The $10 billion cyber-insurance industry sees a dangerous year in cybercrime ahead. AI, ransomware, and war are its biggest concerns

/in


It’s rare to find an insurance policy against war breaking out, but there’s a $10 billion market for cyber-insurance that guards against the threat of ransomware attacks. With the world as violent and turbulent as it is right now, though, lines between the two are blurring.

The ongoing wars in Ukraine and Gaza have insurers on such high alert that many simply aren’t offering coverage any longer, on top of which AI is creating new and unpredictable cybersecurity risks. And insurers expect a “significant” increase in hacks in 2024, to boot.

Those were the three key findings of a new report on cyber-insurance trends from consultancy Woodruff Sawyer. Insuring against cybercrime has grown from a tiny niche to a $10 billion market, with firms that offer coverage ranging from small specialty carriers to household names such as Chubb and Travelers. They offer coverage for losses incurred relating to companies’ IT and computer systems—for example, if companies are hacked and lose data or have to pay ransoms to get it back.

Woodruff Sawyer surveyed over 40 of its clients and found that the industry has a gloomy outlook this year: 56% of respondents said they believed cyber risk would “increase greatly” in 2024. They pointed to ransomware and war-associated risks as two of their biggest concerns.

“If you have an attack that is part of a war campaign, it can affect private companies across the globe that have nothing to do with war,” said Woodruff Sawyer national cyber practice leader Dan Burke in an interview with Fortune. “That is the true risk that’s elevated by conflict and war and geopolitical tension. That’s really what underwriters are mostly concerned about.”

A famous example of this type of ransomware attack was a virus called NotPetya, which circulated in 2017. Originating in Ukraine, it quickly went global and compromised the computer systems of dozens of companies, including drug giant Merck and shipping company Maersk. The White House estimated it caused $10 billion in damages.

“The NotPetya attack was a Russian-based attack against an accounting software in Ukraine. And it turns out that that specific piece of software was used by multinational…

Source…