Howden Highlights Why Cyber Insurance Costs are Stabilising

In a promising development for businesses grappling with digital threats, the cost of cyber insurance is showing signs of stabilisation, according to a recent report from insurance intermediary Howden. 

This market correction comes as a welcome relief after years of soaring premiums amid a global ransomware epidemic.

"Favourable dynamics have persisted into 2024,” Sarah Neild, Howden's UK Head of Cyber Retail said following the report.

Global instability, noted by the Ukraine war, and ongoing challenges such as AI increasing the volume of cyber attacks ransomware incidents, global geopolitical instability, had created broad concern across the cyber industry about how to secure themselves in the event of an attack.

Yet, Sarah attributes this stability to more robust cybersecurity measures across the private sector.

"At no other point has the market experienced the current mix of conditions: a heightened threat landscape combined with a stable insurance market underpinned by robust risk controls," Sarah explains. "The foundations for a mature cyber market, with innovation and exposure-led growth at its core, are now in place."

Cyber insurance conditions 

This coincides with a recent survey by cybersecurity firm Sophos, which shed light on insurance as a driving factor for better preparedness. In it, it sheds light on the symbiotic relationship between insurance requirements and improved cyber defences. 

The study found that 76% of companies have enhanced their cybersecurity measures specifically to qualify for cyber insurance coverage. This trend suggests that insurance providers are effectively incentivising better security practices across the business landscape.

Chester Wisniewski, Director and Global Field CTO at Sophos, cautions that while cyber insurance is beneficial, it should not be seen as a panacea. 

"A cyberattack can have profound impacts for a company from both an operational and a reputational standpoint, and having cyber insurance doesn't change that," Chester warned.

Despite the overall positive trajectory, challenges remain. Howden reports that ransomware incidents have increased by 18% compared to 2023. 

Already, halfway through 2024, we have seen a UK hospital having to shut down over a breach, a US car dealership software provider shut down most of its operations, and one of the biggest attacks on a US healthcare provider which saw US$22m forked out to the attackers. 

Yet, despite these big headlines, the study shows fewer firms are paying ransoms, "due in large part to more effective risk controls." 

Additionally, 22% of Chief Information Security Officers (CISOs) report using Gen AI to hunt for new threats, demonstrating a proactive approach to cybersecurity and one that can upskill abilities to stop threats before they breach.

External factors

Besides better cyber hygiene and AI augmentation to detect threats, the report pointed to an expanding cyber insurance market, going beyond large corporations to include small and medium-sized enterprises (SMEs), as a reason why costs are lowering.

However, concerns about systemic cyber risks persist, particularly regarding breaches at popular third-party software providers, which smaller companies are more likely to use. 

Equally, costs have stabilised because of companies increasing cyber preparedness, the Sophos survey highlights a potential misalignment between insurance coverage and actual recovery costs. 

Only 1% of respondents who made a claim reported that their insurance carrier covered 100% of the costs incurred during remediation.

Despite these challenges, the stabilisation of cyber insurance costs and the increased focus on cybersecurity represent positive steps towards a more resilient digital ecosystem. 

As we have seen the increase of one effect the other, so too may we soon see payouts be better reflected by preparedness.

 But regardless for businesses, as they continue to invest in their defences, both to qualify for insurance and to protect themselves, the hope is that cybercriminals may find themselves at a growing disadvantage in the future.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand