The cyber insurance market is in the midst of a reckoning after years of low premiums and inadequate loss control have led to increasing claims frequency and severity.
Executive SummaryGoing beyond tactics like increasing the number of questions on their insurance applications, P/C insurers covering cyber risk can learn a great deal about their insureds' cultures and the commitment of insured organizations to cybersecurity through behavioral analytics tracking complacency and cyber hygiene, writes TEKRisSQ Co-Founder Bill Haber.
Now, demand for coverage is exploding―driven largely by a surge of ransomware attacks and social engineering incidents―while carriers tighten up their underwriting requirements and question if cyber can be underwritten profitably. Though it is a much more challenging segment today, if agents and carriers improve upfront due diligence to better mitigate cyber exposures, the answer is yes, the industry can be profitable in this segment.
But first, the industry must acknowledge it doesn’t fully understand this risk. Insurers need to find ways to better identify the true cyber risk profiles of their insureds, verify the level of cybersecurity resilience in place, and monitor the pace and culture with which these organizations drive resilience on a regular basis. This means more industry collaboration and investing in outside expertise and tools to ensure the long-term viability of the cyber market.