The Big Problem In The Cybersecurity Insurance Industry

The Big Problem In The Cybersecurity Insurance Industry

The cybercrime industry is rapidly growing. The number of cyberattacks is continually on the rise, and each subsequent attack proves to be more sophisticated and have adverse effects on businesses. According to Cybersecurity Ventures, the global cybercrime cost is predicted to grow by 15% per year over the next five years, reaching 6.1 trillion US dollars by 2021 and 10.5 trillion US dollars by 2025.

The year 2020 presented businesses with new challenges when it came to their cybersecurity. With the onset of the COVID-19 pandemic, businesses were faced with scaling down their operations, cutting down costs, lower profits, and the looming possibility of a complete shutdown. Organizations were also forced to shift their operations to the internet and embrace remote working. This new way of working, uncertainty, and confusion led companies to lose focus on their cybersecurity, and cybercriminals capitalized on this.

2020 Data Breaches Point To Cybersecurity Trends For 2021

According to Iomart, large-scale data breaches grew in frequency and intensity in 2020, with the number of breaches increasing by 273% in the first quarter of the year, compared to the same time in 2019. Deloitte has also reported a spike in email phishing, ransomware, and malware attacks as malicious attacks used COVID-19 as bait to impersonate brands. Beazley also reported an increase of 25% in ransomware attacks in the United States during the first quarter of 2020 compared to the last quarter of 2019.

With these statistics, it’s only logical for a company to invest in cybersecurity insurance to protect itself against cyberattacks. Cybersecurity insurance is designed to help you mitigate your losses when you experience various cyber incidents ranging from data breaches, network damage, and business interruption. But what if the sector is suffering from a slow death?

What’s The Problem In The Cybersecurity Insurance Sector?

According to Statista, cybersecurity insurance premiums are predicted to be valued at 20 billion US dollars worldwide by 2025. This is proof that the cybersecurity industry is rapidly growing. Or is it?

It appears that the momentum that has driven the industry is slowly running out. Although at its infancy, there are signs that the cybersecurity insurance industry has hit a plateau. What might likely be the cause of this stunted growth?

  • Although the number of cyberattacks continues to rise, more companies are buying less or not buying cybersecurity insurance since the economic strain as a result of the COVID-19 pandemic has caused them to view cybersecurity insurance as a luxury.
  • Cybersecurity insurance providers are wary of providing covers, and reinsurers are becoming less interested in backing cybersecurity liabilities.
  • Additionally, there is no record of historical data loss, increasing the sector’s unpredictability for all parties involved.

All these problems boil down to one root problem — there might not be enough money in the cybersecurity insurance industry.

The Cybersecurity Insurance Industry: An Unestablished And Expensive Industry

The challenge most organizations have is determining how much cybersecurity insurance they need. If it’s difficult for the buyers to figure out their exposure to cyber risks, how much more difficult would it be for insurers to understand demand?  It appears that the few years that cybersecurity insurance enjoyed immense growth weren’t enough to establish a sense of how much insurance organizations need. In fact, most organizations either don’t have enough cybersecurity insurance or any insurance at all.

The Number Of Cyber Insurance Claims Is Growing Faster Than The Number Of Policies: According to research by PSC Global Cyber, despite cyberattacks becoming more frequent and severe, insured firms with covers of at least 200 million US dollars only account for approximately 20% of what is believed to be 5 billion US dollars in global cybersecurity insurance premium. That is roughly 1.1 billion US dollars in premium. We already know how volatile the cyber environment is. With approximately 250 companies in this group, it would only take four insured losses of above $200 million to erase an entire year’s premium and likely take decades for insurers to earn back those losses.

Costly Cyber Insurance Claims Could Lead To Higher Premiums In 2021

Let’s consider the 40 companies with covers of at least 500 million US dollars; only two losses above that amount would wipe out a year’s premium and likely take half a century to recover from those losses. Even for the 500 companies with coverage worth 100-199 million US dollars, it would only take a handful of losses to erase the 1.44 billion US dollars in premium.

In the cybersecurity insurance industry, it appears that the pricing is low while the risk is high. There is no way this sector can continue to grow at its previous aggressive rate. On this basis, it may seem that it’s not worth it for insurers to provide protection for cybersecurity risks — leading to a shortage of cybersecurity insurance.

What Should Businesses Do?

For companies worried about their cyber risks and cyber insurance availability, the ideal course is to have a plan and shift their thinking. Instead of looking at your insurance as a yearly issue, you need to think about your needs.

Yes, you should still invest in cyber insurance, in part to help the sector grow, but you need to also look for alternative ways to cover your potential exposure. Buy a cover that you can currently afford and top it up with self-insurance mechanisms that range from carrying extra capital to cater to future cyberattacks by creating specific risk-financing activities that work like insurers. Over time, you may add to those partial programs, outplace self-insurance for external protection, and add to your overall insurance program.

About LeadingIT

LeadingIT offers 24/7, all-inclusive, fast, and friendly technology and cybersecurity support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 10-200 employees across the Chicagoland area.