2021 Predictions: Cyber insurers will be on the front line in defending against digital threats

The cyber insurance market is currently at the most challenging point in its history due to a marked increase in the severity of losses being experienced, and driven almost entirely by bigger ransomware events.

Prior to 2018, ransomware threat actors rarely exercised victim profiling and tended to issue nominal demands that remained constant regardless of the size of the victim organisation. But over the past two years this has changed dramatically with the increasing popularity of ransomware variants which have been developed for more targeted attacks and where demands are set according to the victim’s perceived ability to pay.

The net result has been an increase in the value of ransom demands as threat actors are recognising that they are able to extort more money from victims than previously, which in turn has led to more victims seeking reimbursement for a variety of costs under their cyber insurance policies. Six and seven figure claims payments are now a frequent occurrence.

These events are starting to drive change in the market. Cyber insurance rates are increasing significantly for the first time in years in direct response to the shifting claims environment, whilst some insurers are starting to apply sub-limits and co-insurance with respect to ransomware related coverage items.

Despite these changes, cyber insurers with size, scale and experience in the sector seem to be well placed to help their customers navigate the challenges that the heightened threat environment presents.

There has been an increasing trend amongst the longest established cyber insurers to build large in-house cyber security teams, which have become first responders for thousands of organisations being hit with potentially catastrophic cyber attacks.

At CFC we are also seeing a move amongst cyber insurers to provide proactive threat alerts to their customers in real time, warning them of vulnerabilities on their network that have a high probability of leaving them open to attack. Cyber insurers are going to play an increasingly crucial role in this kind of risk mitigation activity.

While ransomware will continue to be the greatest digital threat that most organisations face in 2021, this won’t always be the case. As the cyber market continues to mature, cyber insurers no longer view their role as simply being there just to create policy wordings and reimburse financial loss. More will seek to carve out a central role in not only being the first line of defence for customers, but also in identifying what the next big threats are and ensuring that their customers are protected before the worst happens, not just afterwards.

Throughout this year, I see cyber insurers investing more in their in-house claims and security teams and investing more in their technology and infrastructure that will allow them to communicate threat alerts rapidly to their customers -- and then, of course, helping them to address these threats.

    Share Story:

Recent Stories


Financial institutions were early adopters of cyber security and insurance. Are they still on top of the game?
Managing huge amounts of sensitive data online makes financial institutions a prime target for hackers. As such, the sector was an early cohort for insurers in creating cyber cover. Since then, the market has evolved almost beyond recognition. It continues to challenge itself to this day, complying with rigorous regulatory demands and implementing avant-garde enhancements to keep abreast of the ever-changing risks. Published June 2021

Manufacturing: An industry at risk amid great technological change
Of the many sectors of business, manufacturing companies are among the most at risk from cyber threats. How has the sector evolved to make it so vulnerable and what does the task of managing cyber exposure in a manufacturing company look like? CIR’s latest podcast with Tokio Marine HCC sought to answer all these questions and more. Published April 2021

Advertisement