The cyber insurance market in the United States has evolved dramatically in the past few years. After significant escalation in the frequency and severity of cyberattacks, especially targeted attacks involving ransomware and sophisticated social engineering scams, cyber insurers have started to raise their guard. Carriers have reacted by seeking more rate, increasing deductibles, introducing stricter underwriting criteria, and some have even started to sub-limit ransomware and apply co-insurance provisions, forcing insureds to share more of the risk.
“This is a very dynamic marketplace with respect to the changes that are being made. Different markets are taking different approaches, and they’re pushing pricing up at different rates,” said Christopher Keegan (pictured), senior managing director, cyber and technology practice leader for Beecher Carlson, a Brown & Brown Company. “Some parts of the market are implementing co-insurance, others are opting to sub-limit ransomware coverage […] and there are other markets that are still providing full capacity for ransomware attacks, but they might be approaching the risk in a slightly different way by pushing up retentions.”
All of these changes are keeping brokers and agents on their toes. In such a dynamic marketplace, it really does pay to look around at multiple players to see who can offer the most favorable solutions, according to Keegan. Furthermore, brokers and agents are having to work a lot harder to access large limits, often requiring double the number of carriers on a coverage tower to reach the required level of limit for large accounts.
Brokers and agents are also having to encourage insureds (if they haven’t already done so) to implement cybersecurity controls, such as multi-factor authentication, file encryption, immutable back-ups, and utilizing endpoint detection and response tools in order to mitigate their cyber risk and appear in the most attractive light to the increasingly cautious underwriting community.
These days, most carriers will help insureds with cyber risk prevention and remediation by offering value-added services with their policies. When asked whether these services heavily influence what markets he’ll approach for clients, Keegan said they “definitely have an impact” but they’re part of a trio of factors that are “really critical” in that decision.
Read more: Cyber insurance claims explode in severity
“Those value-added services are certainly helpful and impactful in terms of helping our clients respond to cyberattacks and limit the damage that’s done,” Keegan told Insurance Business. “But in this market, when we’re seeing premiums go up and coverage being limited, the key factors at the end of the day continue to be the traditional key factors of price and coverage terms and conditions – they’re probably still weighing more heavily for brokers and agents than the value-added services that are being offered.
“I do think that moving forward we will see more and more involvement from brokers and carriers bringing partners to the table to help clients manage their cyber risk more effectively - especially in the middle market and upper-middle market, where clients perhaps don’t have full-size teams of IT security experts on board.”
Some insurance carriers have actually started to scan companies almost continuously, and, where they’re seeing exploits or vulnerabilities, they’re reaching out to insureds and asking them to fix them as soon as possible. Keegan commented: “That’s relatively new, and I think it’s going to be of great value to the marketplace. We do not just provide clients with a financial risk transfer mechanism; we can actually bolster their cyber defenses.”