Cyber insurance, while still a relatively new market, initially experienced years of rapid expansion with relatively low losses. The boon resulted in expanding coverage, falling rates, abundant capacity, and the ability to evolve to battle existing and emerging cyber threats. But it appears those days are over — for now.
Towards the end of 2019, the industry saw an increase in the frequency and severity of cyber claims. This put pressure on carriers moving into 2020, coupled with increased regulation at all levels of government. Last year the industry saw the first real signs of a hardening market, resulting in increased underwriting scrutiny and increased premiums.
Despite changing market conditions, Coalition remains an industry leader, with lower claims frequency and loss ratio when compared to other carriers. While other companies are making drastic changes (at the expense of brokers or policyholders), we are holding strong.
What does this mean for today’s market? Why are we experiencing this now? How is Coalition reacting to the shift? And what does it all mean for cyber insurance buyers in 2021 and beyond?
The current state of the cyber insurance industry
In 2020, as many businesses were forced to transition to remote work, they often settled into the ease and reliability of remote working environments. Because there was a rush to get up and running quickly during the pandemic, security risks were overlooked. It’s easy to forget that what makes it easier for employees to access their accounts and sensitive information also makes it easier for hackers to target and access the same information.
While the threats of business email compromise, social engineering, and funds transfer fraud are still very much present, the cyber insurance community agrees that the hardening of the market is primarily being driven by ransomware attacks. Hackers are getting more specific about who they target, the amount of the ransom they hope to collect, the complexity of the attacks, and the sophisticated ransomware variants they use to execute them.
We’ve seen a sharp increase in ransom demands over the past year as threat actors have exploited COVID-19 and changes in company operating procedures. Although the frequency of ransomware claims for Coalition policyholders decreased from 2019 to 2020, we’ve observed a dramatic increase in the severity of these attacks. The ransom demands are higher, and the complexity and cost of remediation is growing. The average ransom demand amongst our policyholders increased 195% from 2019 through 2020, with the average ransom demand reaching over $300,000.
Ransomware attacks often result in significant interruptions to ongoing business activities, and the process to recover and restore business operations, even when system backups are readily available, can be complex and expensive. What’s unfortunate is that small and midsize businesses are impacted more often than larger organizations — and they are the least able to defend themselves and bounce back quickly. According to Coveware, 70% of ransomware attacks are aimed at organizations with less than 1,000 employees.
It all comes down to underwriting
After years of profitability, insurance companies are experiencing more claims than ever. It’s these claims, including multi-million dollar payouts, that have hardened the market. But there is something larger at play here. These losses, accelerating by the pandemic, have exposed a phenomenon of ineffective underwriting.
We used to underwrite primarily towards mitigating privacy and social engineering losses. These tended to be easier to underwrite, with fewer risk-mitigating mechanisms. There was a certain simplicity to it. As the claims evolved and the tactics shifted to ransomware, things got incredibly complex. These sophisticated attacks involve multiple entry points that require tremendous knowledge regarding data, networks, and employee education.
The industry was essentially ill-equipped to underwrite for ransomware. As the industry saw more claims than expected, the market began to harden, increasing premiums and reducing coverage. Only entities who feel they can underwrite appropriately, especially when it comes to ransomware, are likely to prevail in the long term. Coalition’s innovative approach to underwriting is what has helped us navigate and succeed despite these changes in the market.
In fact, Frost & Sullivan recently awarded Coalition the 2021 North American Technology Innovation Leadership Award for cyber insurance. Our differentiated underwriting capabilities and unique risk management offerings have established us as an industry leader in the cyber insurance market. We not only help our clients recover from cyber attacks — we proactively help prevent them.
Coalition remains competitive despite hardening market
We’re proud of our underwriting process and constantly looking for new ways to improve it. In fact, we have nearly 100 people dedicated to doing just that. We are efficient and highly effective. We have practices in-house that we’ve always done that play to our strengths: detecting remote access, email security, and employee training.
We’ve only slightly increased our pricing to meet the rising tide, while we’ve seen other markets double or even triple their rates. In fact, we’ve seen other markets increase their prices by as much as 30-50% while materially reducing coverage. We value our mission to help solve cyber risk and protect our customers at all costs. As a result, we’ve had zero changes in underwriting appetite, limits, or levels of coverage.
What does this mean for cyber insurance buyers and brokers in 2021?
The current state of the cyber insurance market is concerning. And as other markets have pulled back coverage and increased prices, we still see opportunities for cyber insurance buyers to access better coverage and more attractive pricing. They just need to take cyber risk management seriously. Coalition continues to lead the market by offering better prices and better coverage for organizations that implement strong security controls.
In the past year, Coalition launched several new services and software products to help our policyholders proactively manage cyber threats — including pre-breach services, employee training, incident response planning, compliance assistance, and IT services.
If you take cyber risk seriously and want to follow simple steps to better protect your organization from malicious actors, download the 2021 Coalition Cybersecurity Guide.