The Cyber Security Industry is Changing

Coming off the heels of the pandemic, the cyber insurance market has become increasingly aware of the risks associated with underdeveloped cyber security strategies. A report published by S&P found that cyber insurance premiums amounted to more than $9 billion in 2021, a figure which is expected to increase by 25% per year.

These numbers are concerning to businesses that, in the past, might have brushed off the risk level of ransomware attacks and data breaches. But now, companies are finding it harder to secure a policy that will cover them at all. As policies go up for renewal, insurers are spending less time binding coverage and more time assessing their own appetite for risk.

Companies in the market for cyber liability insurance should expect that it will be more difficult to find a policy offering full coverage today. Given the inherent risk associated with insuring companies against a range of unknown variables, underwriters are tightening up on the level of uncertainty with which they are comfortable engaging.

S&P’s report found that strict underwriting is likely to be a mainstay in the cyber liability market, a characteristic underscored by policies that contain delicate wording intended to control risk in a world where unpredictable factors lead to many unknowns. In the report, it was stated that:

“The big challenge for (re)insurers in developing this wording lies in the need for continual reassessment of shifting risk exposures, which necessitates dynamic contract conditions and coverage concepts – both of which are likely to be enduring characteristics of the cyber insurance industry.”

International conflict has taken certain stage in the struggle of businesses to obtain cyber insurance. As the war between Russia and Ukraine carries on, government organizations are becoming increasingly wary of the threats posed by loopholes in technology. For the insurance industry, this means that policies must be hyper specific. According to the report:

“At the heart of the issue are so-called war exclusions, which were designed to exclude claims arising from physical or kinetic war, but which have proven ill-suited to the context of cyber warfare.”

S&P claims that the definition of “war” is evolving. What was once a reference to physical combat is now broadening its scope to include attacks that happen entirely virtually. “That opens the door to policyholders claiming for damages that are a result of a conflict or to insurers seeking to apply war exclusions to cyber claims simply because there is a major conflict underway.”

At this point, the Cybersecurity & Infrastructure Security Agency (CISA) maintains a catalog of known exploited vulnerabilities. In doing so, it is taking a proactive approach in securing its digital borders. While this is one solution, the ability to accurately predict the next cyber vulnerability loophole continues to pose a challenge across the industry.

Luckily, the cyber insurance industry is adjusting quickly to the rapid changes that are occurring around the world. In order to adapt, the industry is changing the wording of policies as a way to stay ahead of increasingly visible threats.

The Limit Perspective

Limit is a digitally-native wholesale insurance broker working on behalf of retailers in multiple lines of insurance and across the United States. Our platform allows clients to:

  • Obtain instant quotes from top cyber insurers
  • Find up to $3M in Insurance coverage automatically
  • Receive a plan with customizable and comprehensive coverage
  • 24/7 support

Limit is building a lean, tech-enabled business that can efficiently deliver insurance policies which are tailored to the needs of individual clients. We have taken some of the first steps to revolutionizing the industry and welcome you to learn more on our website:

Please reach out and connect with us and our representatives on LinkedIn as well.