Over the last year, a steady decline in premium rates has made cyber-insurance coverage more accessible and affordable for organizations of all sizes.
The primary driver behind this decrease is the increasingly competitive marketplace, with more insurance companies offering coverage for cybersecurity incidents such as ransomware attacks and data breaches. Additionally, improved cyber hygiene among insured organizations has contributed to the lower rates, according to a recent report from London-based Howden Insurance.
Howden's report highlighted a 15% reduction in average cyber-insurance premium rates in 2023 compared to the previous year. This decline follows a two-year period from December 2020 to December 2022 when rates surged due to a significant increase in ransomware-related claims.
Sarah Neild, head of cyber retail, UK, at Howden, stated, "Favorable dynamics have persisted into 2024, with the cost of cyber insurance continuing to fall despite ongoing attacks, heightened geopolitical instability, and the proliferation of GenAI. At no other point has the market experienced the current mix of conditions: a heightened threat landscape combined with a stable insurance market underpinned by robust risk controls."
Howden’s findings are echoed by US-based Aon, which reported a 17% decline in premium rates in 2023 compared to 2022. Aon also anticipates stable pricing through the end of the year due to ample capacity and a competitive market environment. Aon’s analysis showed that a rise in ransomware and other cyberattacks, alongside heightened regulatory reporting requirements, has increased interest in cyber insurance among organizations.
Shawn Ram, head of insurance at Coalition Insurance, noted that premium rates have declined even as cybersecurity-related claims have risen over the past year. "In 2023, overall claims frequency increased 13% year-over-year, and overall claims severity increased 10% YoY, resulting in an average loss of $100,000. Claims frequency increased across all revenue bands, with businesses between $25 million and $100 million in revenue seeing the sharpest spike — a 32% YoY increase." Despite the increased claims activity, pricing for cyber insurance remains stable due to the robust capacity in the market.
Insurance companies have become more adept at evaluating cyber risk, says Andrew Braunberg, an analyst with Omdia. "Carriers are getting a lot smarter in how they assess the cyber risks of prospects and the way they write up coverage," he explains, adding that insurers now conduct more thorough risk assessments and expect proactive security technologies to be in place.
Howden expects demand for cyber insurance from small and midsize enterprises (SMEs) to drive growth and price stability in the market over the next few years. SMEs, which contribute nearly half of the GDP in major economies, represent an underserved demographic offering significant growth opportunities for insurers and brokers. The market is also projected to expand significantly as insurance companies look to grow outside the US, which currently accounts for two-thirds of the global market.
Xing Xin, CEO and co-founder of cyber insurer Upfort, believes that while there are enough insurers eager to write more business around cybersecurity to keep prices stable for now, increased claims frequency and severity may eventually impact underwriting and rates. "A widespread cybersecurity issue that systemically triggers a high count of policies could reverse the current trend, leading to accelerated rate growth," he cautions.
By leveraging these insights, Elivaas can stay ahead in the rapidly evolving landscape of cyber-insurance, ensuring robust protection for their clients and continued market leadership.