The cost of cyber insurance increased 32% last year and shows no signs of easing

The cost of insurance to protect businesses and organisations against the ever-increasing threat of cybercrimes has soared by a third in the last year, according to international insurance brokers Howden.

It found that global cyber insurance pricing has increased by an average of 32 per cent in the year to June. Not only are premiums going through the roof, insurers are also attaching more strings to their policies, demanding ever more assurances that firms taking out cover have the necessary systems and processes in place to prevent a cyber mishap.

According to Howden's Cyber Insurance: A Hard Reset the upward squeeze on premiums shows no sign of easing, which, in turn, is putting more strain on the sector. Shay Simkin, Global Head of Cyber at Howden, said: "The cyber insurance market is currently driven by a demand and supply imbalance which shows no sign of relenting any time soon. Claims are up, capacity is down, and underwriting profitability is, at best, under pressure. "The impact on insurance buyers is stark; the importance of being prepared for a cyber attack has never been clearer."

Last week, a report by the Royal United Services Institute (RUSI) – Cyber Insurance and the Cyber Security Challenge – warned that the spike in ransomware attacks had led to some insurers wondering if they should pull out of the market.

There are also concerns that firms are relying too heavily on their insurers to pay out in the event of an attack to get their data back – an approach that makes insurers nervous, adding to the current squeeze.

Jason Nurse, a senior Lecturer in cybersecurity at the University of Kent and co-author of the report, told The Register: "I think, based on what we've found, cyber insurance is not that silver bullet that maybe people were hoping or thought it was." It seems no one is immune from cyber villains breaking and entering with a digital swag bag over their shoulder.

In May, it was reported that CNA Financial, the US insurance conglomerate, had paid $40m to ransomware operators to gets its files back following a digital break-in in March. At around the same time, Paris-based insurance giant Axa said "non" to French companies looking to buy its cyber insurance amid concerns that paying out when trouble hits was contributing to the explosion in cybercrime. Axa was then itself the subject of a ransom demand after falling foul of miscreants.

Source: The Register