The surge in cyber attacks is impacting Cyber Insurance pricing and underwriting now, leading to higher prices for SMBs (small and medium-sized businesses).
According to Corvus (here), ransomware claims have increased 69% in 2023 and now account for 19% of all Cyber Insurance claims. An Insurance Journal article (here) includes a comment from Joshua Motta, co-founder and chief executive officer of insurer Coalition: “The ways of the past no longer work into the future, but never has this coverage been needed more.”
What can we expect in the future? Continued rate increases and tightening underwriting, for sure, but some level of competition as well. The impacts will likely be nuanced as companies continue to improve their cyber security and insurers step up risk assessments.
According to the Insurance Journal article (here) and other sources, we can expect more of the same. Specific changes include:
- Increasing demand: Demand for standalone Cyber Insurance increased 62% YOY, and will continue.
- Increasing rates: Pricing increased dramatically YOY, 15% (here) and will continue to rise.
- Tightened underwriting: Most insurers have tightened underwriting, including one insurer moving to focus on small business.
- Reduced coverage: Insurers are moving quickly to limit coverage for certain types of claims, such as removing any coverage for ransomware extortion payments or limiting coverage for the cyber theft of funds.
- Risk mitigation: Underwriters are expecting insureds to improve their cyber security, and taking steps to ensure that security is actually effective through more thorough underwriting and third party risk assessments.
- Rate of change: Cyber exposures change quickly, and underwriters will move quickly as well in order to keep up with the most recent threats.
Corvus CEO Phil Edmundson noted (here) that they are “monitoring and making active recommendations not just once a year but throughout the year and dynamically.”
What can an SMB do to maintain comprehensive Cyber Insurance coverage at affordable pricing? A few suggestions:
Invest in cyber security: Implement strong cyber security measures, including regular backups, employee training, penetration testing, and timely patching (here).
Insurance: Not only is Cyber Insurance an essential part of your cyber security plan, a comprehensive standalone policy is a better option than add-on coverage in order to get the best available protection (here).
Third party assessments: Some underwriters package valuable risk management tools with their Cyber Insurance coverage. Use these tools to supplement your own cyber security protections.
Use an expert: Work with a Cyber Insurance expert that can thoroughly access markets and provide guidance on coverage and cost tradeoffs.
Try our online Cyber Insurance Quoting Portal for same day quotes. We look forward to working with you!