As the cyber market matures, it’s increasingly evident that fighting off cyberattacks is going to be an ongoing team effort. Brokers, carriers, cybersecurity organizations and insureds all play a role, from security to training to assessing adequate coverage.
According to the latest Cyber Insurance Outlook report from Arctic Wolf, the risk of cyberattack has become a part of daily operational concern for many organizations. Yet growing awareness of how organizations can protect themselves from attacks and loss still poses a challenge to the insurance industry.
Seventy percent of insurance professionals responding to this most recent survey (77% of brokers and 63% of carriers) expect the number of new cyber claims to increase, mainly because of steadily growing threat activity.
The Cyber Coverage Gap
One figure the Arctic Wolf report highlights is the discrepancy between cyber coverage figures provided by brokers and those supplied by businesses. While brokers estimate 47% of organizations have the coverage they need, 65% of responding organizations claim they are covered in the event of a cyberattack.
The report hypothesizes that businesses are unaware of the extent of their coverage or what specifically is needed. This 20% gap could represent an opportunity for brokers to reassess clients’ needs and make recommendations for additional protection and mitigation.
Insurers may also initially reject clients for cyber coverage because they have inadequate security controls in place (26%), lack financial stability (21%) or can’t supply the insurer with enough information (21%). While brokers are most likely to reject a client because of financial instability (23%), carriers are more likely to ding potential insureds for missing security protocols (32%).
Cautious Cyber Claimants
In the past year, 12% of clients with cyber insurance made claims, with ransomware accounting for 18% of those claims. Other common claims included data breaches, theft of funds and phishing incidents, including business email compromise.
However, clients who make claims may find that their rate increases because of a claim (66%) or that they face increased scrutiny during the renewal process (56%). Seven percent reported that they were asked to implement additional controls as a condition of renewal, which could include additional training, upgraded security, or other measures.
Insureds may also have claims rejected because they fall outside the terms of their policy (25% of rejections), their coverage was less than the total claim (19%), the incident fell below the client’s self-insured retention (18%), the incident failed to disclose risk on the client’s application (17%), or the incident was deemed gross negligence.
Fear of higher rates and cancellation drives some insureds to ignore issues that don’t seem to pose a significant financial, security, or “worst case scenario” threat, the report said.
And prices are increasing, with 53% of insurers saying they have seen an overall increase in cyber insurance rates in the last 12 months.
Proactive Protections
North America is considered the global leader in the cyber insurance market. Insurance brokers in North America are more likely to offer both cyber risk control tools and services (73%) compared to the global market (68%). North American brokers are also more likely to have a designated cyber practice (49%) than global counterparts (43%).
However, only 45% of organizations in the North American region have the necessary cyber coverage compared to higher rates in some European countries. Regulatory requirements in places like the U.K. and Ireland incentivize organizations to mitigate cyber risk, with cyber insurance serving as a part of those strategies.
Globally, cyber insurers are proactive with their clients to mitigate damage and loss, with 71% of insurance brokers partnering with cybersecurity providers to better serve clients, while 94% offer ongoing assistance or support to clients.
The majority (69%) also offer in-house cyber risk control tools and services, with 45% charging separately for these services. Another 25% of insurers refer clients to certain cyber risk vendors, with about half of those (12%) negotiating pre-arranged discounts or terms with the vendors.
Topics
Trends
Cyber
Interested in Cyber?
Get automatic alerts for this topic.
