Cyber insurance costs are going down globally, even though cyberattacks are on the rise, according to a recent report by broker Howden. The report says businesses are getting better at protecting themselves from cybercrime, leading to fewer insurance claims. This trend follows a sharp increase in cyber insurance premiums in 2021 and 2022, likely due to the rise in cyber incidents during the COVID-19 pandemic.
Howden’s report highlights that the cyber insurance market saw significant price reductions (double-digits) in 2023/24.
Stronger security measures, like multifactor authentication, are helping companies keep their data safe, ultimately reducing the need for insurance payouts.
“MFA is the most basic thing you can do, it’s like locking the door when you leave the house,” said Sarah Neild, head of UK cyber retail at Howden.
“Cyber security is a many-layered beast,” Neild added, pointing also to greater investment in IT security, including staff training.
“On the whole, clients are more robust.”
More insurance companies are now willing to offer cyber insurance, which is also driving down prices, according to Neilson from Howden, despite the continued rise in cyberattacks.
Interestingly, the report also found that global ransomware attacks decreased after Russia’s invasion of Ukraine in February 2022. This suggests that hackers in those countries may have shifted their focus to supporting the military effort.
However, the report also reveals a concerning trend. Recorded ransomware incidents actually rose 18% in the first five months of 2024 compared to the same period last year. This highlights the ongoing threat of cyberattacks despite the price decrease.
The report explains how ransomware works by encrypting a victim’s data and demanding a ransom (usually in cryptocurrency) for decryption. Business interruption is typically the most expensive consequence of a cyberattack. Still, the report finds that businesses can mitigate these costs with better backup systems, like those offered by cloud providers.
Finally, the report points out that while most cyber insurance business is currently in the United States, Europe is expected to see the fastest growth in this $15 billion global market due to lower existing insurance penetration.
The report also identified a gap in awareness, with smaller firms less likely to purchase cyber insurance, possibly due to a lack of understanding of the cyber risk they face.