Stricter policy language, pricing increases and more scrutiny at policy inception made for a tumultuous couple of years in the cyber insurance market. Despite this, 36 percent of Marsh’s clients reported buying cyber insurance in 2022, up from the 33 percent that purchased it a year prior, a newly released Marsh’s U.S. Cyber Purchasing Trends report found.

Companies with greater than $1 billion in annual revenues are more likely to purchase cyber insurance than companies with lower revenue. Larger companies tend to have more robust tech systems in place, along with a strategy for handling cyber-related threats.

Lloyd’s of London mandated new war exclusion, effective March 31, 2023, has companies thinking about insurers’ approach to war and the potential catastrophic risk.

Cyber insurers have turned their focus to potentially catastrophic cyber risk, the reported noted, “including fallout from geopolitical conflicts and corresponding nation state activity, changing policy exclusions and the possible impact from single points of failure.”

“The increase in the number of organizations purchasing coverage is a positive trend, reinforcing the view that insurance is an important part of a holistic cyber risk management strategy. Buyer uncertainty still remains, however — namely around war, cyber operations, and systemic/catastrophic risk exclusions,” said Greg Eskins, U.S. cyber product leader.

Marsh found a significant shift in purchasing in 2022, related to how clients made coverage purchasing decisions and managed their cyber insurance programs.

Clients generally continued to increase their self-insured retentions (SIRs) early in 2022. As the market improved and pricing stabilized throughout the year, there began to be a decrease in SIRs as coverage became more available and affordable, a trend that has continued into 2023, according to the report.

The percentage of clients purchasing higher limits increased as SIRs declined, from 10 percent in the second quarter of 2022 to 16 percent in the fourth quarter, the report noted. “Rising competition among cyber insurers — driven in part by improvements in potential clients’ cyber controls — positively affected pricing for clients seeking to increase limits.”

Desiring more control of their cyber programs, the number of Marsh-managed captive insurers writing cyber coverage increased 75 percent.

“Captives have become an incredibly useful tool for organizations over the last couple years as they’ve grappled with difficult cyber market conditions,” said Ellen Charnley, president of Marsh Captive Solutions. “In some cases, organizations are funding their entire cyber risk into a captive, but more often they are using cell captives to fund different layers within their larger cyber program.”

Buying trends varied by industry. Clients in the education industry reported the highest take up of cyber insurance than any other industry, at 60 percent. Healthcare ranked second at 56 percent.

Those clients in the life sciences industry and financial institutions also report a significant boost in the rate of cyber insurance purchases, at 20 percent, over a three period from 2020-2022.

Cyber rates in the U.S. continued to decline from December 2021 highs: 17.1 percent (Dec. 2022) vs. 133 percent (Dec. 2021), according to the report.

“The U.S. cyber insurance market continues to stabilize. Barring unforeseen events, we expect to see continued deceleration of rate increases for the remainder of 2023, especially for organizations with good cyber hygiene and loss histories,” said Meredith Schnur, Marsh’s U.S. cyber brokerage leader.

Ransomware-related claims increased 77 percent during the first quarter of 2023, while privacy-related claims increased by 85 percent during the same period.

The decrease in attack frequency, including international sanctions in response to Russia’s invasion of Ukraine, which hindered ransom money movement, were noted as contributing to the decline in ransomware attacks in 2022.

This year, however, new ransomware groups emerged at the same time as “established threat actors executed mass ransomware attacks,” the report stated.

As risk complexity grows, Marsh views the continued increase in cyber insurance coverage as a positive, highlighting organizations’ view of the importance of cyber resilience.

Cyber risk management is best handled holistically through a variety of measures such as predictive aggregation models, cyber insurance, and through information sharing among private and public sector members, the global insurance broker noted.