If you’re looking to renew your cyber insurance for 2023, you may be shocked to find that next year’s cost is much higher than ever before. According to research, cyber insurance costs increased by an astonishing 102% during the first quarter of 2022. As a result of these steep price increases, analysts predict that the number of companies unable to afford, or be denied, insurance will double next year.
You’re probably wondering what’s going on and what you should do. Well, you’ve come to the right place. Below, we’ll dive into the state of the cyber insurance sector, exploring the drivers behind these price increases. We’ll also give you some must-know tips to reduce your insurance premium in 2023.
Cyber insurance premium increases: a convergence of causes
A variety of factors have converged to trigger the notable surge in cyber insurance premiums, including:
The law of supply and demand
Over the past few years, cyber insurance has soared in popularity. Cyber-attacks have become more sophisticated, stealthy and successful, leading organizations to seek cover for the worst-case scenario. In line with this, the number of organizations with standalone cyber insurance cover has more than doubled.
While greater awareness among companies about the risks of cyber-attacks and data loss is undoubtedly a good thing, mounting requests for coverage has put pressure on the very fabric of the cyber insurance industry. The surge in demand has symbiotically led to higher prices.
Loss mitigation tactics
Cyber insurance is a business, and business is all about profit. Unfortunately, though, many insurers are currently running at a loss. According to S&P Global, loss ratios rose from 25% in 2020 to 72% in 2021. Alongside this, research also found that the average paid loss for a claim increased to $358,000 in 2021 from $145,000.
There are two main causes behind these losses. Firstly, with more customers means more payouts. At the same time, cyber-attacks are also increasing in their velocity and success, leading more clients to request more money from their insurers. This model isn’t sustainable, so premiums are going up.
Ransomware and supply chain risks
There’s a few types of cyber threats out there that are more costly than others. Ransomware, for example, cost organizations $159 billion in downtime alone in 2021, while supply chain incidents can disrupt numerous companies with a single attack.
These types of threats are on the rise, and are extremely costly to insurers. As a result, insurers are either hiking their premiums, or refusing to offer cover for certain types of incidents, such as ransomware and nation-sponsored attacks.
The cloud and remote working
Another trigger for insurance premiums is the rise of remote and hybrid work, which pushes sensitive data outside the boundaries of the traditional network. With data spread across multiple endpoints and numerous cloud environments, the likelihood of data breaches, leakage and account compromise are higher than ever before.
What’s an insurer to do?
Given the increase in demand, propensity for loss, and evolving sophistication of cyber-attacks, it’s easy to see why insurers are hiking up their premiums and reducing coverage. If they don’t, they could go out of business.
But this isn’t helpful for businesses, who are now having a hard time finding affordable premiums with sufficient coverage.
All is not lost, though. There are a few things you can do to reduce premiums. Insurers have started to set specific terms and conditions regarding cover. They’ll only insure companies with a solid cybersecurity posture. The lower your risks and the better your defenses, the more likely you are to obtain cover.
Steps to reduce your insurance premium in 2023
The recent shift in the insurance market is an opportunity for organizations to reassess their approach to cybersecurity. If you’re relying on cyber insurance alone to recover from an attack, you need to think again. Instead, you should build up proactive defenses, and consider your cyber insurance a last resort–and hopefully one you won’t have to use.
At the same time, building your defenses will also help to reduce your premiums, meaning investing in cybersecurity really is a win-win. Here are ten steps to take:
- Implement multi-factor authentication, along with robust password policies to combat account takeover attacks
- Move towards a zero-trust architecture
- Deploy data loss prevention in your collaboration tools to reduce data leakage and theft in the cloud
- Make use of user behavior monitoring solutions to identify potential intruders
- Deploy anti-virus and anti-malware technology to catch and quarantine potential ransomware threats
- Educate users on common security threats and compliance requirements
- Design an effective incident response plan
- Follow a regular vulnerability management and penetration testing program
- Backup your data!
- Consider achieving a security standard like SOC 2 or ISO 27001