Latest Trending
Last Updated, Nov 15, 2022, 10:30 AM
Hot Market for Cyber Insurance Begins to Stabilize


The market for cyber insurance has begun to stabilize after a surge in ransomware attacks in recent years propelled a steep rise in premiums, observers say.

Cyber insurance can pay ransoms to hackers who lock company technology systems, or it can help offset the cost of responding to data breaches. Now, the premium increases of recent years seem to be slowing, if not halting entirely, as insurers get better at evaluating risks, new market entrants begin offering coverage, and supply and demand assert themselves.

“Things are looking better,” said Jason Krauss, head of North America cyber product coverage for insurance brokerage

WTW.

“It’s amazing, right, that I would tell you that a 20% increase [in premiums] isn’t bad. But it’s seen as a good thing.”

The cyber insurance market has been going through a “hard” period, according to industry insiders, with rising premiums and less flexibility from insurers in terms of offerings. Premium prices on average rose more than 34% in the fourth quarter of 2021, according to data from the Council of Insurance Agents & Brokers, and some businesses have reported far steeper rate increases.

“It was painful,” said Kristen Peed, director of corporate risk management at professional services company

CBIZ Inc.

and a board member of the risk management society RIMS. Some colleagues in risk-management saw increases as high as 200%, Ms. Peed said.

“We’ve had two painful renewal years with increasing deductibles, restrictions and…increases in prices,” she said. 

The insurance itself remains relatively niche—insurer

Munich Re Group

estimated the global value of cyber insurance premiums at $9.2 billion at the outset of 2022, compared with hundreds of billions of dollars spent in the U.S. alone for commercial insurance, according to the Insurance Information Institute—but events spurring premium increases have become familiar. 

The 2021 attack against Colonial Pipeline Co. led to a $4.4 million ransom payment, one of several recent multimillion-dollar ransomware attacks. U.S. financial institutions flagged ransomware-related transactions totaling more than $1 billion last year, a stark increase from previous years, according to Treasury Department data. But that is a figure barely scratching the surface of the crime’s economic scale, experts say.

With higher payouts by insurers came premiums rising at steeper rates. “It was kind of nasty there for a little bit,” said

Robert Parisi,

North American head of cyber solutions for Munich Re. He described a hockey stick-like rise in premium pricing over the past two years. The increases mark a correction for premiums, which for years were arguably too cheap, he added. 

“The underwriting is aggressively moving toward, ‘How can we get a deeper, more insightful look,’” Mr. Parisi said. Meanwhile, prices, while not dropping, are rising less quickly than in recent years, he noted.

Insurance companies have toughened underwriting standards that come with issuing new policies and have begun reviewing the defenses companies are putting up to thwart cyberattacks. Companies are asked about their cybersecurity systems and may have their arrangements with popular cloud hosting companies examined, Mr. Parisi said.

Businesses have tightened security, with phony phishing emails to test for inattentive workers and multifactor authentication becoming commonplace. And more organizations are prepared to respond to insurers’ questioning, said Brent Rieth, U.S. practice leader for cyber solutions at broker

Aon

PLC. “They have more appropriate controls in place,” he said.

New underwriting demands haven’t been welcomed by businesses trying to get insurance, however. “Across the board, our clients have been lamenting on the new requirements that need to be met to be insured or even reinsured,” said Richard Peters, a cybersecurity expert and a managing director at consulting firm Berkeley Research Group.

For small and midsize clients, enhanced demands are costly and time-consuming. Insurers have expected some to conduct expensive security risk assessments, Mr. Peters said.

Roberta Sutton, a partner with Potomac Law Group who advises businesses dealing with insurance companies, said all her clients have been asked to complete more detailed applications for ransomware insurance. 

Some businesses have opted against the insurance, said Ed McNicholas, co-leader of the cybersecurity practice at the law firm Ropes & Gray LLP. But not all companies can, as some must have cyber insurance to work with partners, Mr. McNicholas said. Proposed government regulations around breaches could also drive businesses to turn to insurance companies to unload some risk, he said.

Stricter underwriting, somewhat lessened demand, and more carefully crafted insurance policies are all likely contributing to lower prices, which observers generally are hopeful will fall further. 

But insuring evolving cyber risks remains challenging, because cyber insurance providers don’t have much actuarial data for such risks, and even if they did, it probably wouldn’t be “terribly insightful,” Munich Re’s Mr. Parisi said.

“We’re all worried about ransomware now and rightly so,” he said. “The cyber insurance community has to be fairly nimble and flexible in how it looks at risk.”

Write to Richard Vanderford at Richard.Vanderford@wsj.com

Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

24World Media does not take any responsibility of the information you see on this page. The content this page contains is from independent third-party content provider. If you have any concerns regarding the content, please free to write us here: contact@24worldmedia.com

Latest Post

Common Mistakes When Using Athletic Field Tarps

Last Updated,Jun 5, 2024

High-Performance Diesel Truck Upgrades You Should Consider

Last Updated,May 14, 2024

Warehouse Optimization Tips To Improve Performance

Last Updated,May 6, 2024

Fire Hazards in Daily Life: The Most Common Ignition Sources

Last Updated,Apr 30, 2024

Yellowstone’s Wolves: A Debate Over Their Role in the Park’s Ecosystem

Last Updated,Apr 23, 2024

Earth Day 2024: A Look at 3 Places Adapting Quickly to Fight Climate Change

Last Updated,Apr 22, 2024

Millions of Girls in Africa Will Miss HPV Shots After Merck Production Problem

Last Updated,Apr 18, 2024

This Lava Tube in Saudi Arabia Has Been a Human Refuge for 7,000 Years

Last Updated,Apr 17, 2024

Four Wild Ways to Save the Koala (That Just Might Work)

Last Updated,Apr 15, 2024

National Academy Asks Court to Strip Sackler Name From Endowment

Last Updated,Apr 12, 2024

Ways Industrial Copper Helps Energy Production

Last Updated,Apr 11, 2024

The Ins and Out of Industrial Conveyor Belts

Last Updated,Apr 10, 2024