Cyber liability insurance provides businesses with a combination of coverage options to protect their organization in case of data breaches and other cybersecurity issues. Coverage has become an important consideration for most small- to medium-sized businesses as cybercrime rates have increased exponentially in this segment. According to NPR, there were 7 ransomware attacks every hour in the United States in 2020, a number that is expected to increase.
In 2019-2020, the average global cost to remediate a ransomware attack was $761,106 (Sophos 2020). To mitigate the immediate and long-term costs associated with a breach, many companies are looking to cyber liability insurance. But, in 2021, GadellNet clients are experiencing changes to their insurance renewal process, adding significant time and increased due diligence.
What is driving these changes? In August, Cyberscoop dug into the changing landscape of cyber liability insurance. We’ve identified three factors impacting coverage for small businesses.
Traditional insurance forecasting and modeling techniques are insufficient for cyber coverage. A lack of historical data, which insurance companies traditionally use to set and determine coverage rates, has required unprecedented collaboration across a highly competitive insurance industry. In fact, in June, seven large insurance companies announced they were joining forces to combine data collection and analysis resources under a new organization
Cyber insurance needs pose a unique challenge to established insurance coverage algorithms. For example, cybercrimes aren’t subject to variability across geography like in the case of earthquake insurance. In addition, to date, providers have focused on privacy metrics like number of files or level of protection used. Increasingly though, business interruption costs are proving to be a more substantial need in coverage. All these unknowns will continue to keep cost-coverage mix a moving target.
The increase in claims compared to the increase in premiums is putting profitability for insurers at risk. Recently, AIG announced their cyber liability premiums had increased 40% over the last year. Although the proportion of existing clients opting for cyber coverage rose 46% in 2020, the percentage increase in attacks is still outpacing the increase in premiums. This indicates that providers have yet to find the formula for success.
The jury of industry observers is still out on whether providers will acclimate to the risks/costs or will abandon cyber liability offerings.
Renewal requirements are increasing. To address these concerns, many insurance providers are more thoroughly examining prospective policyholder’s security safeguards. With ransomware now accounting for 75% of all cyber insurance claims, they are requiring increased security protocols, like Multi-Factor Authentication, as a condition of coverage. These stricter safeguard requirements for policyholders could bolster the company’s defenses but could also make it more difficult for small businesses to meet coverage thresholds.
As the insurance landscape continues to evolve, one thing is certain, it’s important to have solid security protocols already in place to protect your organization. To see how we can help you drive your business, talk to your account manager or learn more here https://gadellnet.com/security-consulting/.