Skip links

Why the hardening of the cyber insurance market is booming

Dominic Trott, Uk product manager, Orange Cyberdefence 

In some ways, last year was the worst year ever for cyberattacks. According to data, the number of cyberattacks targeting organisations climbed by 13% between 2020 and 2021 on a global scale, with manufacturing, professional services, and retail being the hardest hit. Indeed, it’s been difficult to avoid hearing about ransomware assaults in the last year, so it’s no wonder that malware attacks – including ransomware – climbed by 18% over that time.

The Russian invasion of Ukraine, which occurred recently, was significant for both military and cyber attacks. Destructive malware has been deployed by bad actors in Ukraine to destroy computer systems and render them useless. The threat of attacks on essential infrastructure such as healthcare, energy, and water is growing as the invasion progresses.

Evolving landscape 

Despite a recent increase in the number of reported cyberattacks, the UK National Crime Agency feels that there is still significant under-reporting of incidents since businesses rarely have reliable information about what happened and when.

It’s also not always true that the number of evil actors is growing, but rather that the scale on which they operate has grown dramatically. Not only in terms of scale, but also in terms of how hacks are carried out, with a clear ‘hack to cash’ structure in place and few criminals arrested.


As this nefarious business has grown, so has a beneficent counter-industry, as cybersecurity specialists have committed more time and money to keep ahead of the curve.

One of the most significant challenges facing today’s security value chain is that cyber insurers and cybersecurity incident response teams (CSIRTs) are competing for the same funding among clients. Thankfully, the market has progressed from the scenario five to ten years ago, when some less developed organisations would lump security products and services in with other expenses.

This development has been fueled by cyber insurers’ increasingly prescriptive approach to the baseline security procedures they need to see in place before providing coverage. Cyber insurance and incident response functions, on the other hand, should be viewed as stakeholders in a team that must collaborate. One is required to analyse, manage, and avoid cybersecurity-related events, as well as to coordinate incident response operations after an event has occurred; the other is required to seek financial compensation once the event has ended and the harm has been correctly assessed.

Mind The Gap 

CSIRTs can potentially bridge the gaps in circumstances where organisations are left exposed in their preparedness as the cyber insurance market evolves and hardens in response to an increase in losses and economic stresses such as COVID-19.

Given that many cyber insurers are seeing their expenses climb in tandem with the evolving threat landscape, they are appropriately seeking for ways to bring these costs back under control. There are three main themes to this strategy, among other things: to properly quantify the risk levels of its consumers; to become more explicit about the security tools and services policyholders are expected to use in order to qualify for coverage; and to get more specific about what does and does not fall within their policies’ coverage. The increased volume of cybercrime perpetrated by foreign governments is a good example of this last issue. If cybercrime is determined to be state-sponsored, cyber insurers are increasingly deciding that it should be classified as a “act of war” and hence not covered by insurance.

The dramatic increase in cyber insurance premiums serves as a wake-up call for the entire industry to collaborate more effectively. Both cyber insurers and CSIRTs are equal partners in the cyber insurance ecosystem and should work together to create a mutually beneficial equilibrium. Regardless of whether or whether they have separate cyber insurance coverage to reduce their risks, cybersecurity is and should be a top priority for all CEOs.

The present hardening market then plays a critical role in catalysing positive change in the ecosystem, which will lead to greater resiliency and sustainability for everyone.

Leave a comment

This website uses cookies to improve your web experience.