Over the last two years, insurers have substantially increased cyber premiums leaving firms – which are considered “high-risk” – running for cover. The possibility of large losses has also compelled some brokerages to stop dealing with such firms.
Apart from these hikes, some US insurers have, in some cases, raised deductibles or limited coverage to $100 million, which has left many large companies exposed since hacks could lead to losses more than twice that amount.
The cost of getting cyber insurance – which covers the cost of credit monitoring, forensic investigations, settlements and legal fees – varies depending on the strength of a company’s security. However, the overall trend is pointing upwards.
Tom Reagan, an executive at
Marsh & McLennan Co.’s
Marsh broker unit, said: "Some companies are struggling to find the money to buy the coverage they want.”
Companies which are hit hard by increasing premiums include health insurers and retailers after high-profile organizations like Premera Blue Cross, Anthem, Home Depot and Target were breached.
According to Bob Wise of
Beazley Plc.’s cyber insurance division, hacked health insurers have had to face the most extreme increases and at renewal time, some premiums have even tripled.
After staying relatively unchanged in 2014, rates for retailers have increased 32 percent in the first half of 2015, according to data from Marsh.
But, even the large insurance companies have started to avoid writing policies for more than $100 million for customers who are deemed “risky,” and smaller firms have stopped selling cyber insurance to this group altogether.
The cap in coverage leaves companies like Target, which lost $264 million as a result of a data breach in 2013, paying out of their own pockets.
Anthem, the second-largest health insurer in the US, faced plenty of difficulties when trying to renew its coverage after a cyber-attack earlier this year compromised close to 79 million customer records.
Speaking at a hearing of the National Association of Insurance Commissioners in August, Thomas Zielinski, General Counsel for Anthem, also called renewal rates “prohibitively expensive.” In order to get $100 million in coverage, the company had to agree to pay the first $25 million of the cost for any future attacks, he said. Even though Anthem has not mentioned what the figure was earlier, it was probably much lower.
