The pandemic and the massive transformation of the work model are expected to increase in growth of hacker attacks. Currently, the highest number of ransomware attacks has been recorded so far. How does the reduced level of cybersecurity translate into the availability and price of insurance in case of cyber risks?
Global cost growth
Willis Re's latest estimates prove that with cyber risk reinsurance, rates have increased by 40 percent. What's behind it? The company cited larger policy withdrawals as ransomware attacks as the main reason for the increase in costs. In the event of an attack of this type, cyber criminals block access to the computer system or take away the ability to read the saved data. They usually demand a ransom for restoring the original state. In light of the growing number of hacker attacks, the question arises whether insurers should not stop including cyber risk insurance in their offers.
This situation has a direct impact on the Polish market, where cyber insurance is offered in two models - one based on reinsurance contracts, the other offering reinsurance products in as part of the functioning of branches of global insurers. Both models are based on the situation on the international market, which directly translates into an increase in premiums in Poland and a transformation of the approach to risk analysis.
Transforming the approach to risk
New methods of insurers in relation to cyber risk policies began to appear in 2020, when the number of ransomware attacks began to increase rapidly. Risk assessment is a particularly difficult topic – approaching risk requires an in-depth analysis of the situation and creating specific models for this situation. Affected by the financial consequences of ransomware, insurers began to reduce the risky approach by adopting many new solutions, including introducing a sublimit for protection against cyber risk, forcing or increasing the deductible. Some of insurance companies even denied offering these insurances.
Nevertheless, given the organizational crisis that hacker attacks entail, cyber-polises on the Polish market still include payouts in this respect. There is a need to reconcile the interests of the client with the possibilities of the insurance market.
Meanwhile, the demand for cyber-polises is growing at a surprisingly fast pace and it should be perceived as accommodation to changing global market. Despite the increase in costs, companies are looking for more and more limits. Taking advantage of the situation, many companies are expanding their protection package for small and medium-sized businesses with cyber insurance, guaranteeing support in the crisis, compensation for loss of profit and expenses to sustain the company, and to cover the costs of claims. For large enterprises, however, protection is particularly limited.
Prevention turns out to be the key: regular backups and their verification, saving data on external drives and storing them in a separate location guarantee minimizing the likelihood of attacks .