Skip to main content
The Actuary: The magazine of the Institute and Faculty of Actuaries - return to the homepage Logo of The Actuary website
  • Search
  • Visit The Actuary Magazine on Facebook
  • Visit The Actuary Magazine on LinkedIn
  • Visit @TheActuaryMag on Twitter
Visit the website of the Institute and Faculty of Actuaries Logo of the Institute and Faculty of Actuaries

Main navigation

  • News
  • Features
    • General Features
    • Interviews
    • Students
    • Opinion
  • Topics
  • Knowledge
    • Business Skills
    • Careers
    • Events
    • Predictions by The Actuary
    • Whitepapers
    • Moody's - Climate Risk Insurers series
    • Webinars
    • Podcasts
  • Jobs
  • IFoA
    • CEO Comment
    • IFoA News
    • People & Social News
    • President Comment
  • Archive
Quick links:
  • Home
  • The Actuary Issues
  • May 2022
Students

Immaterial world: risk in the cyber insurance market

Open-access content Wednesday 4th May 2022
Authors
Ciara Izuchukwu

Ciara Izuchukwu explores how recent world events have impacted and accelerated the hardening of the cyber insurance market

web_p43_Student_Immaterial-world_CREDIT_Simon-Scarsbrook.jpg

The internet is an integral part of any business, regardless of the industry you operate in. The shift to a virtual work environment for many people, and the rise in value that data can hold for its users, have forced companies to revisit their management of this increasing source of risk. There is no such thing as ‘fully secure’ in cyberspace, so companies are having to navigate the controls they have in place to mitigate and protect themselves from a cyber-incident.

Cyber risk is a complex problem for actuaries to help clients manage. It has innumerable causes and is tough to define, and there is often no single right answer. However, this does not mean it can’t be modelled and managed profitably by insurers and reinsurers. According to MarketsandMarkets, the cyber insurance sector is projected to grow from US$7.8bn in 2020 to US$20.4bn by 2025, with an annual growth rate of 21.2%. Typically, cyber insurance covers a company’s liability for a data breach involving sensitive customer information, such as social security numbers, credit card numbers, account numbers, driver’s licence numbers and health records.

As in any new insurance market, there have been teething issues. Insurers and policyholders must adjust to the constantly evolving dynamics and increasing range of cyber threats. Not only has the price of coverage surged, but the cyber insurance business model is rapidly evolving, too. With ransomware attacks on the rise, the cost of data breaches, and the constantly shifting regulatory landscape, some security experts are concerned about the sustainability of the cyber insurance market. Reinsurance of cyber insurance mitigates the risks by distributing the risk among several insurers and increasing the overall coverage pool.

The pandemic and the rapid shift to virtual working increased cyber claims frequency, and their amounts. This is apparent in the fact that 47% of individuals fall for a phishing scam while working from home. Cyber attackers saw the pandemic as an opportunity to step up their activities by exploiting the vulnerability of home workers and capitalising on people’s interest in news about COVID-19, for example, by using malicious fake pandemic-related websites. 

Political uncertainty serves as a hotbed for increased cybercrimes and, unsurprisingly, cyberattacks on businesses and government agencies have increased since the Russian invasion of Ukraine. This will be of concern to policyholders and insurers due to the increased risk of ‘spill-over’ cyberattacks.

One notorious Russian cyberattack was the NotPetya attack against the Ukrainian government in June 2017, delivered through a mock ransomware virus. This wiped data from computers belonging to banks, energy firms, senior government officials and an airport, affecting computer systems across the globe and costing billions in damages.

Cyber insurance is a key risk management tool. However, as the industry and the attacks evolve, insurance companies must take another look at the scope of the cover they offer and the terms and conditions they give to policyholders. Insurers now incur significant legal costs in clarifying cyber-policy phrasing and addressing ‘silent cyber’ issues through wording that explicitly includes or excludes certain cyber events. Traditional ‘acts of war’ exclusion clauses are drawing scrutiny due to spill-over effects from cyberattacks, so insurance companies need to look at cyber risks in a new way if they are to continue to meet the needs of the policyholder while offering a realistic product that meets minimum profit requirements.

Governments and regulators know that this area needs greater resources and effort allocated to it in order to manage the risks that companies are exposed to.

In late 2021, the UK’s National Cyber Security Centre and Financial Conduct Authority told large organisations to bolster their cyber defences, and in Europe the European Central Bank asked banks to strengthen their ‘cyber hygiene’.

Cyber insurance is still in its early days, and enterprises will require different coverage to what they have had in the past. As demand grows, rising premiums are forcing companies to implement better cyber hygiene; by itself, insurance is not a suitable or sustainable mitigation for cyber risk.

Ciara Izuchukwu is student editor

Image credit | Simon Scarsbrook
Linked ACT May22_Full LR.jpg
This article appeared in our May 2022 issue of The Actuary.
Click here to view this issue
Filed in
Students
Topics
Risk & ERM
General Insurance
Technology

You might also like...

Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Latest Jobs

New Fast-Growing Team - Actuarial Systems Development

London (Greater)
Excellent Salary Package
Reference
143762

Actuarial Pension Consultant – Scotland/Remote – Up to £90,000 plus bonus

Edinburgh / Glasgow / Remote working
Up to £90,000 + Bonus
Reference
143761

Part Qualified Pensions Actuary– Specialised Pensions Consultancy - Scotland/Remote - Up to £70,000

Edinburgh / Glasgow / Remote working
Up to £70,000 + Bonus
Reference
143760
See all jobs »
 
 

Today's top reads

 
 

Sign up to our newsletter

News, jobs and updates

Sign up

Subscribe to The Actuary

Receive the print edition straight to your door

Subscribe
Spread-iPad-slantB-june.png

Topics

  • Data Science
  • Investment
  • Risk & ERM
  • Pensions
  • Environment
  • Soft skills
  • General Insurance
  • Regulation Standards
  • Health care
  • Technology
  • Reinsurance
  • Global
  • Life insurance
​
FOLLOW US
The Actuary on LinkedIn
@TheActuaryMag on Twitter
Facebook: The Actuary Magazine
CONTACT US
The Actuary
Tel: (+44) 020 7880 6200
​

IFoA

About IFoA
Become an actuary
IFoA Events
About membership

Information

Privacy Policy
Terms & Conditions
Cookie Policy
Think Green

Get in touch

Contact us
Advertise with us
Subscribe to The Actuary Magazine
Contribute

The Actuary Jobs

Actuarial job search
Pensions jobs
General insurance jobs
Solvency II jobs

© 2023 The Actuary. The Actuary is published on behalf of the Institute and Faculty of Actuaries by Redactive Publishing Limited. All rights reserved. Reproduction of any part is not allowed without written permission.

Redactive Media Group Ltd, 71-75 Shelton Street, London WC2H 9JQ