Lead Forensics
Cyber Blog with Gamze Konyar

Blogs

The Big Question: is the cyber insurance market starting to soften in the face of increasing risks?

26.06.24 The Big Question

It has been just over a month since three of the UK’s main insurance associations joined with the National Cyber Security Centre (NCSC) to look to strengthen the sector’s approach to ransom payments.

The release of a joint guidance is designed to cut cyber criminals’ profits by improving market-wide ransom discipline and reducing the number of ransoms being paid by UK ransomware victims. 

The cross-sector coalition comprising the Association of British Insurers (ABI), British Insurance Brokers’ Association (BIBA) and International Underwriting Association (IUA) is aiming to empower organisations and associated third parties to make informed decisions when faced with ransomware, and ultimately help minimise the disruption and cost of an incident. 

Ransomware remains the biggest day-to-day cyber security threat to UK organisations with attacks rising and the ransomware model continuing to evolve. The NCSC continues to strongly discourage the payment of ransoms, alongside law enforcement partners.

The group said at the time paying a ransom does not guarantee the end of an incident nor the removal of malicious software from victims’ systems, but it does provide incentives for criminals to continue and expand their activities.

IUA Director of Public Policy Helen Dalziel said: “The payment of ransoms in response to cyber-attacks is on a downward trend globally. Businesses are realising that there are alternative options and this guidance further illustrates how firms can improve their operational resilience to resist criminal demands.”

Whilst insurers and brokers are keen to get the message across the market remains in a state of flux. Resilience is a major theme as insurers look to stop cyber risks before they become costly events, but it remains a dynamic environment with geopolitical risks giving rise to state backed events on core infrastructure targets in major economies.

Ian Summers, Global Business Development Leader, AdvantageGo.

Head of cyber at Marsh Europe, Gamze Konyar, says there are signs that the market is starting to soften but despite the rise in policy numbers and the greater threats, claims are not seeing a sudden increase.

Konyar and her team have been tracking the market trends on a quarterly basis and the first six months of the year have seen premium rate reductions which are being driven by a number of factors.

The second quarter of the year has seen on average 10% reductions in the rates being asked of clients by insurers at renewal. It has seen 60% of Marsh’s European clients benefit from a reduction in premiums at renewal in the past three months, a figure that is twice the size of the percentage that received reductions in the final quarter of last year.

“What I can say is that the market is currently buyer friendly,” she explains. “We are seeing more innovation and customisation in terms of the policies which are being offered to our clients.”

A period of price increases in recent years has delivered solid returns and has encouraged new markets into the class.

“They are bringing capacity and competition into the market and this has prompted talks around a softening market,” Konyar adds. “We are seeing more innovation and customisation in terms of the policies which are being offered to our clients.”

However, Konyar cautions that the market was still fighting a battle to increase its penetration levels. The biggest concern remains the inability for the market to engage with SMEs at a time when cyber-attacks show no sign of decreasing, and Europe is looking to see how it is looking to better regulate a range of cyber risks including the use of Artificial intelligence (AI).

“We have to face the fact that cyber is not going anywhere,” she says. “Our reliance on technology systems and the ever more complex supply chain creates new risks.”

Konyar reveals that discussions in the cyber market continue to revolve around the ongoing concerns that a single event or several connected events which impact a large number of insured simultaneously. She continued, ”While the likelihood and real-world viability of such events are uncertain, the possibility alone has led to reactions in the cyber market. Geographical tensions have added to the uncertainty.”

However, advancements in aggregation modeling, improved exclusionary language, profitability of cyber insurance, and stronger security measures by insureds are increasing confidence in deploying capital through traditional insurers and capital markets, thus bringing the softer market.

And while insurers are looking to innovate for businesses Konyar says companies were still struggling to understand, measure and manage their cyber risks.

“There is a need to bridge the gap between the cyber security teams and the insurance staff within a business.

“Insurance plays a vital role in protecting businesses against cyber risks,” she continues. “However, we do not see any real adoption by SME clients and unless we address their needs and create solutions that they find attractive we will not be able to establish a cyber resilient economy.”

Konyar adds that the emergence of generative AI has the potential to affect the market.

“When it comes to cyber security, generative AI will help the attackers but it will also help the defenders,” she explains. “As of now, we do not see any exclusions for generative AI use.”

Konyar adds: “Governments and regulators are recognising the risks that AI could potentially pose and they are looking to implement regulations to increase resilience.”

However the recognition that businesses need to enhance their cyber security is also creating a skills gap, Konyar comments. “Companies are looking at attracting and retaining diverse workforces. And a diverse team can bring with it the skills needed to tackle the challenges.”

She adds that insurers are now looking at ways in which they can support clients in protecting their businesses from attacks.

“There is a growing trend within the industry to share data and information around losses and how they can be prevented.”

Marsh’s claims data shows that financial institutions remain the sector which has received the largest number of notified incidents with data breaches making up the majority of those claims.

However there has been a noticeable fall in the number of claims in the manufacturing sector since 2001.

Konyar adds that the threat is changing with cyber criminals now looking to scale their efforts.

“The aim is to make one breach which allows them access to information that can be used to extort a large number of companies,” she explains. “We have seen cyber extortion rates fall thanks to an overall increase in resilience and back up hygiene.

“Companies are looking to become more resilient and strengthen back up hygiene. Those back ups need to be isolated from your systems. If the criminals can access the back up via your systems, they will delete the back up and you have no option but to pay.”

Latest Insights

DISCOVER HOW ADVANTAGEGO
CAN AUTOMATE PROCESSES AND REDUCE COSTS