The annual Information Security and Cyber Risk Management study from Zurich North America and Advisen indicates that 86% of respondents now have cyber insurance, up 3% from 2021 and the highest percentage in the history of the survey, though increasing premiums and restrictions for cyber coverage have created frustration for some business leaders.
Zurich notes that such findings suggest that CEOs, CIOs and risk managers are increasingly grasping the threat that cyberattacks pose to their businesses, customers and the economy.
Though it adds that comments in the survey also reveal gaps in understanding of the drivers of insurance rates and restrictions and the role that risk mitigation actions play in the ability to access coverage at an affordable price.
Michelle Chia, Head of Professional Liability and Cyber at Zurich North America, commented, “Our latest survey shows that many respondents recognise cyber threats and claims have increased in frequency and severity, but some business leaders struggle with the extent of the impact on insurance costs, policy terms and risk selection.
“What’s clear is that cyber resilience is critical to business resilience. Carriers, distributors, risk managers, IT professionals, governments and employees everywhere need to work together to strengthen cyber resilience in this fast-evolving risk landscape.”
The study also found that 93% of respondents said they expect Data Breach and Cyber Extortion/Ransomware coverage to be included in cyber insurance policies, followed by Data Restoration at 87% and Business Interruption at 75%.
81% of respondents reported having cyber incident response plans in place, but less than 60% test these plans regularly, says Zurich.
54% of respondents who experienced a claim reported it to their cyber insurance carrier. More than 70% recouped costs from their cyber insurance carrier, while a portion of the claims are still in process.
Chia concluded, “While there’s more to be done, it’s encouraging to see organisations taking steps to shore up their cyber resilience.
“Insights from this survey present the opportunity for insurance carriers and brokers to provide continuing education on the shifting cyber risk environment and mitigation techniques. Those responsible for managing cyber risk can refer to this survey’s insights to help gain organisational support for additional investments to enhance cyber resilience and access to insurance coverage.”
Zurich adds that the survey was completed chiefly by 353 risk managers, insurance buyers and other risk professionals.
The majority classified themselves as either a chief risk manager or the head of a risk management department, a different member of a risk management department, a chief information security officer or chief privacy officer, or other executive, such as a CIO, CFO or CEO.
