What Cybersecurity Insurance Trends Should You Be Aware Of

The increased quantity and intensity of cyber security breaches in recent years have resulted in substantial changes in the cybersecurity insurance industry. The existing market in the cyber insurance sector has always been seen as “soft” because it was relatively simple for businesses to get coverage at cheaper costs. However, the increased cyber dangers and the exponential growth of ransomware assaults in the previous year induced a “hardening” in the industry.

With the rise in the frequency of significant cyber-attacks and losses, public awareness of digital vulnerabilities also grew. However, much effort still needs to be put in to enhance cybersecurity because progress has been modest thus far. There needs to be (more) proper enlightenment of employees by professional IT services and stricter security measures must be put in place. 

What Can Be Done?

Many more trends will emerge in the coming years and knowing them would help companies to plan better and establish more secure security protocols and insurance policies. 

Here are some cybersecurity insurance trends that everyone needs to be aware of:

Reduced Coverage Limits

Increased monitoring and prices by insurance companies are reducing the quantity of coverage accessible to businesses. Whereas it was typical for a midsize corporation to have as much as $9 million in coverage in the past, most carriers will likely only give that same company $5 million or less. 

In particular, insurers are less likely to grant a higher coverage limit if a company is assessed to be at high risk. Some might even pass on the coverage altogether. Similarly, with the rising premium rates, some businesses are deciding to cut their coverage in exchange for less expensive insurance. All of these are inducing a downward move in coverage limits. This is not a fluke. A cyber insurance company (Marsh) recently stated that 23% of its clients initiated a voluntary or involuntary decrease in coverage.

In addition to reduced coverage, several insurers are re-evaluating coverage for specific cyber catastrophes such as ransomware.

Increasing Premiums

Premiums refer to the amount consumers must pay for their insurance coverage. In the US, increases have been significant. The premium increase in September 2021 was 174%. However, this is actually reasonable. It is similar to vehicle insurance pricing. 

If an individual has a driving record that possesses many accidents and other high-risk events, they will need to pay more than someone with a lower risk profile. In cybersecurity insurance, the insurance company leverages the likelihood of a payout to mitigate risk.

The growth in cyberattacks has effectively made insurance companies judge all businesses unfairly. Insurance firms lower their exposure and make it easier to be stable in an unpredictable cyber world by raising rates.

Increased Focus on Cybersecurity Keenness

The interest of insurers in a company’s risk history grows in tandem with the number of claims submitted. Insurers like to avoid large claims. They also want to post profits at the end of the day. As a result, insurers are pushing firms to improve their cybersecurity readiness by answering more questions and providing more data about their risk management history. For example, insurers are questioning firms about their incident response plans, history with breaches and frequency of conducting risk assessments of their current cybersecurity.

Tighter Terms and Exclusions 

As demand for cyber insurance increases, its supply reduces as insurers and reinsurers reassess their risk tolerances. The sector has grown less profitable as the number of cyber incidents and claims filed has increased. 

As a result, insurers are concentrating more on risk selection, asking more questions and requesting more paperwork to assess organizations’ cyber strategies. One way insurers are reacting is by requiring applicants to meet stricter security controls. 

Many insurers are enforcing multi-factor authentication (MFA) in addition to other measures such as incorporating end-point detection and response solutions and consistent cybersecurity awareness training. Some other measures are privileged access management, secured and encrypted backups and business continuity and incident response planning. 

Insurers also rely on supplemental apps that can put together an organization’s inherent risks (such as the characteristics and effects of previous ransomware attacks and high-profile cyber breaches). Insurers are collaborating more closely with cybersecurity experts during these investigations to better identify where cyber risks exist in a business setup. 

Firms that do not submit the required documents and/or do not have the necessary measures in place may ultimately be denied coverage. Other options are facing higher premiums and/or reduced coverage limits to compensate for their potential extra risk.

Sound Computers Is Here to Meet Your Cyber Security Needs

Operating out of Westbrook, Connecticut, Sound Computers is a managed IT company offering IT solutions to small, medium and large companies. We ensure your cybersecurity setup is as tight as ever and offer our services around the clock. 

You can book your free consultation here.
October 25, 2022
Sound Computers Admin