Cyber Liability Insurance Trends 2022
Sr. Content Writer
Sr. Content Writer
After a challenging couple of years, we anticipate what 2022 has in store for us. On the one hand, we watched as cybercriminals took advantage of every slight vulnerability. On the other hand, companies stumbled through shifting operations and procedures with more grace than some experts predicted. Unsurprisingly, cyber liability insurance became a must-have instead of an option. So, what’s on the other side of this massive digital evolvement? Let’s review what we learned in 2021 and how those lessons will unfold in 2022.
Back when The Morris Worm unintentionally became the first Distributed Denial of Service (DDoS) attack, very few individuals imagined the threats that would soon become commonplace. Nowadays, words like “phishing” and “worms” conjure up pictures of more than a day on the lake.
Instead, cyber attacks impact businesses of all sizes daily, from global corporations to ten-person startups. Naturally, the cost of cyber liability insurance relies on various factors, including a company’s level of data protection. That said, here are a few of the most common attacks we see in today’s world:
Cyber perils are the most significant concern for companies all across the world. And for a good reason. Ransomware attacks have all but haunted executives’ dreams, not to mention the threat of IT outages and other data breaches. However, some industries are hit harder than others, whether because of targeted attacks or unique vulnerabilities. According to Forbes, here’s a look at how cyberattacks played out in specific industries:
We experienced an all-time high in cyberattacks during 2021, with Q4 taking the most blows. According to BusinessToday, cyber attacks increased by 50% in 2021 compared to the previous year. Yet, we see many of the same industries continue to be prime targets, as outlined in the graph below.
Cyber liability insurance protects companies from third-party lawsuits relating to electronic activities (i.e., data breaches, phishing scams, etc.). It also provides many recovery benefits, supporting data restoration and reimbursement for income lost and payroll spent.
As mentioned above, cybercriminals think little about your company’s size or developmental state. If 2021 proves anything, it’s that hackers will attack when they suspect the slightest vulnerability. Unfortunately, US data breaches average about $4.24 million, according to IBM’s 2021 Cost of a Data Breach Report, requiring all-sized companies to consider cybersecurity a top priority.
Additionally, many directors and officers feel increased pressure to mitigate cybersecurity better. With remote work and hybrid schedules the “new norm,” executives now face vulnerabilities never seen before. Yet, the pressure builds to maintain best cybersecurity practices throughout their employees, mainly to protect the company’s digital assets.
For example, if a data breach occurs, a shareholder’s suit may hit directors and officers incredibly hard, thus utilizing D&O insurance for cyber claims. Unfortunately, we expect this type of litigation to continue in the future.
EVP and Customer Success Manager Rachel Jenkins explains further, “We are starting to see more, still limited but increasing, cyber claims bleed into D&O through shareholder litigation as there is an increased fiduciary duty on the C-suite to maintain proper cyber controls through regulation and industry requirements.”
As with any other line of commercial insurance, cyber liability relies on a set of factors to dictate pricing trends. Although underwriting is becoming more automated, facilitating artificial intelligence and machine learning, the following factors impact this policy’s pricing.
Additionally, as we officially wrap up 2021, consider the results below regarding cyber renewal pricing changes:
Source: Cyber REDY Index from CRC Group
Cyber incidents have increased globally over the past few years. Plus, more companies than ever before are purchasing cyber liability policies, nearly doubling the number of policies in force from a mere five years ago. Naturally, we expect these events to impact the state of the insurance market.
Besides increasing demand, we see terms and conditions tightening, thus shrinking the supply as insurers and reinsurers reevaluate their risk appetite. Most insurers are more selective, requesting more documentation about a company’s cybersecurity practices. Underwriters want to know about employee training and awareness, not to mention new risks because of various operational changes brought about by the pandemic.
Unsurprisingly, the shifting cybersecurity landscape and new demands have caused premiums to increase. We will likely experience these elevated premium levels throughout 2022. Coinciding with higher premiums, most insurers have also decreased their coverage limits.
It probably comes as no surprise that some insurers have even considered whether specific coverages, such as ransomware, are worth covering anymore. Still, as these changes unfold, we have several tips to help you manage cybersecurity risks.
Dive deeply into cybersecurity so that you can follow the “keep your friends close, keep your enemies closer” philosophy. Please recognize that you might not have all the answers, and recruiting help (i.e., managed IT service provider) might be your best bet.
Keep a watchful eye on your competitors regarding what’s ailing them cyber-wise. Have they faced an attack? If so, what type of threat was it? How did they avoid it or rebound from it? This information will give you a unique and customized look into the challenges you might face.
Data protection undoubtedly falls back on the executive’s shoulders; however, the entire company must be on board with the cybersecurity culture. Employee training helps with this approach, mainly because employees are typically more willing to support cybersecurity protocols when they play a vital role.
Weak passwords caused loads of data breaches in the past year. So, along with employee training, implement a strong password program. For example, some companies require employees to change their passwords every three months or less. It’s a tiny step in the right direction that can potentially prevent a massive mishap. By setting new standards for password protection, you are also bolstering your cybersecurity company-wide.
We’ve all ignored software updates, slamming through work on less than full strength. We get lucky most of the time, and hackers miss their opportunities. But it only takes one time for an entire system or network to crash, causing delays and financial headaches. We encourage you to listen to the update prompts, whether from your programs or a trusted IT professional.
Lastly, as four-time Iditarod champion, Martin Buser says, “You’re only as fast as your slowest dog.” Regarding all the areas of vulnerability, don’t let cybersecurity be your slow-poke. Work diligently with your commercial insurance broker to tailor a policy for your company’s needs, so your coverage keeps pace with your progress.
Remember, the world as we know it can change in a heartbeat. We’ve seen this happen in real-time. It’s best to be ready for life’s curveballs, and we’re here to help you stay on top of market trends. So, join us as we roll out our Risk Management Insights: D&O Insurance Trends each quarter.
Want to know more about cyber insurance? Talk to us! Please get in touch with us at email@example.com or create an account here to get started on a quote.
Cybersecurity concerns skyrocketed during the past few years, especially for small businesses and technology companies — but how cyber literate are we really? Let’s find out!
Dark patterns are everywhere, from confusing ecommerce checkouts to unsubscribe links — and they impact data protection. Let’s talk about it.
Cyber liability insurance can seem confusing — but it doesn’t have to be. Here are several crucial cyber coverage guidelines for startups and technology companies.