"Striving to combat the escalating prices in premiums"
In the wake of the COVID-19 pandemic, the shift to remote work has significantly increased the frequency and severity of cyber insurance claims, according to Sabine Träumer, Head of Cyber Insurance for Industrial Clients at Axa in Germany. This change has introduced new cyber exposure risks, as employees work outside traditional, well-protected office environments, making businesses more vulnerable to cyberattacks.
Key impacts of this shift include a 50% increase in ransomware attacks in 2020, with the number of incidents more than doubling the next year, causing widespread disruption in the cyber insurance market. The average cost of a data breach during remote work has also risen by $1 million, reaching about $5.01 million for organisations that did not timely upgrade their IT and security measures. Cyber insurance claims are rising about 13% year-on-year, reflecting more frequent attacks and higher losses. Small businesses face an average recovery cost of around $120,000 per cyberattack, with ransomware accounting for 19% of all cyber insurance claims.
In response to these evolving risks, insurers like Axa are adjusting their cyber insurance offerings and pricing. Träumer confirmed that the number of incidents with significant financial consequences has indeed increased. To mitigate this risk, Axa offers its cyber insurance customers the installation of a "Security Operations Center" (SOC) for active monitoring, analysis, vulnerability identification, threat alarms, and instant reporting.
Moreover, Axa provides awareness portals for employees to raise cyber risk awareness within the company. The company also supports the build-up of necessary resources by equipping the "First Line of Defence". However, Träumer did not provide details on what insurers are doing to mitigate this risk beyond these measures.
Regarding premiums, Träumer stated that Axa bases its prices for cyber insurance on risk circumstances and individual customer needs. She did not discuss any significant premium increases on the horizon but acknowledged that given the dynamic nature of damages and market developments, premium increases cannot be completely ruled out.
The cyber insurance business at Axa has seen increased interest and growth, particularly among larger companies, according to Träumer. However, she did not provide specific information on the impact of this trend on the demand for cyber insurance in her company.
Industry-wide, insurers are increasing premiums, tightening coverage limits, and requiring enhanced cybersecurity measures from insured businesses to qualify for coverage or better rates. Around six in ten businesses are experiencing premium increases as insurers seek to offset the escalating costs from claims triggered by remote work vulnerabilities and growing cyber threats. The overall cyber insurance market is expanding, with written premiums expected to reach $23 billion by the end of 2025, driven by rising demand and increased pricing.
In conclusion, the pandemic-driven remote work shift has made cyberattacks more frequent and costly, resulting in greater financial burdens on insurers and prompting significant premium increases and stricter underwriting standards across the cyber insurance industry. Businesses are encouraged to take proactive measures to enhance their cybersecurity to protect against these growing threats.
Investors in the cyber insurance sector might consider the potential financial rewards, given the escalating costs from claims triggered by remote work vulnerabilities and the increasing premiums in the industry. As businesses prioritize enhancing their cybersecurity to protect against growing threats, they may find the need for finance to implement technological solutions, such as the installation of a "Security Operations Center" offered by insurers like Axa. Despite the increasing premiums, cyber insurance is anticipated to become a significant market, with written premiums expected to reach $23 billion by the end of 2025.
