Changes In The Cybersecurity Insurance Market
Cybersecurity insurance still represents a pretty new concept for many SMBs. This new kind of insurance started in the 1990s to provide coverage for large enterprises to cover things like data processing errors and online media.
Since then, the policies for this type of liability coverage have changed radically. Today, cyberinsurance policies cover the usual costs of a data breach, including the cost of remediating a malware infection or compromised accounts.
Cybersecurity insurance policies offer to cover the costs for things like:
- Recovering compromised data
- Repairing computer systems
- Notifying customers about a data breach
- Providing personal identity monitoring
- IT forensics to investigate the breach
- Legal expenses
- Ransomware payments
Data breach volume and costs continue to rise on a sharp upward trajectory. 2021 set a record for the most recorded data breaches on record. In the first quarter of 2022, breaches were up 14% over the prior year, so it’s on track to be another record breaking year.
No one is safe. Even small businesses find they are targets. In some ways, small businesses are even more vulnerable because they often don’t spend on cybersecurity the way large businesses can. They frequently have more to lose than larger enterprises as well. On average, 60% of small businesses close down within 6 months of a cyber incident.
The increase in online danger and rising costs of a breach led to extensive changes in this type of insurance. The cybersecurity insurance industry is ever evolving to keep up with evolving hackers. Businesses must keep up with these trends to ensure they can stay protected.
Here are a few of the cyber liability insurance trends you need to know about.
Demand is Going Up
On average, the cost of a data breach is currently $4.35 million (global average). In the U.S., it’s usually more than double that, at $9.44 million. As these costs of cybercrime continue to balloon, so does the demand for cybersecurity insurance.
Companies of all types are realizing that cyber insurance is critical. It’s as important as their business liability insurance. Without that protection, they can easily go under in the case of a single data breach.
With demand increasing, look for more availability of cybersecurity insurance. This also means more policy options, which is good for those seeking coverage.
Premiums are Increasing
The increase in cyberattacks lead inevitably to an increase in insurance payouts. Insurance companies must increase premiums to keep up. In 2021, cyber insurance premiums rose by a staggering 74%.
Costs to the insurance companies from lawsuits, ransomware payouts, and other remediation have directly driven this increase. Insurance carriers aren’t willing to lose money on cybersecurity policies, they’re there to make a profit. Thus, those policies are getting more expensive at the same time as they are more necessary.
Certain Coverages are Being Dropped
Certain types of coverage are getting more difficult and expensive to find. For instance, some insurance carriers are dropping coverage for “nation-state” attacks, defined as attacks that come from a government.
Many modern governments have ties to known hacking groups. Because of these connections, a ransomware attack that hits consumers and businesses can very well be in this category.
In 2021, 21% of nation-state attacked targeted consumers, and 79% targeted enterprises instead. So, if you see that an insurance policy excludes these types of attacks, be very wary. Odds are you won’t be covered even though you pay for insurance.
Another type of attack payout that is being dropped from some policies is ransomware. Between Q1 and Q2 of 2022, ransomware attacks increased by 24%.
Insurance carriers are tired of unsecured clients relying on them to pay the ransom, so many are excluding ransomware payouts from policies. This exclusion puts a bigger burden on organizations. Businesses need to ensure their backup and recovery strategy is well planned.
It’s Harder to Qualify
Just because you want cybersecurity insurance for your business doesn’t mean you’ll qualify for it. Qualification standards are becoming stiffer. Insurance carriers aren’t willing to take chances, they’re there to make a profit. They’re especially wary of companies with poor cyber hygiene.
Some of the factors that insurance carriers look at include:
- Network security
- Use of things like multi-factor authentication
- BYOD and device security policies
- Advanced threat protection
- Automated security processes
- Backup and recovery strategy
- Administrative access to systems
- Anti-phishing tactics
- Employee security training
You’ll often need to fill out a lengthy questionnaire about your business practices when applying for insurance. This questionnaire will include several questions about your cybersecurity situation. It’s a good idea to have your IT provider help you fill it out.
This can seem like a lot of work that you have to do to qualify for cyber insurance. As you review the questions, your IT partner can identify security enhancements that would help you qualify. Just like other forms of insurance, if you take steps to reduce risk, it can often reduce your premiums.
So, it always pays to do a cybersecurity review before applying for cyber insurance. You can save yourself a lot of time and money. Reviewing your computer security can also fortify your defenses against cyberattacks.
Why Is This Published By A Business Phone Company?
Here at NoContractVoIP, we believe that your success is our success. And, since we specialize in business communication, we also want to help you communicate better. We create the cutting edge communication systems that modern companies need.
To talk to a business phone system specialist, call 866-550-0005 or contact us today.
To get the latest helpful content delivered to your inbox every month, subscribe to our newsletter here.