Share with your friends
Computer data center server

Lead in cyber insurance

Lead in cyber insurance

Cyber insurance: An opportunity to lead in a growing market

Cyber attacks are on the rise. Hackers are increasingly looking to take advantage of security vulnerabilities to steal valuable customer data, including financial details and sensitive personal information. For corporations, the impact of these attacks goes far beyond data loss. From significant public relations fallout and loss of customer trust to stiff regulator penalties, a single successful cyber attack can paralyze a corporation's operations, and damage their reputation and profitability for years to come.

Yet, despite very real risks of cyber attacks, many corporations struggle to know how to respond appropriately. In KPMG's 2018 Global CEO Outlook, many CEOs believe a cyber attack on their business is inevitable, with 68% of US-based CEOs saying it's just a matter of time. However, only 51% of CEOs worldwide believe they are well prepared for a cyber attack.

Today, businesses of all sizes struggle to identify, assess vulnerability for, and respond to the explosion of digital threats and targeted cyber attacks. This is a significant gap — and one that insurers can help corporations bridge.

Cyber insurance gaining ground

The cyber insurance market is a small but growing part of the insurance sector that helps corporations protect against digital threats. Allianz estimates that cyber insurance currently represents about US$2 billion in premiums worldwide, with the US market accounting for approximately 90% of that total. However, as the incidence rate of cyber attacks continue to climb — and corporations are increasingly in the news for losing their customers' data, effective cyber coverage becomes an increasing corporate priority. Cyber insurance premiums globally are expected to reach US$20 billion by 2025 (A Guide to Cyber Risk, Alianz).

This growing need, market, and corresponding awareness of risk creates a significant opportunity for insurers willing to move now to capture market share and build customer trust.

The challenges of cyber coverage

Despite the scale of the opportunity, providing cyber insurance is not without its complications.

While most insurance products are based on decades of actuarially sound, aggregated, and shared data, cyber insurance is more risky. Not only is this type of insurance far newer, but the information surrounding associated risks and vulnerabilities is also more fragmented. One way that insurers can better understand and price for cyber risks is through the GDPR regime, which compels certain firms to make mandatory declarations of data. However, the extent to which insurance companies will obtain access to this disclosed GDPR data, both now and in the future, is not currently clear.

Assessing the risk of and coverage against digital threats is also difficult, with many insurers challenged by the complexities of pricing cyber insurance products. There is also uncertainty in the market as to whether businesses have coverage against cyber attacks as part of current policies, and if so the degree of coverage provided.

Another factor to consider is that, as businesses in possession of significant volumes of highly sensitive customer data, insurance companies are themselves prime targets for cyber attacks. As insurers transform legacy systems and manual processes to become more reliant on new technologies and platforms, the corresponding risk of attack and need for cyber security grows. This means that cyber security must become a priority for all insurers, regardless of the client base served or type of coverage provided.

Four steps to increasing awareness and uptake

For insurers looking to increase awareness and uptake for this burgeoning form of insurance, consider the following four steps:

  1. Be proactive. By proactively measuring clients' current data security maturity level, insurers can estimate the potential impacts of a cyber attack on the business and its clients before an attack occurs. Not only does this work provide value to individual clients and reduce individual risk areas, but it also helps shape the structure and pricing of cyber insurance products moving forward. 
  2. Educate. Despite the growing rate of cyber attacks, some customers are not fully aware of the potential risks, associated impacts, or available coverage. Clear and targeted education campaigns that focus on cyber risks and mitigation strategies can help clients understand the need for coverage, and the types of cyber insurance available.
  3. Collaborate to collect. Working together, insurance firms, professional associations and regulators can develop the scope of data required to appropriately structure, price, and sell cyber insurance as a core part of any firm's overall insurance profile.
  4. Focus on smaller clients. Cyber attacks can affect organizations of all sizes, as well as individual professionals such as lawyers and doctors who handle sensitive information. Cyber insurance products for these smaller players is a huge and largely untapped market.

Cyber insurance is a rapidly growing segment of the broader insurance market. Insurers that take key steps now can quickly find themselves at the forefront of this new and increasingly necessary market.

Connect with us

Related content