Though this type of policy has become more popular, the risks and payouts have also risen.
An increasing number of businesses have been contacting their local cyber insurance company to protect themselves against risks such as data breaches and hacks. That said, this market remains quite new and models are ever evolving.
The risks have been rising in this area, placing a considerable amount of stress on this marketplace.
According to one expert quoted by InsuranceBusinessMag, the cyber insurance company market is “under the most stress it’s been in recent memory.” This is primarily due to losses associated with ransomware attacks.
“They’re hitting small business, middle-market and large accounts, and they [ransomware attacks] are a source of considerable attritional loss,” explained chief underwriting officer Michael Palotay of Tokio Marine HCC’s Cyber & Professional Lines Group. “This has resulted in a significant deterioration or elimination of underwriting profit for many markets.”
According to Palotay, businesses should expect premiums to rise in the not-too-distant future. He stated that the current situation is “frankly unsustainable” if the rates for this coverage remain where they are.
A cyber insurance company receives a few thousand dollars in premiums for payouts in the millions.
Ransomware is the source of the problem because the current premiums typically mean that a small business pays a few thousand dollars into their account before they are faced with a ransom of up to a million dollars. “The product is just not priced correctly for that kind of scenario,” said Palotay.
As a result, he feels that the floor for these insurance rates will hit a rather solid floor. Rates for these products have been dropping steadily for the last half decade. That said, changes in risk levels are showing that these falling rates are not allowing for a sustainable marketplace for cyber insurance companies. It is more likely that the rates will stay put for a while before they may indeed begin to climb. Alternately, the very nature of the coverage will need an overhaul to keep up with the cost of the payouts for various types of attack and breach.