The digital world is a minefield for insurers at the moment, with giants AXA, CNA Financial, Tokio Marine and Marsh & McLennan suffering cyberattacks in 2021. Against this backdrop, cybersecurity revenues in the insurance sector are set to grow at a compound annual growth rate of more than 10% from $6.4 billion in 2020 to $10.6 billion in 2025, forecasts GlobalData, a data and analytics company.
GlobalData’s report “Cybersecurity in Insurance” reveals that insurers must navigate the theme cautiously or risk suffering reputational damage from either a data breach or refusing to make a cyber insurance payout.
Amrit Dhami, thematic research associate analyst at GlobalData, said in a statement, “Inevitably, the swift digital transformation of the insurance sector is driving the rise in cyber risk. The sector is rapidly adopting digital technologies including cloud, the internet of things, artificial intelligence, and data analytics to compete with insurtechs, meet consumer demands for personalization and convenient digital interfaces, and in response to the COVID-19 pandemic.
Dhami continued, “The Russia-Ukraine war has increased the likelihood of state-sponsored cyberattacks that target critical infrastructure, military operations, and businesses. Such attacks not only target insurers but lead to expensive payouts and damage the reputations of those reluctant to pay. This was the case for Ace American, which was sued by its client Merck in 2022 for failing to cover its losses during the 2017 NotPetya ransomware attack.”
GlobalData’s Small-to-Medium sized Enterprises (SME) Insurance Survey 2021 concluded that cyber insurance uptake among U.K. SMEs fell from 12.6% in 2020 to an even lower 11.2% in 2021.
Dhami said, “It is not just insurers that are facing a higher cyber risk, and it all feeds back into the insurance sector through the cyber insurance product. Cyber insurance is now far riskier for insurers to provide, with some ransomware gangs reportedly targeting businesses with cyber insurance policies as they are more likely to pay a ransom. It is thus no surprise that the likes of AXA and AIG are rethinking their cyber policies to mitigate the higher risk of a payout through higher premiums and/or reduced customer coverage.
Dhami concluded, “Simultaneously, fewer SMEs are looking to purchase cyber insurance due to the cost-of-living crisis and rising overheads, making it harder for them to afford the coverage. This issue is only being exacerbated by insurers putting up their cyber insurance prices.”