Completing lengthy and comprehensive questionnaires is often obligatory when obtaining insurance. Questions regarding your cybersecurity setup will likely be included, so it’s wise to engage the services of an IT professional to assist you with this process.
All this effort for cyber insurance can be overwhelming. As you answer the questions, your IT partner will help identify risk-reduction measures which may reduce premiums – similar to other forms of insurance. By taking protective steps before an incident occurs, you are more likely to pay lower rates.
Undertaking a cybersecurity review ahead of obtaining cyber insurance is an investment worth making. It will not only save you time and money, but it can also significantly enhance your defenses against malicious attacks.
Need Help Making Sense of Cybersecurity Insurance?
Cybersecurity coverage and insurance applications can be complex. If you answer wrong on a question, it can mean paying hundreds more in premiums than you should.
If you’re considering cybersecurity insurance, don’t go it alone. Schedule a consultation and we can explain the policy details and provide guidance.