If the recent headlines tell us anything, it's that cybercrime pays. Cybercriminals are reportedly racking up billions of dollars each year from the crimes they commit, while businesses are estimated to lose roughly $400 billion a year due to cyber hacks and attacks.
With the stakes this high, it’s no wonder the business of cyber insurance is seeing a surge.
According to a report issued by PricewaterhouseCoopers today (Sept. 14), the cyber insurance market is expected to reach $7.5 billion in annual premiums by the end of 2020 and at least $5 billion by 2018.
The “Insurance 2020 & beyond: Reaping the dividends of cyber resilience” report also stated the market is primed for disruption from those seeking to capitalize on the cybersecurity opportunity.
Paul Delbridge, insurance partner at PwC, noted that as the attention on safeguarding against damaging cyber attacks grows, policyholders may begin to question the true value they are receiving from their coverage. This could be especially true when insurers offer high coverage costs, imposed limits and strict terms and conditions.
“If insurers continue to simply rely on tight blanket policy restrictions and conservative pricing strategies to cushion the uncertainty, they are at serious risk of missing this rare market opportunity to secure high margins in a soft market. If the industry takes too long to innovate, there is a real risk that a disruptor will move in and corner the market with aggressive pricing and more favorable terms,” Delbridge said in a press release announcing the report findings.
In 2014, there was an average of 100,000 global security incidents per day, earlier research from PwC confirmed. The growing number of attacks, coupled with PwC’s finding that nearly 61 percent of business leaders recognized cyber attacks as a threat to business growth, underpins the sizable market opportunity available in cyber insurance.
Data from the technology policy division of the Financial Services Roundtable found the demand for cyber insurance rose by 21 percent across all industries, with the biggest increase in coverage buying rising 29 percent for financial institutions.
Cyber insurance policies are offered by more than 70 carriers, according to a Gartner Research report, and include liability coverage for exposing confidential information, paying to notify customers of a breach and providing them with credit-monitoring services, Lou Shipley, CEO at Black Duck Software, recently stated in an article he wrote for The Wall Street Journal.
But PwC’s report suggests insurers, reinsurers and brokers may have to enhance their offerings in order to keep up with growing competition in the market.
Providing a better understanding of the developing cybersecurity threats to policyholders was just one of the recommendations the report offered. This can be done through identifying concentrations of systemic risks, assessing trends and monitoring the probable losses as new types of cyber attacks arise.
The report also points to the importance of partnering, sharing and coordinating, both within and outside of the cyber insurance industry. Partnering with technology companies as well as data sharing between insurance firms are both viable ways for insurers to coordinate risk management solutions and encourage accurate pricing, PwC said.
“For insurers, cyber risk is in many ways a risk like no other. It is equally an opportunity. Insurers who wish to succeed will base their future coverage offerings on conditional regular risk assessments of client operations and the actions required in response to these reviews. A more informed approach will enable insurers to reduce uncertain exposures whilst offering clients the types of coverage and attractive premium rates they are beginning to ask for,” Delbridge explained.
He also pointed to the importance of insurers investing appropriately in their own cybersecurity measures, given the “huge volume of medical, financial and other sensitive information they hold, it is critical that insurers have closely monitored, highly effective cybersecurity frameworks in place.”