A report by Reuters notes that insurers have halved the amount of cyber cover they’re providing to business customers as a result of a surge in cyberattacks – particularly ransomware.
Insurance products cover a wide range of issues resulting from cybercrime such as ransoms, repair of hacked networks, business disruption and crisis PR. Some insurers have even branched out into new cyber products such as ID theft protection and insurance for the consumer, as well as business market (see What are CCAPS?). The UK insurance market is a major player in this sector, with Lloyd’s of London having around a 20% share of the global market. But in an indication that it lacks confidence in the cybersecurity industry’s ability to protect businesses, it is discouraging syndicate members from taking on new cyber business in 2022 according to Reuters.
Caspar Stops, head of cyber at Optio, noted that firms were reducing cover. “Limits have halved – where people were offering 10 million pounds ($13.50 million), nearly everyone has reduced to five.” This is concerning since according to a report by Barracuda Networks, the average ransom sum per incident is now over $10 million.
It’s not only the increasing technological sophistication of attacks that’s the issue, but the sophistication of approach. Insurers say some attackers research whether potential victims have insurance and are therefore more likely to pay out.
This topic was one discussed at the recent Eskenzi PR CISO forum, where CISOs noted that the rising cost of cyberinsurance was so significant that it now had board level attention and could end up being a driver for investment in cybersecurity solutions. (According to the insurance industry, premiums have almost doubled in the US and gone up by 73% on average in the UK.) Participants in the Eskenzi forum noted that firms had been surprised how quickly cybercriminals had begun targetting newly appointed executives – which also suggests a high level of surveillance and research.
Inevitably, the level of insurance cover on offer is all about risk and risk is changing rapidly. More people are working from home than ever before, which creates both added complexity for enterprises and also a change in employee behaviour. Key to increasing security is to make it easier for homeworkers and householders to be secure, with part of the answer lying in network-based offering such as Connected Customer Assurance and Protection Services (CCAPS) where every device connected to the home network is automatically covered and security automatically updated. This removes the effort for householders and closes the opportunity afforded to cybercriminals from the proliferation of connected devices within the home.
As devices become more secure, cybercriminals are moving on to more sophisticated social engineering attacks such as phishing – targetting the user with the aim of getting access to devices, applications, networks and data. In its recent report, Barracuda Networks explained how cybercriminals were using reconnaissance attacks to verify email addresses and engage victims in conversation. Since these emails have virtually no content and are sent out in low volumes, they’re hard for conventional phishing detectors and anomaly detectors to guard against.
Meanwhile a new study from Avast revealled that while customers were worried about cybercrime – 69% are worried about identity theft, 67% about data leakage, 64% about ransomware attacks and 64% about stalkerware attacks – four in ten (37%) were not aware of what cyber insurance was and most of the 63% that were weren’t exactly sure what it covered.
Avast’s research showed that the failure of insurance companies to target households with cyber protection meant that banks (24%), pension providers (19%), device manufacturers (19%) and service providers (17%) were stepping into the gap.
Nick Viney, SVP & General Manager at Avast noted that his company partners with insurance providers to offer their customers personal data and identity protection along with cyber insurance. The company also offers threat intelligence feeds which insurance providers can leverage as an add-on service in order to share insights with their customers and reduce risk.
Omnisperience’s View
There is a clear opportunity for service providers to add cyberinsurance to their CCAPS offerings and to extend this to small business customers. Network-based security, protection of individuals and their identity, monitoring of connected objects and CPE, and detection of anomalous behaviour in the home helps to minimise risk and therefore make insurance more affordable. CSPs can also provide help to recover IDs, replace damaged equipment and recover files when there is a breach. With 17% o f UK customers already buying protection via their service provider, this is an interesting area where CSPs can work with insurers to provide a service that customers need at a price they can afford.