Moody’s Investor Services estimates that total premiums paid for protection against cyber fraud and ransomware attacks increased from $1.2 billion in 2019 to $1.6 billion in 2020. However, the increase in ransomware attacks has also led to an increase in the loss ratio, which has increased from 44 to 65% in 2020. % in 2019
Moody’s said entities that fail to adapt will be at greatest risk with increased risks across the board during the period when organizations transition to new cybersecurity procedures. Also, low cyber security coverage will have a negative impact on the credit profiles of companies.
Post-pandemic surge in ransomware attacks is responsible for the rise cyber insurance Premiums in all regions globally, as well as shrinking coverage for the industries most targeted by these attacks. Low cyber insurance coverage is a negative negative for affected entities because it restricts the availability of funds to mitigate the financial impact of a cyber attack and makes it more expensive to connect to products and services to improve cyber resilience,” Moody’s said. said.
The high loss ratio increased from 47% in 2019 to 73% in 2020 when defense costs were included, reducing profitability for insurance companies.
“Assuming an average expense ratio of 30%, the estimated combined ratio – losses and expenses incurred as part of the premium for standalone cyber insurance were above 100%, meaning the product was not profitable. As part of the cyber insurance package Sold as such, however, still generated an underwriting profit in 2020,” Moody’s said.
As a result of protecting AA profitability, insurers have substantially increased cyber insurance premiums.
For example, insurance broker Marsh & McLennan Companies, Inc. (BAA1 constant) recorded premium growth of 56% in the US, 35%-40% in the UK and 20%-30% in Latin America in Q2 of 2021, with significant growth in continental Europe and Asia-Pacific.
According to insurer Risk Placement, “industries have had the highest premium growth for entities targeted by the most ransomware attacks. In the US, entities in education, government, healthcare, manufacturing, and manufacturing have received premium increases of 300% or more.” Services Inc.,” Moody’s said.
Despite the rise in premiums, adoption of cyber insurance continues as companies see it as an essential part of their security.
“Marsh reported that its global percentage of insureds with cyber insurance increased from 26% in 2016 to 47% in 2021. For industries that are frequent ransomware targets, insurance coverage is also less comprehensive now,” Moody’s said.
In addition, cyber security insurers that limit financial impact also act as facilitators for their customers, creating incident response plans, vulnerability email alerts, external vulnerability monitoring, network security, identity and access management and educational tools. , arrange equipment for testing and evaluation. Services, in which insurers connect insureds with cyber security professionals who guide them through cyber incident response.
“Without cyberinsurance, issuers must arrange these services themselves and it may be more challenging to identify and connect to verified support services in a timely manner,” Moody’s said.