What Changes in the Cyber Liability Insurance Market Mean for Businesses
The cybersecurity insurance market is relatively new, and thus far, has seen a long period of soft market conditions. This is now changing. Over the past year, we’ve written about the increase in cyberattacks – both in complexity and frequency. This has had a huge effect on cybersecurity insurance rates – the Council of Insurance Agents & Brokers (CIAB) Q4 2020 Commercial P/C Market Survey reported one of the highest premium increases out of all lines of business at 11.1%. Historically, rate increases for cybersecurity insurance have hovered around 1% or less.
Why is this happening? Remember that cybersecurity insurance must go through the same growth maturing as other lines of coverage. Carriers are re-evaluating risks – looking at what exposures are, determining that claims are increasing, and understanding risk profiles better. Claims are not just about viruses and breaches anymore, but ransomware extortion, breach costs, incident management costs and the ransomware payment itself. Extra expenses beyond just the incident include business interruption and income loss coverage, and the effects of incidents spread beyond the insured to clients. As such, premiums and retentions have increased, and these increases are projected to continue. But even with these rate increases, it is important to point out that the market itself remains strong overall, and capacity is still there.
As a business, what can you do now? It is very important to practice good hygiene. According to NortonLifeLock, “cyber hygiene is about training yourself to think proactively about your cyber security.” These happens at the organization level and should trickle down to your employees. It is not very expensive – and definitely worth the investment – to invest in training and process changes that can help reduce the likelihood of your organization falling victim to a cyberattack.
We recently wrote about the importance of improved incident response that accommodate remote work and shifts to third-party IT providers. We noted that cyber liability insurance policies are looking more and more at what preventative measures organizations are doing to protect against cyberattacks.
And of course, we continue to stress, now more than ever, the importance of cyber liability insurance to protect your business and your online data. Having a policy in place, coupled with strong risk reduction and incident response is key.