Howden Highlights Why Cyber Insurance Costs are Stabilising

Share
This comes as a welcome relief after years of soaring premiums amid a ransomware surge
Cyber Insurance has often been outpacing coverage as of late due to the growing threat landscape, but a Howden study highlights why this is changing

In a promising development for businesses grappling with digital threats, the cost of cyber insurance is showing signs of stabilisation, according to a recent report from insurance intermediary Howden. 

This market correction comes as a welcome relief after years of soaring premiums amid a global ransomware epidemic.

"Favourable dynamics have persisted into 2024,” Sarah Neild, Howden's UK Head of Cyber Retail said following the report.

Global instability, noted by the Ukraine war, and ongoing challenges such as AI increasing the volume of cyber attacks ransomware incidents, global geopolitical instability, had created broad concern across the cyber industry about how to secure themselves in the event of an attack.

Yet, Sarah attributes this stability to more robust cybersecurity measures across the private sector.

"At no other point has the market experienced the current mix of conditions: a heightened threat landscape combined with a stable insurance market underpinned by robust risk controls," Sarah explains. "The foundations for a mature cyber market, with innovation and exposure-led growth at its core, are now in place."

Sarah Neild is UK Head of Cyber Retail at Howden insurance broker

Cyber insurance conditions 

This coincides with a recent survey by cybersecurity firm Sophos, which shed light on insurance as a driving factor for better preparedness. In it, it sheds light on the symbiotic relationship between insurance requirements and improved cyber defences. 

The study found that 76% of companies have enhanced their cybersecurity measures specifically to qualify for cyber insurance coverage. This trend suggests that insurance providers are effectively incentivising better security practices across the business landscape.

Chester Wisniewski, Director and Global Field CTO at Sophos, cautions that while cyber insurance is beneficial, it should not be seen as a panacea. 

"A cyberattack can have profound impacts for a company from both an operational and a reputational standpoint, and having cyber insurance doesn't change that," Chester warned.

Despite the overall positive trajectory, challenges remain. Howden reports that ransomware incidents have increased by 18% compared to 2023. 

Already, halfway through 2024, we have seen a UK hospital having to shut down over a breach, a US car dealership software provider shut down most of its operations, and one of the biggest attacks on a US healthcare provider which saw US$22m forked out to the attackers. 

Yet, despite these big headlines, the study shows fewer firms are paying ransoms, "due in large part to more effective risk controls." 

Additionally, 22% of Chief Information Security Officers (CISOs) report using Gen AI to hunt for new threats, demonstrating a proactive approach to cybersecurity and one that can upskill abilities to stop threats before they breach.

Chester Wisniewski is Director and Global Field CTO at Sophos cybersecurity company

External factors

Besides better cyber hygiene and AI augmentation to detect threats, the report pointed to an expanding cyber insurance market, going beyond large corporations to include small and medium-sized enterprises (SMEs), as a reason why costs are lowering.

However, concerns about systemic cyber risks persist, particularly regarding breaches at popular third-party software providers, which smaller companies are more likely to use. 

Youtube Placeholder

Equally, costs have stabilised because of companies increasing cyber preparedness, the Sophos survey highlights a potential misalignment between insurance coverage and actual recovery costs. 

Only 1% of respondents who made a claim reported that their insurance carrier covered 100% of the costs incurred during remediation.

Despite these challenges, the stabilisation of cyber insurance costs and the increased focus on cybersecurity represent positive steps towards a more resilient digital ecosystem. 

As we have seen the increase of one effect the other, so too may we soon see payouts be better reflected by preparedness.

 But regardless for businesses, as they continue to invest in their defences, both to qualify for insurance and to protect themselves, the hope is that cybercriminals may find themselves at a growing disadvantage in the future.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand

Share

Featured Articles

Resilience: Firms Fail to Grasp Cyber Financial Impact

Resilience and YouGov survey reveals 74% of mid to large UK businesses face cybercrime, while ransomware understanding lags behind data breach concerns

SonicWall and CrowdStrike Unite for SMB Security Service

SonicWall partners with endpoint protection specialist CrowdStrike to offer managed detection and response capabilities through managed service providers

FS-ISAC CISO Talks Cyber Strategies for Financial Providers

FS-ISAC CISO JD Denning explains the cyber strategies financial providers need to adopt in order to stay afloat in the wave of cyber attacks

Darktrace Reports 692% Surge in Black Friday Cyber Scams

Cyber Security

KnowBe4 Launches AI Agents to Counter Phishing Threats

Technology & AI

Gen Reports 614% Rise in Command Prompt Manipulation Scams

Cyber Security