Cyber insurance rates experienced a significant drop of approximately 10 percent in June compared to the previous year, signaling a reversal in the recent trend of sharp rate increases. This decline can be attributed to claims that were smaller than initially anticipated, according to a report by brokerage firm Howden.
The surge in cyber insurance rates occurred during 2021, mainly driven by the COVID-19 pandemic and the subsequent rise in ransomware attacks. These attacks involve the use of ransom software to encrypt victims’ data, with hackers typically demanding cryptocurrency payments in exchange for a decryption key to regain access to the data.
However, the number of global ransomware attacks decreased by 20 percent in 2022 compared to the previous year. This decline can be attributed to the start of the conflict between Russia and Ukraine, as hackers in those regions shifted their focus to military targets.
Consequently, insurers have called for increased efforts from their clients to enhance their cybersecurity measures, thereby reducing the risks associated with cyber attacks. This shift in approach has helped alleviate insurers’ concerns and has encouraged underwriters to reenter the cyber insurance market.
Shay Simkin, global head of cyber at Howden, noted that there is a renewed appetite among insurers for writing cyber insurance policies. This resurgence can be attributed to increased competition in the market, which has exerted downward pressure on insurance rates.
In 2022, cyber insurance premiums surpassed $12 billion, compared to $10-11 billion in 2021. Howden predicts that the market will continue to expand and is expected to reach approximately $50 billion by 2030, reflecting the growing size and impact of cybercrime.
While the first quarter of the current year witnessed a 47 percent increase in ransomware attacks compared to the same period in the previous year, it appears that hackers have once again shifted their focus to pursuing commercial gains.
Though risk awareness is growing across the board, cyber insurance remains a large corporate market currently. In France, for example, of the premiums paid for cyber insurance in 2022, 85 percent came from large companies. The remaining 15 percent coming from mid-sized companies and SMEs, but were responsible for a disproportionate share of reported claims.