Insurers are losing appetite for cyber insurance as ransomware cover losses and payments have become problematic, which is leaving business underinsured in this area. COVID-19 has presented a new era of opportunities for cybercriminals, as the pandemic forced businesses around the globe to digitise and adopt remote-working practices overnight.
The cyber insurance market is at the mercy of the COVID-19 pandemic. According to GlobalData’s 2021 UK SME Insurance Survey, just under a third (31.5%) of UK SMEs have cyber insurance in place. Cyber insurance was ripe to grow as an increasing number of businesses have made a permanent shift towards more flexible working practices and hybrid work models. Yet the increasing risks faced by cyber insurers means that instead of looking to secure new business, insurers are thinking twice.
Generally, the start of the pandemic has marked a new period for cyber insurers, who have managed ballooning ransomware claims by reducing coverage limits and capacity, while an increase in demand has also led to higher premium payments. More recently, Lloyd’s of London, one of the world’s leading underwriters of cyber insurance, is disengaging itself from this market, having discouraged its 100-odd syndicate members from taking cyber business in the new year. This closely follows the steps of AXA, which in mid-2021 stopped writing new business paying from ransomware attacks in France, becoming the first major insurer to discontinue this type of cover.
Indeed, the increase in cybersecurity risks is not only being felt by insurers but also by businesses. Further data from our survey indicates that 30.7% of SMEs felt the cyber risks faced by their business had increased to some extent since the start of the pandemic. This sentiment worsened as the size of the businesses increased, rising to 42.1% among medium-sized SMEs.
Note: Micro: have between zero and nine employees. Sole traders are a subset of micro businesses and have zero employees. Small: between 10 and 49 employees. Medium: between 50 and 249 employees.
The growing sophistication of cybercriminals puts insurers in a very difficult position. A ransomware attack uses malware to encrypt a user’s or an organisation’s information, so that a victim cannot access information such as files and databases until a ransom is paid. The most advanced hackers can check whether prospective victims have policies in place that are likely to cover ransomware attacks. Meanwhile, limited IT support when working from home, installing fewer software security updates, and using unprotected home networks and personal laptops have all contributed to an increase in cybercrime.