Many small and medium-sized businesses are new to the idea of cybersecurity insurance. Originally created for large companies in the 1990s, it protected against data processing errors and online media issues. Today these policies cover expenses related to data breaches, like resolving malware infections or compromised accounts.
Cybersecurity insurance policies will cover the costs for things like:
- Recovering compromised data
- Repairing computer systems
- Notifying customers about a data breach
- Providing personal identity monitoring
- IT forensics to investigate the breach
- Legal expenses
- Ransomware payments
The frequency and expense of data breaches are increasing, with 2021 setting a new record for the most recorded breaches. In the first quarter of 2022, breaches were up 14% over the prior year, affecting not just large enterprises but also small businesses, which often suffer more significant losses. In fact, about 60% of small businesses close down within 6 months of a cyber incident.
As result of the growing threat, the cybersecurity insurance industry is constantly evolving, and businesses must stay informed about the latest trends to ensure they have adequate protection.
Here are some of the key cyber liability insurance trends to be aware of:
Increased Demand & Premiums
The global average cost of a data breach is $4.35 million, while in the U.S. it is $9.44 million. Cybersecurity insurance is becoming increasingly important for companies, as the costs of breaches continue to rise. Without insurance, a single breach could have detrimental effects and cause the business to fail.
As demand for cyber security insurance grows, more options will become available to those seeking coverage.
Due to the rise in cyberattacks, insurance payouts have also increased, leading insurance companies to raise their premiums. In 2021, cyber insurance premiums increased by 74%, mainly due to the high costs of lawsuits, ransomware payouts, and other remediation.
Insurance carriers are unwilling to incur losses on cybersecurity policies, hence the price hike, despite the policies being more necessary than ever.
Reductions in Covered Risks
Certain types of insurance coverage are becoming harder to obtain, such as protection against “nation-state” attacks. These attacks are carried out by governments with ties to hacking groups, and can affect both individuals and businesses. In 2021, 21% of these attacks targeted consumers and 79% targeted enterprises. If an insurance policy excludes coverage for nation-state attacks, it is important to exercise caution.
Some insurance policies are no longer covering ransomware attack payouts due to the increasing frequency of attacks. From Q1 to Q2 of 2022, ransomware attacks rose by 24%. This has put pressure on organizations to have a solid backup and recovery plan in place to avoid relying solely on insurance carriers for payment.
Tougher Qualification Guidelines on the Rise
Cybersecurity insurance eligibility is becoming stricter, and insurance carriers are hesitant to cover companies with inadequate cyber hygiene. Simply wanting coverage does not guarantee qualification.
Insurance carriers consider several factors, including:
- Network security
- Use of things like multi-factor authentication
- BYOD and device security policies
- Advanced threat protection
- Automated security processes
- Backup and recovery strategy
- Administrative access to systems
- Anti-phishing tactics
- Employee security training
When applying for cyber insurance, you may need to fill out a lengthy questionnaire that includes questions about your cybersecurity situation. To make the process easier, consider having your IT provider assist you. By reviewing the questions together, your IT partner can identify security enhancements that may reduce your premiums.
Doing a cybersecurity review before applying can save you time and money, while strengthening your defenses against cyberattacks.
Confused About Cybersecurity Policies? We’ve Got Your Back!
Cybersecurity insurance can be complicated, and even a single incorrect answer on an application can result in unnecessarily high premiums. To ensure you make informed decisions, we offer consultations to explain policy details and provide guidance.
Give us a call if you’re considering cybersecurity insurance.