Cyber insurance premiums have experienced “double-digit price reductions” over the past year as organizations enhance their cybersecurity, according to a leading broker.
Howden said the decline in 2023/24 came about despite an increase in ransomware incidents of 18% in the first five months of 2024 versus a year earlier.
By enhancing security in line with industry best practices, organizations become more resilient to breaches, meaning fewer claims, which ultimately feeds back into lower premiums.
Insurers are increasingly demanding measures like multi-factor authentication (MFA), backups, security awareness training, and endpoint detection and response (EDR) as a pre-requisite for even offering premiums.
Read more on cyber-insurance: 70% of Cyber Pros Believe Cyber Insurance is Exacerbating Ransomware
“MFA is the most basic thing you can do, it’s like locking the door when you leave the house,” Howden head of cyber retail, Sarah Neild, told Reuters. “Cyber security is a many-layered beast. On the whole, clients are more robust.”
She added that an increase in cyber insurance products on the market is also helping to drive down prices for customers.
The global cyber insurance market is projected to be worth $91bn by 2033, at a CAGR of 22% from 2023, according to a January 2024 analysis.
Standalone cyber insurance policies apparently accounted for the vast majority (68%) of the market last year.
Organizations are increasingly turning to policies to help them mitigate the financial risks associated with rising cyber-threats and more rigorous compliance requirements.
The cost of a data breach in 2023 stood at $4.45m globally, according to IBM.
The drop in premium costs comes after surging prices in 2021 and 2022 as cyber-attacks ramped up during the pandemic.
Cyber insurance claims actually hit record levels in North America last year, according to broker Marsh.
The firm received over 1800 claims from clients in the US and Canada, more than any other year.
Around a fifth (21%) reported at least one cybersecurity event in 2023, a small increase on 2022 (18%). The share of covered companies reporting one or more cyber events has remained relatively consistent over the past five years, at between 16% and 21%.
Source link