Global Businesses Witness a Decrease in Cyber Coverage Premiums as Security Enhancements Ripple Across, Reveals Findings From Howden Insurance Broker
As per a recent analysis conducted by Howden Insurance Brokers, cyber insurance premiums have experienced a notable 15% reduction globally over the preceding two years due to the amelioration in cyber practices within organizations. This downward trend persists despite the escalation of cyber threats, with ransomware attacks taking a leading role in the threat landscape.
The recognition of cyber hygiene protocols such as the implementation of multifactor authentication, EDR, and cloud backups has shown a substantial increase since 2022.
While ransomware incidents have surged by 18% this year according to reports by Howden and NCC Group, proficient risk management frameworks have minimized the necessity for companies to succumb to ransom demands. However, the costs associated with recovery are once again climbing following a brief decline witnessed in the previous year.
The surge in insurance premiums during 2021 and 2022, driven by the abrupt shift to remote work amidst the COVID-19 pandemic, saw threat actors capitalizing on new network vulnerabilities resulted from the surge in personal devices usage, expansion of access points, and compromised centralized data control, thereby escalating claims.
Sharing insights on the decline in cyber insurance costs, Sarah Neild, the head of cyber retail U.K. at Howden, emphasized the reasons behind the reduction. She conveyed to TechRepublic via email, “One prevalent reason is the escalation in risk consciousness spurred by consistent and high-profile cyberattacks.
“Additionally, the enforcement by insurers of minimum cyber hygiene standards for businesses to access coverage has played a crucial role.” This has resulted in a decrease in claims, consequently leading to more affordable policies.
Neild further mentioned, “Despite the substantial financial burden on businesses, this shift has instilled essential resilience among policyholders. It is proving beneficial as they navigate through an evolving threat landscape.”
The analysis from Howden also noted a lower frequency of indirect claims originating from third parties inadvertently affected by a cyber event as compared to direct claims, signaling proficient risk management strategies and loss mitigation practices by companies.
The industry’s competition among insurers is intensifying as an increasing number of them are introducing cyber insurance offerings, paving the way for reduced prices for consumers, the report highlighted.
“The advantageous trends have persisted into 2024, witnessed through the continual decrease in cyber insurance expenses amidst ongoing cyber threats, heightened global unrest, and the emergence of Gen AI,” Neild remarked in a press release.
“The current market conditions present a unique mix: an elevated threat landscape juxtaposed with a stable insurance market supported by robust risk management protocols.”
The Howden report forecasted a surge in the demand for cyber insurance in Europe in the upcoming years. While penetration levels remain low in the region currently, the escalating awareness of cyber threats and strategic security investments are on an upward trajectory. Moreover, small and medium-sized enterprises represent an underdeveloped market segment.
Predicting a continuation of the prevailing low prices, Neild indicated that the rates are unlikely to witness any further declines. She remarked to TechRepublic, “The existing market dynamics – the equilibrium between supply and demand, intense competition, etc. – point toward continued beneficial conditions for buyers. Capacities have expanded, and the recent robust performance of the market suggests that the pricing of insurance is aligned with the associated loss expenses.
“That being said, we are observing a moderation in price drops following prominent cyber incidents in the initial half of 2024, particularly in the healthcare sector. Consequently, we anticipate the market conditions to stabilize moving forward, offering a sustainable long-term value proposition for both buyers and insurers.”
Importance of cyber insurance for businesses
Businesses can leverage cyber insurance to mitigate the expenses linked to a successful cyberattack or fines for violating increasingly stringent compliance standards. As IBM reported, the costs of data breaches escalated to $4.45 million per incident in 2023, partly attributed to the lengthening investigation period for breaches.
Recently, a Splunk report identified the primary cause of unplanned downtime in major corporations as human errors in cybersecurity, such as falling for phishing schemes. Overall, these downtimes amount to $400 billion annually, constituting about 9% of their earnings.
Downtime resulting from cybersecurity incidents directly translates to financial hardships like revenue loss, compliance penalties, and overtime payouts for employees fixing the issues. The report also revealed concealed expenses that have a delayed impact, such as diminished stocks value, reduced developer efficiency, and harm to the company’s reputation.
In addition to the rising costs, cyberattacks are showing higher success rates. A study by Kaspersky revealed in April a sevenfold surge in devices infected with data-stealing malware between 2020 and 2023. Last month, insurance intermediary Marsh disclosed having processed over 1,800 cyber claims from North American clients in 2023, marking a peak due to ransomware incidents.
EXPLORE: 87% of UK Businesses Are Unprepared for Cyberattacks
Despite these challenges, there is evidence suggesting that companies are enhancing their defenses against cyber threats. According to a 2024 Mandiant report, the median dwell time – which is the duration attackers go undetected within a target environment – for global organizations decreased from 16 days in 2022 to 10 days in 2023, marking its lowest point in over a decade.
About Author
