As cybersecurity risks intensify, insurance companies are doing their best to adapt. However, staying a step ahead of hackers is proving to be an ongoing and often uphill battle, creating issues for insureds, insurers and reinsurers. Here we’ll take a look at cybersecurity trends impacting the insurance industry, how insurers are adapting and what’s ahead.
“The lack of historical loss data [in the cybersecurity insurance market] (resulting from the sector’s short history) adds another layer of unpredictability for all involved.”
Source: Harvard Business Review.
Meeting the demands of the market
Industry experts have concerns that the increase in cyberattacks could increase the demand for insurance coverage and create a supply problem. According to the Harvard Business Review, this is pushing insurers to become overly cautious when offering coverage for certain new business risks, and could also result in an increase in non-renewals that could further reduce capacity.
An informational disadvantage
The cybersecurity liability market may not be new, but in many ways, it is still in its early stages. This has challenged insurers, as there is a lack of historical claims data in the cybersecurity market from which to draw when assessing, pricing and placing risks. As more losses are incurred in the cyber liability space, we may see more insurers reducing or withdrawing coverage in sectors where they haven’t been profitable.
Growth in ‘bring your own device’ risks
COVID-19 may have initially prompted more employees to work remotely, but it’s clear that this trend isn’t going away anytime soon. With no way of predicting that these new working arrangements would become “the new normal,” insurers that provide cyber liability insurance now find themselves sitting on ongoing risk exposures — primarily due to employees using their own devices and networks to conduct company business. These arrangements have insurers looking at how they can better accommodate these and other developing cybersecurity risks for employers that have elected to adopt hybrid work models.
So, what’s next?
In light of the growing threat of cyberattacks, more businesses this year are taking it upon themselves to adopt a zero-trust architecture when it comes to their cybersecurity requirements. According to Analytics Insight, “[These security capabilities] will be based on the principle of ‘Never trust, Always verify’ (i.e., treat every user, device, application, workload, and data flow as untrusted).”
“Increased automation of [company] data can [help] eliminate risk points and better support a zero-trust strategy.”
Source: Analytics Insight.
Reinsurance News notes that the increase in claims due to ransomware attacks has also prompted significant advancements in underwriting. This includes viewing cybersecurity risks from the attacker’s perspective in order to better understand how and where risks are occurring.
“The cyber insurance industry has evolved significantly over the last 12 months deploying rate changes, coverage restrictions and more robust underwriting practices.”
Source: Reinsurance News.
The influx of cybersecurity risks that initially prompted the insurance industry to provide businesses with a wide spectrum of cyber liability insurance, has the industry facing new challenges. And while this shouldn’t be a cause for alarm, agents should be aware of the changes to come so they can better advise their clients.
Need to complete your insurance continuing education credits before the end of the year? FastrackCE can help you get all your life and health and property and casualty continuing education credits done in one place and at your convenience. We offer online courses in most states, covering a broad range of topics, including most of the state-mandated courses such as ethics, flood, long-term care and annuity training.