Just as cyber threats continue to evolve, the role of cyber insurance will also evolve in the new year. Cybercriminals are constantly shifting tactics and methods of attack, so cyber insurers and companies must be prepared to pivot quickly. Here are four critical predictions for the cyber insurance market in the coming year.

Increased Regulatory Scrutiny of Cyber Risks and Protections

Cyber security is more than a business hazard; it ultimately threatens society. As a result, regulators will likely step up and become more involved in mitigating and addressing cyber risks. 

One of the most hotly debated issues is the efficacy of paying cyber ransoms. In 2021, U.S. banks processed an estimated $1.2 billion in likely ransomware payments, a threefold increase over the previous year. Several states have already implemented bans to prevent public entities from paying ransoms. While there is no federal law, additional regulations are on the horizon as states and the federal government look to find ways to protect consumers and prevent cybercrime.

More Specialized Underwriting Requirements for Cyber Insurance Policies

As insurance companies deepen their knowledge of various risks facing different industries, underwriting requirements will likely become more sophisticated as they move in tandem with advanced cybersecurity risks.

Instead of leaning on general language around cyber policies, insurers will adjust their approach to be more specific and call out various risks and exclusions. Policies will become more tailored to the individual company, and insurance companies will become strategic advisors rather than service providers. By working closely with companies and businesses to fully understand potential risks, insurance companies are a trusted, forward-thinking resource that more leaders and organizations will leverage.

Escalating Risk of Fraudulent Funds Transfer Claims

Ransomware typically grabs the headlines, but fraudulent funds transfers should not be ignored. This attack averages $90,000 in losses per claim and must be addressed. Fraudulent funds transfers occur when a cybercriminal convinces someone to send money to a bank account the criminal controls. Whether the criminal impersonates a trusted contact or hacks someone’s inbox to request the funds, they initially appear legitimate before requesting the funds be transferred to their account.

One of the key ways to prevent this type of cyberattack is employee training. Educating employees on what to look out for in this situation will make them much more aware of the issue and skeptical of any fund transfer requests. 

Agility Will be Vital in 2023

New and novel cyber threats are constantly around the corner – it’s up to insurers, security experts, and businesses to anticipate and address these possibilities to stay ahead of the curve. The industry predicts new and evolving threats to infrastructure, cloud-hosted environments, operational technologies, and financial platforms. But what these threats look like remains to be seen.

A recent study found that 69% of businesses expected to spend more on cybersecurity in 2022, illustrating that IT and data security is rising on the list of business priorities. With increased investments in security, many businesses will hopefully be better prepared to weather whatever cybersecurity storm is ahead, but it’s challenging to prepare for a threat when you don’t know what form it will take. Businesses, insurers, and data security professionals must be ready to be nimble and decisive to tackle up-and-coming threats before they strike.

2023 Will be the Year You Get a Cyber Insurance Policy 

In just a few minutes, eSpecialty can provide you with multiple cyber insurance quotes from top insurance carriers, all online. If you have questions about your cyber insurance needs, get in touch with us for a conversation about your business and what type of coverage is right for you. Our team has the expertise to walk you through potential risks and how your policy can help mitigate potential cyber threats. What are you waiting for?