Insurance broker Howden has released a report examining today’s cyber insurance market, one it says is being driven by rampant ransomware attacks, higher rates and shifting regulation.
Declaring a ‘digital pandemic’, Howden says ransomware is now the predominant cyber threat confronting businesses of all sizes, with 170% more attacks having taken place during the end of 2020 than the year before.
Howden also notes how US companies that decided to pay a ransom in 1Q21 likely paid 400% more than they would have in 2019.
Meanwhile, the average cost of ransomware remediation globally increased to $1.85 million in 2021, from $700,000 in 2020; average remediation costs across a number of major markets, including the United States, now exceed $2 million.
Howden points to the proliferation of accessible and relatively low cost ransomware kits, or ransomware-as-a-service (RaaS), combined with new tactics involving the encryption and publication of stolen information, otherwise known as double extortion, as factors driving up the frequency and severity of attacks.
As a result, Howden’s report posits that global cyber insurance pricing has increased by an average of 32% year-on-year in June 2021, on the back of a 50% rise since data tracking began.
Regardless, Howden categorises cyber’s flourishing in size over a five year period as significant, with the market witnessing a doubling of Gross Written Premium since 2016.
A similar rate of expansion is predicted for the global cyber market over the next few years, which would see that figure approach $20 billion by 2025.
“Cyber risk has undergone multiple episodes of change and development in its relatively short history, but nothing quite so impactful and fundamental as the events over the last year,” said Shay Simkin, Global Head of Cyber, Howden.
“COVID-19, and all of its attendant effects on technology adoption and cyber security, combined with independent or connected changes to the loss environment, has added a big dose of complexity into an already complicated risk landscape.”
Simkin added that the cyber insurance market is currently driven by a demand and supply imbalance which shows no sign of relenting any time soon.
“Claims are up, capacity is down and underwriting profitability is, at best, under pressure,” He said.
“The impact on insurance buyers is stark; the importance of being prepared for a cyber attack has never been clearer.
“With insurers now demanding markedly higher cyber security standards before deploying capacity, businesses need analytical solutions designed specifically for them, combined with focused, expert intermediation to help them secure the coverage that meets their needs.”