The digital world is a minefield for insurers at the moment, with giants AXA, CNA Financial, Tokio Marine and Marsh & McLennan suffering cyberattacks in 2021 alone. Against this backdrop, cybersecurity revenues in the insurance sector are set to grow at a compound annual growth rate of more than 10% from $6.4 billion in 2020 to $10.6 billion in 2025, forecasts GlobalData, a leading data and analytics company.
GlobalData’s report ‘Cybersecurity in Insurance’ reveals that insurers must navigate the theme cautiously or risk suffering reputational damage from either a data breach or refusing to make a cyber insurance payout.
Amrit Dhami, Thematic Research Associate Analyst at GlobalData, says, “Inevitably, the swift digital transformation of the insurance sector is driving the rise in cyber risk. The sector is rapidly adopting digital technologies including cloud, the internet of things, artificial intelligence, and data analytics to compete with insurtechs, meet consumer demands for personalization and convenient digital interfaces, and in response to the COVID-19 pandemic.
“The Russia-Ukraine war has increased the likelihood of state-sponsored cyberattacks that target critical infrastructure, military operations, and businesses. Such attacks not only target insurers but lead to expensive payouts and damage the reputations of those reluctant to pay. This was the case for Ace American, which was sued by its client Merck in 2022 for failing to cover its losses during the 2017 NotPetya ransomware attack.”
GlobalData’s SME Insurance Survey 2021 (sample size 2,001 SMEs) concluded that cyber insurance uptake among UK SMEs fell from 12.6% in 2020 to an even lower 11.2% in 2021.
Dhami concludes: “Of course, it is not just insurers that are facing a higher cyber risk, and it all feeds back into the insurance sector through the cyber insurance product. Cyber insurance is now far riskier for insurers to provide, with some ransomware gangs reportedly targeting businesses with cyber insurance policies as they are more likely to pay a ransom. It is thus no surprise that the likes of AXA and AIG are rethinking their cyber policies to mitigate the higher risk of a payout through higher premiums and/or reduced customer coverage.
“Simultaneously, fewer SMEs are looking to purchase cyber insurance due to the cost-of-living crisis and rising overheads, making it harder for them to afford the coverage. This issue is only being exacerbated by insurers putting up their cyber insurance prices.”