Companies continue to buy cyber insurance policies

0

Despite rising cyber insurance premium costs and changing coverage areas, companies are still researching and renewing their policies, experts tell Axios.

The big picture: Cyber ​​insurance provides financial assistance following a cyberattack to help cover ransom payments or the costs of rebuilding data storage systems. But as the attacks increased, the high prices increased.

  • Additionally, to compensate for growing financial losses, some vendors have changed the attacks they cover.
  • Between 2019 and 2021, total cyber insurance premiums in the United States more than doubled, from $1.6 billion to $3.2 billion, per a Fitch Ratings report.

Brokers tell Axios they haven’t seen companies’ appetite for cyber insurance diminish, despite changing requirements and coverage.

  • Marc Schein, a risk management consultant at Marsh McLennan Agency, tells Axios that customers continue to buy cyber insurance plans despite rising costs.
  • The policies still help companies deal with two of the most prevalent types of criminal cyberattacks: ransomware and corporate email compromises, which include phishing emails and outright takeovers of senior executives’ inboxes. , Schein said.

At a time, experts say that on high premium days increase are over – fending off fears that companies will abandon insurance before premium costs get out of reach.

  • Cyberinsurers have struck a “balance” in their pricing and underwriting strategies, says Mario Vitale, president of cyberinsurance firm Resilience.
  • Suppliers averaged a 65% loss rate last year, down from 72% the previous year, according to Fitch Ratings.

To reduce losses, Insurers have turned to a few strategies: requiring stricter cyber hygiene practices from potential buyers and changing the cyberattacks covered by these policies.

  • Lloyd’s of London, the largest insurance marketplace in the world, recommended in a bulletin last month that its insurer groups exclude all state-sponsored cyberattacks from coverage in their policies.
  • Chris Hallenbeck, CISO of cybersecurity firm Tanium, says Axios cyberinsurers ask his company more specific questions about the personal data it collects and its overall cybersecurity practices before approving a policy renewal.

Yes, but: Some companies still seem to be rethinking their cyber insurance needs.

  • Hallenbeck warns that rising cyber insurance rates could be “a major driver” for companies dropping coverage.
  • JPMorgan Chase has reduced the amount of cyber insurance it buys, Information reported last month.

Sign up for the Axios Codebook cybersecurity newsletter here.

Editor’s note: This story has been updated to remove a reference that 63% of Marsh USA customers said they plan to keep their cyber insurance policies. This number actually refers to the number of customers who increased their self-insured retention in the month of April.

Share.

Comments are closed.