Insurers are losing appetite for cyber insurance as ransomware cover losses and payments have become problematic, which is leaving business underinsured in this area. COVID-19 has presented a new era of opportunities for cybercriminals, as the pandemic forced businesses around the globe to digitise and adopt remote-working practices overnight.

The cyber insurance market is at the mercy of the COVID-19 pandemic. According to GlobalData’s 2021 UK SME Insurance Survey, just under a third (31.5%) of UK SMEs have cyber insurance in place. Cyber insurance was ripe to grow as an increasing number of businesses have made a permanent shift towards more flexible working practices and hybrid work models. Yet the increasing risks faced by cyber insurers means that instead of looking to secure new business, insurers are thinking twice.

Generally, the start of the pandemic has marked a new period for cyber insurers, who have managed ballooning ransomware claims by reducing coverage limits and capacity, while an increase in demand has also led to higher premium payments. More recently, Lloyd’s of London, one of the world’s leading underwriters of cyber insurance, is disengaging itself from this market, having discouraged its 100-odd syndicate members from taking cyber business in the new year. This closely follows the steps of AXA, which in mid-2021 stopped writing new business paying from ransomware attacks in France, becoming the first major insurer to discontinue this type of cover.

Indeed, the increase in cybersecurity risks is not only being felt by insurers but also by businesses. Further data from our survey indicates that 30.7% of SMEs felt the cyber risks faced by their business had increased to some extent since the start of the pandemic. This sentiment worsened as the size of the businesses increased, rising to 42.1% among medium-sized SMEs.

ransomware payments
Source: GlobalData’s 2021 UK SME Insurance Survey


Note: Micro: have between zero and nine employees. Sole traders are a subset of micro businesses and have zero employees. Small: between 10 and 49 employees. Medium: between 50 and 249 employees.

The growing sophistication of cybercriminals puts insurers in a very difficult position. A ransomware attack uses malware to encrypt a user’s or an organisation’s information, so that a victim cannot access information such as files and databases until a ransom is paid. The most advanced hackers can check whether prospective victims have policies in place that are likely to cover ransomware attacks. Meanwhile, limited IT support when working from home, installing fewer software security updates, and using unprotected home networks and personal laptops have all contributed to an increase in cybercrime.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.