Insurance broker Marsh has published an article on "What's Trending in Cyber Insurance?" as of the first quarter of 2022. Here are the trends they see:
- Cyber insurance has developed from a niche product into coverage for a broad array of digital risks. It has paid claims and enabled organizations to take risks as they innovate and digitalize their business. As coverage broadens, insurers are concerned about accumulated exposures and systemic risk. They are revising their strategies to meet these concerns.
- Underwriting requirements have tightened with more detailed applications. . Organizations with poor cyber hygiene will pay higher premiums or lose coverage.
- Scope of coverage is being limited for ransomware, contingent business interruption and liability for business decisions concerning collection and use of personally identifiable information. Exclusions for infrastructure, natural perils, government action and war are broader.
- Insurers are applying sublimits and coinsurance to ransomware. Some limitations may go beyond ransomware payments and business interruption to affect the entire policy.
- New and proposed regulations may lead to coverage cutbacks, such as exclusion of BIPA claims.
- Risk from third party suppliers or vendors mean organizations need to manage this exposure to maintain broad coverage.
- Systemic risk of cyber attacks impacting many stakeholders may lead to insurance restricted to limited scope rather than catastrophic events.
- Insureds and insurers need to balance their needs and expectations. Insurers must be transparent, and insureds must commit to cyber resilience.