Cyber insurance and the return of profitability and investment
Introduction: Ryan Griffin, a partner in the cyber team at McGill and Partners in Chicago, discusses the evolving landscape of cyber insurance. Griffin sees a return to profitability in the cyber insurance market due to changes in ransom victim behavior, tighter coverage, and higher premiums.
Changing Ransom Victim Behavior:
- Griffin cites statistics from a 2023 Coveware blog, showing a significant shift in ransom victim behavior.
- Over the last four years, the percentage of victims paying ransoms has decreased, with only 46% delivering in the fourth quarter of 2022, compared to 85% in the first quarter of 2019.
- Investments in cybersecurity have led to enhanced detection, prevention efforts, and faster recovery times, contributing to fewer ransom payments.
- Premiums have increased to account for losses, and the combination of reduced ransom payments, narrower coverage, and higher premiums is improving loss ratios.
Evolution of Cyber Threats:
- While ransom payments have decreased, cyber threats have evolved, with criminal organizations finding new ways to exploit vulnerabilities.
- Griffin mentions recent ransomware attacks on companies like Yum! Brands and Dole Foods, highlighting the ripple effects on the global supply chain.
Improved Cybersecurity Measures:
- Companies have improved their cybersecurity measures, including enhanced phishing awareness, adoption of the least privilege principle, and prioritization of immutable backups.
- These measures have become prerequisites for obtaining cyber insurance.
Addressing Aggregation Risk:
- Griffin suggests there has been an “over-weighting” of aggregation risk in the insurance industry.
- He believes that the insurance industry may underestimate the resiliency of company networks and that traditional property insurance concepts do not fully apply to cyber insurance.
Future of Cyber Insurance:
- The future of cyber insurance may include pricing plateaus, conservative coverage concessions, and growing potential for cloud outage protections.
- Some insurers are introducing common vulnerability issue lists, and coverage may vary based on the insured party’s response time to patch vulnerabilities.
- Griffin suggests that cyber insurance could benefit from adopting pre-set dollar amounts for payouts, offering peace of mind to clients and insurers.
Growing Investment in the Cyber Market:
- Griffin predicts that investment in the cyber insurance market is returning, driven by profitability and a track record of downtime metrics.
- He believes there is room for improvement in coverage and recovery, and buyers may be willing to pay higher premiums for enhanced products.