While the risks continue to rise, investment in cyber defences enables businesses to secure cyber insurance at a more competitive rate

The growing threat of cyber attacks is having an impact on businesses across the country, with many now looking to invest in their security to bring down the cost of cover – which remains the biggest barrier to purchase.

Cyber defence firm Sophos published the results of a new survey last month, which found that 97% of those with a cyber policy were invested in improving their defences to help with insurance costs.

cyber insurance

Its research also found that 76% of surveyed businesses said this investment had enabled them to qualify for coverage, while 67% said they had achieved better pricing and 30% had secured improved policy terms.

However, the survey also revealed that recovery costs from cyber attacks were outpacing insurance coverage.

Only one percent of those that made a claim following a cyber incident said that their carrier had funded 100% of the costs incurred. The most common reason for the policy not paying for the costs in full was because the total bill exceeded the policy limit.

The biggest issue, it seems, is businesses’ failure to implement basic cyber security best practices. Insurers still view the cyber market as one of opportunity, despite the softening of rates and a rise in claims.

Huge opportunities

This week, broker Howden said that the cyber market offered huge opportunities, with non-US territories predicted to account for 54% of the growth in this line up to 2030.

Howden recognised that the market faces challenges, with claims frequency having risen 18% so far this year on already elevated 2023 levels.

The good news is, however, that fewer companies are being forced to pay a ransom, due in large part to more effective risk controls.

The ongoing geopolitical crises have ensured concerns about systemic risk continue to hang over the market and recent events have only highlighted the inherent risk of aggregation across multiple organisations via a single point of failure.

The bottom line is that while the risks continue to rise, the ability of brokers and insurers to grow the market in key areas, such the SMEs, remains an uphill battle.

The increased use of artificial intelligence may well act as a further trigger for business recognition that the risks to their future operations are increasing and that they need to get a better grip in the threat that cyber criminals pose.

However, insurers find themselves in a situation where the costs of cyber cover are still being cited as a barrier to purchase, while the risks the product mitigates demand a technical premium that continues to make insureds think twice.

Given the ever greater role technology plays in business of all types and sizes, the industry is right to see cyber as a class of real opportunity.

However, the disconnect between business understanding of the threats and the recognition of the role insurance can play remains all too evident.