Demand for cyber insurance has increased - but so has the price 

Cyber insurance ”prices keep going up”, according to Paul Mang, chief innovation officer at software company Guidewire.

Research published by broker Howden Group in June 2022 supports Mang’s view. Its report - entitled A hard reset 2.0 - found that the cost of cyber insurance premiums has more than doubled year-on-year. It attributed this uptick to “an extreme supply [and] demand imbalance” in the cyber market. 

Similarly, broker Marsh has also noted that cyber insurance prices have skyrocketed - its June 2022 Cyber trends report 2021 revealed that average price increases for cyber cover rose from 28% in Q1 2021 to 109% in 2021’s Q4.

Mang told Insurance Times: “Prices keep going up. But to solve that, there must be more confidence in deploying capital.”

This is a particularly pertinent point considering that interest in cyber insurance is growing, according to Mang - he believes that insurers must prepare to write more of this type of business.

He said: “We should be focused on educating and explaining why people need cyber insurance. Also, do we have confident capital that can go in and address this? [Insurers] must have the analytics to be able to make the selection and manage the capital.”

Market yet to fully mature 

The cyber insurance sector is considered to still be an immature market because cyber threats and risks are constantly and continually evolving. Mang mused that the cyber market has a way to go before it can attain “some level of maturity”.

Mang continued: “I just don’t think we are even close to where it can be - maybe more risk transfer should be happening. In terms of risk transfer, we are only at the beginning stages of where it will be.

“We call it cyber [risk] now, but we are effectively protecting data and intangible assets.”

Mang added that the next growth spurt for the cyber market will be crucial - this could lead to cyber insurers covering different risks than they do today.

As an example, new, digitally focused business models arising from the Covid-19 pandemic - including ”work from home” and a greater ”reliance on technology” -  has created new risk considerations for the cyber insurance sector, Mang continued.

“More digital technology opens more potential exposure,” he explained. ”There’s a lot of work going on with advisory and other professionals looking at re-managing supply chains. They want more redundant sources, less tightly coupled supply chains. People are thinking about what the cyber threat implications of [new business models] might be.”

Risks to watch 

As well as having to cope with evolving and developing risks, the ongoing conflict between Russia and Ukraine has put further pressure on the cyber insurance market.

For example, Lloyd’s of London warned last month about the growing risk of state sponsored, geopolitically motivated cyber attacks.

Marsh’s April 2022 report, Global insurance market index, additionally stated that many insurers have tightened their cyber cover terms and conditions in response the the war. 

Also in April 2022, insurer Aviva urged SMEs to “step up” their cyber security during the conflict, due to the fact that online attacks were on the up.

The government’s National Cyber Security Centre, meanwhile, has asked all UK organisations to bolster their online defences because of recent viruses and the hacking of Ukrainian organisations.

Mang said increasing cyber security is “prudent to do”.

“We should consider the environment and how much value is embedded in the current digital model’s data,” he added.

Aside from the Russia-Ukraine war, Mang noted that stories such as the Tinder Swindler “are a reminder that social engineering can be incredibly powerful”. He added that insurers should therefore ”be thinking about how they [can] proactively add value to their customers’ lives”.

The Tinder Swindler, Simon Leviev, allegedly defrauded a series of women he met via dating app Tinder out of around $10m (£7.9m). Netflix made a documentary about the case. 

Alongside looking at cyber security, laws such as the Online Safety Bill will also help to tackle cyber threats, Mang said. The bill is expected to be passed into law in 2023.