Skip to main content
The Actuary: The magazine of the Institute and Faculty of Actuaries - return to the homepage Logo of The Actuary website
  • Search
  • Visit The Actuary Magazine on Facebook
  • Visit The Actuary Magazine on LinkedIn
  • Visit @TheActuaryMag on Twitter
Visit the website of the Institute and Faculty of Actuaries Logo of the Institute and Faculty of Actuaries

Main navigation

  • News
  • Features
    • General Features
    • Interviews
    • Students
    • Opinion
  • Topics
  • Knowledge
    • Business Skills
    • Careers
    • Events
    • Predictions by The Actuary
    • Whitepapers
    • Moody's - Climate Risk Insurers series
    • Webinars
    • Podcasts
  • Jobs
  • IFoA
    • CEO Comment
    • IFoA News
    • People & Social News
    • President Comment
  • Archive
Quick links:
  • Home
  • The Actuary Issues
  • December 2019
12

Breaching digital risks

Open-access content Thursday 5th December 2019 — updated 2.53pm, Friday 1st May 2020
Authors
YAFFA COHEN-IFRAH

Yaffa Cohen-Ifrah explores how cyber insurance challenges can be overcome

2

As rapid digitisation and data collection comes to define the modern economy, the issue of cybersecurity has come to the fore, with a new breed of innovative software companies marketing their security solutions to enterprises, small and medium businesses and ordinary citizens keen on protecting their assets.

However, the cybersecurity industry took root in a very different world to the one we live in now. The magnitude of our cyber vulnerabilities has soared in tandem with the sheer volume of data and assets that now exist in cyberspace. This has given rise to an entirely new market - one designed to better gauge risks and utilise cyber best practices. 

Despite the preparation, organisations must be ready for doomsday scenarios. By next year, the global cyber insurance market will reach up to $9bn, compared to less than $4bn in in 2017, according to projections from Munich Re. The market's exponential growth underscores the surging demand for solutions that not only help spur stronger cyber protection, but also minimise the impact of attacks. The market's maturation, and strengthening of clients' cyber readiness, will require insurers to address early challenges that make modelling risk more difficult than in other insurance verticals. Fortunately, these challenges are far from insurmountable.

Growth of cyber insurance

The 2013 Target data breach offers a case study on how cyber insurance can significantly limit the damage done to a business's bottom line. While the retail giant reported $61m in costs stemming from the breach, the company's insurance policy covered $44m of those losses - a loss reduction of 72%. The hefty payout highlighted the benefits of cyber coverage for clients. However, as more businesses purchase coverage, how can insurers formulate cyber policies that reflect the unique risks and vulnerabilities faced by each potential client?

A look at the trajectory of cyber insurance premiums shows the volatility of risk pricing. Cyber premiums are increasing three times faster than general property and casualty insurance premiums. On the one hand, this is hardly surprising given the mounting vulnerabilities of the digital age. There's another major factor driving high premiums, though: insufficient and inadequate data.

The relative dearth of historical data, and the difficulty of assessing clients' true cyber vulnerability - in part because organisations aren't always legally obligated to disclose cyber incidents if they don't affect consumers - can make pricing cyber risk feel like guesswork. But it doesn't have to be.

Insurers should start by leveraging accumulated data, which can provide illuminating insights into the scope and variety of threats. In 2017, Symantec revealed that there were a staggering 357m malware variants based on an examination of 225m devices across 157 countries. Using such accumulated data, insurers can better understand cyber risk and then model the impacts of different attack scenarios.

Additionally, rather than relying on clients to self-report information via lengthy questionnaires, insurers can gain better visibility into organisations' risk exposure by working alongside clients to conduct comprehensive inventories of their networks and digital assets - recommending products and processes for mitigating risk, and developing action plans to guide the client's response in the event of a breach. What holds true of cybersecurity generally also applies to cyber insurance: true protection for insurers is only possible with maximum visibility and continuous monitoring of threat. 

Amid digital transformation and breakneck innovation, today's companies are looking for one thing above all when it comes to cybersecurity: assurance that their IT infrastructures are well-fortified and that their organisations have plans in place to contain the fallout, should bad actors strike. While each organisation must remain vigilant in the face of cyber threats, cyber insurers can bring unparalleled technical expertise and risk analysis to bear, ensuring that clients aren't flying blind in the often-stormy skies of cyberspace.

Ultimately, the cyber insurance market's legitimacy will be established by concrete results - not only in terms of attacks prevented, but also in payouts that reduce businesses' net losses following a breach. Crucially, because cyber insurers have a vested interest in keeping cyber incidents to a minimum, they will be key drivers of organisational change and improved cyber practices. Harmonising financial incentives with clients' security will be a true win-win.
 

Yaffa Cohen-Ifrah is CMO and head of corporate communications at Sapiens

 

The Actuary December 2019
This article appeared in our December 2019 issue of The Actuary.
Click here to view this issue
Filed in
12
Topics
Risk & ERM
General Insurance
Technology

You might also like...

Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Latest Jobs

Catastrophe Modelling Analyst - London Market Broker

London, England
£40000 - £50000 per annum
Reference
145925

Senior Catastrophe Analyst

England, London
£65000 - £75000 per annum
Reference
145924

Life Actuary - Financial Reporting - Day Rate contract

Negotiable
Reference
145923
See all jobs »
 
 

Today's top reads

 
 

Sign up to our newsletter

News, jobs and updates

Sign up

Subscribe to The Actuary

Receive the print edition straight to your door

Subscribe
Spread-iPad-slantB-june.png

Topics

  • Data Science
  • Investment
  • Risk & ERM
  • Pensions
  • Environment
  • Soft skills
  • General Insurance
  • Regulation Standards
  • Health care
  • Technology
  • Reinsurance
  • Global
  • Life insurance
​
FOLLOW US
The Actuary on LinkedIn
@TheActuaryMag on Twitter
Facebook: The Actuary Magazine
CONTACT US
The Actuary
Tel: (+44) 020 7880 6200
​

IFoA

About IFoA
Become an actuary
IFoA Events
About membership

Information

Privacy Policy
Terms & Conditions
Cookie Policy
Think Green

Get in touch

Contact us
Advertise with us
Subscribe to The Actuary Magazine
Contribute

The Actuary Jobs

Actuarial job search
Pensions jobs
General insurance jobs
Solvency II jobs

© 2023 The Actuary. The Actuary is published on behalf of the Institute and Faculty of Actuaries by Redactive Publishing Limited. All rights reserved. Reproduction of any part is not allowed without written permission.

Redactive Media Group Ltd, 71-75 Shelton Street, London WC2H 9JQ