Cyber Insurance Has a Big Problem

Cyber Threats are now Global in Scale

By all accounts, the geopolitical landscape of the early 2020s is more unstable and less predictable than at any other point in near history. The Russo-Ukraine conflict, trade war with China, and after-effects of a global pandemic all contribute to an increasingly precarious position for the American public and private sectors. One of the largest threats to American business today is global cyber-terrorism which cost the United States nearly $1.8 billion in 2019 and saw a 105% increase between 2020 and 2021, according to U.S. Government statistics. (Source: U.S. Government Accountability Office)

What is Cyber Terrorism?

Cyber terrorism is defined as any technologically-driven attack made with the intent to compromise business operations, information storage protocol, or general corporate/public infrastructure. More often, these attacks are carried out by quasi-national organizations backed by their governments, including Russia and China. Recent examples of cyber attacks in the United States include the 2013 Target data breach by a Ukrainian hacker, the 2017 Equifax data breach by Chinese nationals, and the leak of the Democratic National Committee emails during the 2016 Presidential election by a Russian state-sponsored organization .

Threats from National Actors

China and Russia are large sponsors of international cyber attacks. According to the U.S. Office of the Director of National Intelligence 2021 Annual Threat Assessment, "China presents a prolific and effective cyber-espionage threat, possesses substantial cyber-attack capabilities, and presents a growing influence threat." The Assessment states that "China can launch cyber attacks that, at a minimum, can cause localized, temporary disruptions to critical infrastructure within the United States." The Microsoft Exchange server exploitation in July 2021 was attributed to China, and four Chinese cyber actors were subsequently indicted for theft of trade secrets, intellectual property, and other high-value information. (Source: Cybersecurity & Infrastructure Security Agency)

Russia has also conducted several sponsored cyber-attacks, including the recent NotPetya hack of Ukraine’s business security infrastructure. This attack caused over $10 billion in global economic fallout and directly impacted Mondelez International, a Chicago-headquartered packager of Oreos and Triscuits, among other snack foods. Mondelez lost nearly $100 million in the attack and has spent considerable time rebuilding its brand and reputation. In February 2018, the White House called NotPetya a “reckless and indiscriminate cyberattack” on the part of the “Russian military” and “the Kremlin.” (Source: Chicago Federal Reserve)

Business Response to Cyber Attacks

In the face of increasing uncertainty, American businesses have acquired cyber insurance at a frantic pace. 47% of companies opted for cyber insurance policies in 2020 compared to only 26% in 2016. (Source: U.S. Government Accountability Office)  

As demand has increased, cyber insurance policies have also become more institutional in nature, with wide ranges of coverage available and greater flexibility. For example, most cyber insurance policies can now cover many of the indirect costs associated with a data breach or cyber-attack, including lost revenue, crisis consulting, and customer recovery and support programs. Cyber insurance programs also offer greater coverage limits and can accommodate small-scale family-owned to large enterprise businesses.

However, increases in demand have also led to higher prices. The cost of cyber insurance has increased, with more than half of the participants surveyed reporting that their costs increased from 10% to 30% in late 2020. We have seen policies increase more dramatically, sometimes over 75% to 100%. Cyber insurance underwriting requirements have also become more stringent, with businesses often having to meet a greater number of prerequisites for approval.

While the market may now be starting to level out, we still recommend that business owners lock in their cyber insurance quotes as soon as possible given the increasing threat of cyber terrorism. (Source: U.S. Government Accountability Office)  

The Limit Perspective

Limit is a digitally-native wholesale insurance broker working on behalf of retailers in multiple lines of insurance and across the United States. Our platform allows clients to:

• Obtain instant quotes from top cyber insurers
• Find up to $3M in Insurance coverage automatically
• Receive a plan with customizable and comprehensive coverage
• 24/7 support

Limit is building a lean, tech-enabled business that can efficiently deliver insurance policies which are tailored to the needs of individual clients. We have taken some of the first steps to revolutionizing the industry and welcome you to learn more on our website: www.limit.com
Please reach out and connect with us and our representatives on LinkedIn as well.