Cyber Insurance - State of the Market

The state of cyber insurance is complex, with premiums increasing and coverage limits decreasing. With the potential cost of cybercrime set to rise, businesses need to carefully evaluate their cyber insurance options to ensure that they have adequate coverage.

March 8, 2023

In today's digital age, cybercrime has become an ever-present threat to businesses of all sizes. Cyberattacks can result in data breaches, financial losses, reputational damage, and operational disruption. To protect themselves against these risks, more and more companies are turning to cyber insurance. However, the state of cyber insurance is complex, with premiums doubling year over year since 2020 and coverage limits coming down significantly.

According to the Blackberry State of Cyber Insurance 2022 report, 85% of respondents saw an increase in their cyber insurance premiums over the past 12 months and most reported double-digit rate hikes. Another Blackberry source cited within the report highlights that 81% of businesses are either uninsured or underinsured. This means that businesses may not have coverage or sufficient coverage to protect themselves against the costs associated with a cyber incident.

Wendy Nather, who leads Cisco's Advisory CISO team, coined the term "Cybersecurity Poverty Line" (CPL) to describe a level of cybersecurity that is beyond the reach of small and mid-sized companies, and surprisingly, even some government entities. The CPL not only refers to the ability to afford cybersecurity solutions but also the capacity to hire and retain staff that can support and maintain them.

In the U.S., only 11% of SMBs and 47% of large enterprises have cyber insurance coverage, and just 19% of those have coverage of more than $600,000. These interrelated data points reveal the widespread inability of organizations to rise above the CPL obtaining a level of cyber defenses necessary to lower their risk profile and thus qualify for cyber insurance coverage. The CPL is a stark reminder of the urgent need to bridge the cybersecurity gap and ensure that organizations of all sizes have access to the resources they need to protect themselves against cyber threats.

The cost of cybercrime is staggering. The Cybersecurity Ventures report estimates that cybercrime is projected to result in damages of $8 trillion in 2023 and $10 trillion by 2025. The IBM Cost of a Data Breach 2022 report states that the average cost of a U.S. data breach is $9.44 million, $5.09 million more than the global average with the U.S., holding that lead position for a 12th year in a row. With cybercrime becoming increasingly sophisticated, the potential costs of a cyberattack are only set to rise.

Despite the increasing prevalence of cyberattacks, not all experts agree that cyber insurance is a wise investment. In an article published on CSO, the author argues that cyber insurance can create a false sense of security and that many policies contain exclusions that could leave businesses exposed. The Insurer reports that Lloyd's, one of the world's largest insurance marketplaces, has started to exclude state-sponsored cyberattacks from their coverage, further reducing the value of cyber insurance policies.

The state of cyber insurance is complex, with premiums increasing and coverage limits decreasing. With the potential cost of cybercrime set to rise, businesses need to carefully evaluate their cyber insurance options to ensure that they have adequate coverage. While cyber insurance can provide valuable protection, it is important to be aware of the potential limitations and exclusions of policies before investing in them.

__________________

About Marius:

Marius is a cyber risk advisor and insurance broker that partners with cybersecurity providers to distribute premier cyber insurance to enterprise customers.

- Interested in becoming a Distribution Partner? - Click Here to connect with our business development team to set up an introductory call.