The Expert Podcast

Introduction to Cyber Liability Insurance:
  • The market for cyber liability insurance is growing rapidly, projected to experience a 25% annual growth rate, reaching $22.5 billion in the next few years.
  • In 2021, cyber insurance premiums hit $9 billion, a significant milestone for a relatively new insurance line.
  • Why the Growth?
    • Businesses of all sizes recognize the importance of mitigating cyber risks.
    • Cyber insurance is becoming a necessity for companies to protect themselves against cyber events, including data breaches and ransomware attacks.
  • Challenges for insurers:
    • Increased frequency and severity of cyberattacks have led some insurers to hesitate or reduce their appetite for underwriting large risks.
    • Growing systemic vulnerabilities, due to the exponential increase in connected devices, make it easier for hackers to exploit company networks.
    • Examples of vulnerabilities include:
      • Computers, modems, routers, and wireless devices.
      • IoT devices like phones and even smart smoke detectors.
  • Impact on Policyholders:
    • Insurers are introducing contract conditions to encourage companies to adopt preventive measures and share responsibility for losses.
    • Key measures include:
      • Multi-factor authentication (MFA).
      • Regular updates and patches for software and hardware.
  • Benefits of Robust Underwriting:
    • Helps insured companies prevent cyber incidents.
    • Ensures policies remain available and affordable by reducing excessive losses for insurers.
  • Takeaway for Businesses:
    • Developing a strong mitigation plan is critical, whether initiated by the company or required by the insurer.
    • Prevention not only protects against cyber threats but also ensures continued access to reasonably priced cyber insurance policies.
Tune in to learn more about how businesses can navigate this evolving landscape and protect themselves effectively! 

What is The Expert Podcast?

The Expert Podcast brings you firsthand narratives from experts across diverse industries, including private investigators, general contractors and builders, insurance agencies, vehicle specialists, lawyers, and many others.

The market for cyber liability insurance is facing a crossroads. The growth and the increase in that industry are projected to be huge over the next few years. But at the same time, unless there are changes to how these products and policies are underwritten, there may be a problem in getting it out to the masses. What do we mean by that? Well, the last calendar year, 2021, showed that cyber insurance premiums reported came in at nine billion dollars. That's a very significant number for a single line of commercial insurance. Many other types of insurance that have existed for many years took quite a bit longer to get to that level of coverage.

What about the future growth? Well, they're projecting it's going to keep increasing 25% per year to 22 and a half billion, more than double in the next couple of years. Think about it: there's really no other commercial line of insurance market that grows at that rate—25% per year. That's huge, and that's because buyers, markets, and consumer customers recognize the importance of having this type of risk mitigated in their company. If you're a small business, medium business, or large business, you're starting to recognize you can't go without this cyber insurance policy. You're going to be in big trouble if you have some type of event that messes up your company because of a cyber loss.

So, that's the good news: people are recognizing this risk. The bad news is a growing number of insurers are hesitating to underwrite large risks, and some have decreased their appetite due to the frequency and severity of cyber attacks. Whether you're currently insured under a cyber policy or not, understand that the insurance companies are recognizing the increased frequency and severity of cyber attacks and systemic vulnerabilities. This is happening because there are more attacks, but also because the cyber attack vector is bigger now. Every company has, like we have behind them, multiple computers, modems, routers, and electronic devices. Sometimes they're wireless devices, sometimes they're 5G devices. Every year, every company increases exponentially the number of devices on their network. Even phones are on your network; sometimes your smoke detectors are on your network. All of those represent an attack vector to your company and network.

This is making it easier for hackers to get into company electronic systems, technical systems, and wreak havoc—do damage, do ransomware. So, if you're a company, you're not immune to this happening to you. Most companies recognize this, and that's why the cyber insurance market is growing 25% per year, but the underwriting hasn't kept up with that. Many insurers are developing wording to shift risk exposures. What that means is there are contract conditions that make the company, the insured, be equally responsible for the loss. Now, that doesn't necessarily mean as an insured you have to pay for losses, but what it is doing is making sure that the policyholders are aware that they need to do prevention and reasonable due diligence—not make it easy for hackers to get into your network. That's part of your policy commitment.

For example, you might have to make sure that you have multi-factor authentication in place, updates and patches on all your software, and patches on your hardware. So, the insurance market for cyber, having more robust underwriting, is a good thing because it helps insureds prevent an issue from happening in the first place. But also, it keeps your policy availability in place because the insurers aren't realizing significant or excessive losses. If they did, they would just either have to cancel policies or charge more money for them, and that might not make it affordable for some companies. Having a very good mitigation plan in place, whether it's initiated by your insurer or by your company itself, is a good way to keep your policy availability and pricing at a reasonable level.