The insurance industry has slowed cyber coverage despite rising demand, owing to concerns about the COVID-19 pandemic and the increasing severity and frequency of ransomware attacks.
Carriers are raising premiums – some by as much as 300% at renewal – and reducing coverage limits in sectors that have been struck the worst by cyber crime and cyber extortion in the last few years. Education, public entities/government, healthcare, construction, and manufacturing are among these sectors.
One of the major threats is the spread of ransomware, which many blame on the remote-work environment during the COVID-19 outbreak. The increase in staff working from home created technological vulnerabilities that hackers exploited. During this time, the frequency and severity of claims increased at an unprecedented rate, and losses frequently surpassed actuarial limits. As a result, insurance companies began to construct models that account for the unanticipated impact of ransomware on their bottom lines.
A growing ransomware risk is “double extortion,” in which cyber attackers demand payment for both a decryption key and a separate payment to prevent the publication of customer data and non-public information.
Ransomware has become a two-headed monster and double extortion has become a contributing factor in cyber claim severity over the past year.
According to the research, underwriting questions have become more strategic to better reflect contemporary cyber exposures. Insurance providers are constantly upgrading their inquiries concerning a company’s information security policies through extra application forms for ransomware and business interruption, even during renewals.
Multi-factor authentication (MFA) has become a need to qualify for cyber coverage and is one of the most effective techniques to thwart a cyber extortion attack.
To better control their loss ratios, insurers are increasingly using the same scanning technology used by hackers into their own underwriting processes, as well as imposing sub-limits or exclusions for cyber extortion and business interruption caused by ransomware occurrences.
As a result of industry underwriting and mitigation efforts, a better balance between cyber insurance coverage supply and demand is expected.