The cyber insurance sector has been tested recently with growing ransomware attacks, rising premiums, and more sophisticated threat actors, but that isn’t necessarily scaring insurers away, according to a 2022 Cyber Insurance Market Trends report from Panaseer.
“Despite the considerable pressures, our research shows it’s not enough to make insurers exit the market,” the report said, finding that even if the current rate of cyber attacks remains the same, 84% of respondents said they’d continue to offer cyber insurance over the next three years.
Panaseer is a continuous controls monitoring platform for enterprise security. It gathered feedback for this survey from 400 decision makers in cyber insurance, with respondents split evenly between the U.S. and UK. The online survey was conducted by Censuswide between May 25, 2022, and June 1, 2022.
The survey found that while insurers may not be shying away from the cyber insurance market, some policyholders could be as cyber insurance pricing continues to show significant rate increases. Marsh’s Global Insurance Market Index for 2022, cited in the report, found that cyber insurance rates increased 110% in the U.S. for the first quarter of 2022. The majority of insurers in Panaseer’s survey expect cyber premiums to continue rising over the next two years.
“This is leading to a growing trend for self-insuring, where organizations set money aside to cover themselves should they suffer a breach,” the report said.
Ransomware is challenging the industry — attacks increased by 93% in 2021, according to Panaseer’s research. Its survey found the average ransomware payout over the past two years was around $3.5 million in the U.S., contributing to a 27% increase in the cost of ransomware claims over that time period.
Survey respondents cited the increasing sophistication of threat actors and the rising cost of ransomware attacks as the two factors that have had the most significant impact on cyber insurance premiums.
Another factor cited by 35% of survey respondents as having an impact on cyber insurance premiums is the inability to accurately understand a customer’s security posture.
Among U.S. respondents in the cyber insurance industry, 95% believe it’s important for the industry to develop a consistent approach to analyzing a customer’s cyber risk using accurate security metrics and measures. Similarly, 89% of insurers believe it would be valuable to have direct access to customer metrics and measures proving the status of their security controls.
In a previous Panaseer survey of 1,200 security leaders, the company found that all respondents would be willing to demonstrate the strength of their cyber program to cyber insurers with data-driven metrics if it meant they could reduce their cyber insurance premium.
Was this article valuable?
Here are more articles you may enjoy.