I just wrapped up a sizable Cyber insurance policy renewal and based on the results of our marketing efforts, I think it’s a good indication that the market is beginning to stabilize.
The cyber insurance market has been in a hard market for the past several years.
This particular cyber insurance renewal is for a middle market company that works with Fortune 500 companies. They’re required to carry $50,000,000 in coverage by contract.
The insured’s services are viewed as a higher risk for the cyber market. It is a technology-based business that holds a lot of third-party sensitive data. They do about $75M – $80M in annual revenues. Cyber liability and data breach are definitely their primary risk exposures.
This policy renewal took 10 carriers to quota share the risk and the year-over-year premium is down in 2023 by 4-5%.
I had a feeling the renewal premium wouldn’t spike as hard as it did last year, but I was pleasantly surprised there was actually a slight DECREASE for this renewal.
The cyber insurance market is a lot like the mortgage industry prior to 2008.
Up until a few years ago, you could buy cyber insurance by providing very little information and carriers practically gave away quotes. And not very expensive ones relative to the risk.
Then hackers decimated the cyber insurance market with ransomware and social engineering attacks. Millions upon millions of claims dollars were being paid by carriers as a result.
Underwriting ultimately tightened and those looking to secure cyber insurance coverage must now show preventative measures are in place for their organizations such as data encryption, multi-factor authentication (MFA), data backups, etc.
Underwriters won’t even think twice about insuring a business if these types of measures are not in place.
Cyber insurance pricing and trends vary by company. However, in this particular case where we have a sizable middle market company with above-average cyber risk, a decrease in premium this year is a positive sign.
Let’s hope the cyber insurance market continues trending in this direction.
Each and every company/policyholder will see different outcomes with their cyber coverage and rates based on their own unique makeup. However, if you can show that your organization takes preventative measures to help mitigate cyber risk up front, you’re in a favorable spot.