By Max Dorfman, Research Writer, Triple-I
Direct written premiums for cyber policies grew sharply in 2021 from 2020, spurred by claims activity and cyber incidents. According to a recent analysis by S&P Global Market Intelligence, direct written premiums nearly doubled, to approximately $3.15 billion in 2021, from $1.64 billion the previous year. Direct written premiums for packaged cyber insurance rose approximately 48 percent, to $1.68 billion in 2021 from $1.14 billion in 2020.
The average loss ratio for stand-alone policies decreased to 65.4 percent in 2021, from 72.5 percent in 2020, while they significantly grew premium. Analysts believe this might be a sign that insurers are becoming more disciplined and conservative in their cyber underwriting. Still, Fitch Ratings analysts noted that cyber insurance is the fastest-growing segment for U.S. property and casualty insurers, with prices increasing at “considerably higher” speed than other commercial business lines.
Cybercrime is increasing
According to the FBI’s Internet Crime Complaint Center (IC3) 2021 Internet Crime Report, the department had 3,729 ransomware complaints, with over $49.2 million of adjusted losses. In total, there was $6.9 billion in losses coinciding with more than 2,300 average complaints daily. The most common complaint was phishing scams, demonstrating a trend that has continued for some time.
Indeed, several data points demonstrate the increasingly dire situations organizations face when it comes to cyberattacks, and the need for businesses to become more vigilant. These include:
According to one analysis by Fortune Business Insights, the compound annual growth rate of cyber insurance could increase by 25.3 percent from 2021 to 2028, with the market growing to $36.85 billion.
However, Tom Johansmeyer, a cyber insurance expert, told Harvard Business Review in March 2022, “Cyber insurance is harder for companies to find than it was a year ago – and it’s likely going to get harder. While cyber insurance is becoming more of a must-have for businesses, the explosion of ransomware and cyberattacks means it’s also becoming a less enticing business for insurers.”
Organizations should combine these policies with a strong cyber security plan to fully safeguard against the possibility and consequences of a breach.