Howden’s newest annual report on cyber reveals that higher loss frequency and severity from ransomware have caused such an extreme supply-demand imbalance the average cost of cover is more than double what it was last year.
The report, A Hard Reset 2.0, looks at developments that have shaped the market in the past year – including ransomware trends (and vulnerabilities), risk aggregation, the Ukraine war, economic sanctions and the spectre of cyber warfare – and assesses how the insurance market has performed through this period of flux.
According to the report, the annualised number of global ransomware incidents was up 235% in 2021 compared to 2019, with average US ransom payments rising by 370% over the same timeframe.
Shay Simkin, global head of cyber at Howden, said: “Market conditions remain difficult, but two potential tailwinds may help companies and insurance carriers as this year progresses. The first is off the back of more favourable ransomware trends following underwriting and risk management actions taken in response to increased ransomware frequency and severity. Companies are more resilient to ransomware attacks today than they were this time last year.”
He added: “The second, the war in Ukraine, is a lot more unpredictable, but it appears the conflict has so far dampened cyber frequency further as both warring sides focus their efforts on conventional warfare. This could of course change in an instant – for example, a ceasefire, a large-scale cyber attack, pressure on Russia’s government to find new revenue streams as economic sanctions bite – but for now insurance claims are down compared to last year. All of which raise important questions around the prioritisation and efficacy of cyber operations during wartime.”
Howden said that these dynamics will play out over the rest of the year and will be instrumental in shaping the pricing environment. The most extreme rate increases across the entire market, the firm said, has been in cyber, when it saw average annualised increases of more than 120% in Q4 2021 and Q1 2022.
The firm also said that cyber has been dynamic, reflected in its ability to respond to the invasion by Russia of Ukraine. It said that both countries contain the worst actors for ransomware and while the conflict has seemingly reduced the frequency of attacks in the short term, its very volatility means that it could spark at any time.
And Howden raised concerns over the payment of ransomware demands originating from the Russian state, questioning whether this could be limited by economic sanctions.