Cybersecurity revenues in the insurance sector are set to grow at a compound annual growth rate of more than 10%, from $6.4 billion in 2020 to $10.6 billion in 2025, according to data and analytics company, GlobalData.
According to GlobalData’s report, ‘Cybersecurity in Insurance’, insurers must navigate the theme cautiously or risk suffering reputational damage from either a data breach or refusing to make a cyber insurance payout.
Amrit Dhami, Thematic Research Associate Analyst at GlobalData noted that with the rapid digital transformation of the insurance sector comes a rise in cyber risk.
Dhami commented: “The sector is rapidly adopting digital technologies including cloud, the internet of things, artificial intelligence, and data analytics to compete with insurtechs, meet consumer demands for personalization and convenient digital interfaces, and in response to the COVID-19 pandemic.
“The Russia-Ukraine war has increased the likelihood of state-sponsored cyberattacks that target critical infrastructure, military operations, and businesses. Such attacks not only target insurers but lead to expensive payouts and damage the reputations of those reluctant to pay. This was the case for Ace American, which was sued by its client Merck in 2022 for failing to cover its losses during the 2017 NotPetya ransomware attack.”
GlobalData’s SME Insurance Survey 2021 (sample size 2,001 SMEs) concluded that cyber insurance uptake among UK SMEs fell from 12.6% in 2020 to an even lower 11.2% in 2021.
Additionally, Dhami also commented that insurers are not the only ones facing higher cyber risks, but it is also that cyber insurance is becoming riskier for insurers to provide.
He said: “Of course, it is not just insurers that are facing a higher cyber risk, and it all feeds back into the insurance sector through the cyber insurance product. Cyber insurance is now far riskier for insurers to provide, with some ransomware gangs reportedly targeting businesses with cyber insurance policies as they are more likely to pay a ransom.
“It is thus no surprise that the likes of AXA and AIG are rethinking their cyber policies to mitigate the higher risk of a payout through higher premiums and/or reduced customer coverage.
Dhami concluded: “Simultaneously, fewer SMEs are looking to purchase cyber insurance due to the cost-of-living crisis and rising overheads, making it harder for them to afford the coverage. This issue is only being exacerbated by insurers putting up their cyber insurance prices.”