Cyber insurance market encounters ‘crisis moment’ as ransomware costs pile up

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360

Written by Tim Starks

It’s a sure sign of trouble when leading insurance industry executives are worried about their own prices going up.

Two separate CEOs of major insurance giants remarked in recent weeks about a considerable jump in cyber insurance premium prices: AIG’s chief executive said rates increased by 40% for its clients, while Chubb’s chief executive said that company was charging more, too.

Rather than welcoming the trend, Chubb CEO Evan Greenberg offered a warning. Those price increases, he said, still don’t reflect the grave risk that a catastrophic cyber event poses. “That is not addressing by itself the fundamental issue,” he said.

Those are just two data points about how, in the past year, the evolution of ransomware has radically altered the landscape of cyber insurance, according to analysts inside and outside the industry. Cyber insurance covers a range of ransomware-related costs, like extortion demands, remediation efforts and other losses.

Ransomware now accounts for 75% of all cyber insurance claims, up from 55% in 2016, according to the credit ratings agency AM Best. The percentage increase in claims is outpacing that of premiums, said a June report which concluded that “the prospects for the cyber insurance market are grim.” Fitch Ratings in April found that the ratio of losses to premiums earned was at 73% last year, jeopardizing the profitability of the industry.

A lack of profitability could lead to yet more premium increases, insurers fleeing the cyber insurance market or policyholders receiving more limited coverage. Problems in the cyber insurance marketplace stand to limit its ability to be a force for effective data protection techniques in the wider private sector, as clients look to insurers for guidance on specific security tools and measures.

“For the cyber insurance market, we are in the very first and most pivotal challenge that we’ve ever had,” said Michael Phillips, chief claims officer for Resilience. “This is our crisis moment.”

There’s less agreement about what could turn things around. Some changes are underway, with…