According to the Council of Insurance Agents & Brokers, cyber insurance premiums grew more than a quarter (25.5 percent) during the second quarter of 2021. This was mostly due to ransomware attacks.
The increases stand well above the 17.4 percent increase witnessed by umbrella insurance and an average of 8.3 percent growth across all premiums (figures that are already well in excess of inflation rates in most countries).
Cyber insurance has become a popular option for businesses. This form of insurance generally covers a business’ liability for a data breach involving sensitive customer information. This type of information may include Social Security numbers, credit card numbers, account numbers, driver’s license numbers and health records.
Mary Roark, VP of cybersecurity strategy at Accedian has some thoughts on cyber insurance and companies’ overreliance on it.
Roark tells Digital Journal: “Although there is a rise in cyber insurance, there is also an over-reliance on it. Companies often believe that they will be safe from a cyberattack’s financial implications, but in reality, to be able to avail its benefits they need to prove they weren’t negligent anywhere.”
This means that firms need to think twice about what their premiums are covering and what they can do about it anyway.
Instead, it might be more prudent to invest the insurance premiums into cybersecurity solutions, or at least pairing up technology with the right type of insurance product. As Roark notes: “This can be tricky unless they have made smart investments in cybersecurity tools and technologies that help build cyber resiliency.”
Such solutions include evaluating first and third-party risks associated with IT systems and networks across a business, as well as assessing the potential events that could cause first or third-party risks to materialise. After this the suitability of the controls that are currently in place can be made and recommendations made for improvement, including the types of security systems needed to boost defences.
She warns that only with the technological back-up will the insurance option work, noting: “With this foundation, cyber insurance can truly help protect their business.”