Cyber Trends: Cyber Security Insurance Market Update

With the wide variety and frequency of threats online, cyber insurance providers are asking all the hard questions before they write new policies. How is your private information transmitted and stored? Do you have risk assessment and business continuity plans? Cyber security can be confusing. So can cyber security insurance. 

Cyber security insurance is still a pretty new concept for many small to medium businesses (SMBs). It was initially introduced in the 1990s to provide coverage for large enterprises. It covered things like data processing errors and online media. Since that time, the policies for this type of liability coverage have changed. Today’s cyber insurance policies cover the typical costs of a data breach. Including remediating a malware infection or compromised account.

Cyber security insurance policies will cover the costs for things like:

• Recovering compromised data
• Repairing computer systems
• Notifying customers about a data breach
• Providing personal identity monitoring
• IT forensics to investigate the breach
• Legal expenses
• Ransomware payments

Could Your Business be Targeted Next?

There’s no such thing as too much protection. Data breach volume and costs continue to rise. 2021 set a record for the most recorded data breaches on record. And in the first quarter of 2022, breaches were up 14 percent over the prior year. 

No one is safe. Even small businesses find they are targets. They often have more to lose than larger enterprises as well. About 60 percent of small businesses close down within six months of a cyber incident.

The increase in online danger and rising costs of a breach have led to changes in this type of insurance. The cyber security insurance industry is ever-evolving. Businesses need to keep up with these trends to ensure they can stay protected.

Let’s take a detailed look into some of the cyber liability insurance trends you need to know about.

Higher Demand

You don’t get a competitive edge in business by keeping pace or reacting to the latest trend. You need to be proactive and have the infrastructure to quickly and efficiently adjust to any change. The same is true for your cyber security insurance.

Globally, the average cost of a data breach is currently $4.3 million. In the U.S., it’s more than double that, at $9.4 million. As these costs continue to balloon, so does the demand for cybersecurity insurance.

Companies of all types are realizing that cyber insurance is critical. It’s as important as their business liability insurance. Without that protection, they can easily go under in the case of a single data breach.

With demand increasing, look for more availability of cyber security insurance. This also means more policy options, which is good for those seeking coverage.

Higher Premiums

Insurance carriers aren’t willing to lose money on cyber security policies, so the costs for these policies are getting more expensive.

With the increase in cyberattacks, there has also been an increase in insurance payouts. Insurance companies are increasing premiums to keep up. In 2021, cyber insurance premiums rose by a staggering 74 percent. The costs from lawsuits, ransomware payouts and other remediation have driven this increase. 

Reduced Coverage Options

Certain types of coverage are getting more difficult to find. For example, some insurance carriers are dropping coverage for “nation state” attacks. These are attacks that come from a government and many governments have ties to known hacking groups. What exactly does this mean for SMBs? 

Unfortunately, a ransomware attack that targets consumers and businesses can very well be under the “nation state” category and no coverage will be provided. Why is this a big deal? In 2021, it was reported that 21 percent of nation-state attacks targeted consumers, and 79 percent targeted enterprises. If you see that an insurance policy excludes ransomware attacks, be very wary.

Insurance carriers are tired of unsecured clients relying on them to pay the ransom after an attack. Many carriers are excluding ransomware payouts from policies. This is why it’s imperative for business leaders to ensure their backup and recovery strategy is properly developed.  

How Hard Is It to Qualify for Cyber Security Insurance?

Just because you want cybersecurity insurance, doesn’t mean you’ll qualify for it. Qualifications are becoming stiffer. Insurance carriers aren’t willing to take chances; especially on companies with poor cyber hygiene.

Some of the factors that insurance carriers look at include:

• Network security
• Use of remediating tactics like multi-factor authentication
• BYOD and device security policies
• Advanced threat protection
• Automated security processes
• Backup and recovery strategy
• Administrative access to systems
• Anti-phishing tactics
• Employee security training

You’ll often need to fill out a lengthy questionnaire when applying for insurance. This includes several questions about your cyber security situation. It’s a good idea to have your IT services provider help you with this.

Need Help Making Sense of Cyber Security Insurance Policies?

It can feel very daunting when trying to qualify for cyber insurance. At SkyTerra, we understand that most companies don’t have an in-house cyber security expert. That’s why we’ve created this simple two-page cyber security questionnaire to help you gather all the info you need to identify any potential security enhancements that need to be made.

Just like other forms of insurance, if you take steps to reduce risk, it can often reduce your premiums. It pays to do a cyber security review before applying for cyber insurance. Want to save yourself time and money? Contact us today or book a meeting to fortify your defenses against cyberattacks.