At a time of heightened exposure to cyber-attacks, UK businesses are facing soaring premiums for their cyber insurance, contributing to cutbacks in other areas of the business. Some in the insurance sector believe that affordable cyber cover is going to be almost impossible to write in the future, as Zurich CEO Mario Greco told the FT last week.
Certainly, the pressure is on for companies active in online retail, banking, healthcare and energy infrastructure, where ransomware attacks are damaging in several ways. They cause problems with regulators, consumers demand compensation and reputations can be left in tatters after sensitive information is leaked online.
According to an independent survey by independent insurance buyer and claim expert, Mactavish, over half of large businesses (56%) who have prioritised cyber protection, said the rising policy costs have contributed to cutbacks to other parts of the business. Answers included reducing office costs and staff bonuses to cutting other types of insurance, indicating a wider impact on the risk profile of UK businesses.
While only 77% of companies surveyed believe they are covered against the risk of cyber-attacks, the situation is a concerted improvement from 2018 when only 30% of large businesses had cyber-specific insurance cover in place. Mactavish surveyed companies with over a 10m turnover, across industries including technology, manufacturing, aviation and maritime sectors, construction and Energy companies.
Although it’s clear that businesses are taking proactive measures to support against the risk of cyber-attacks, the insurance market conditions harder in 2022 than they were in 2018, meaning that the landscape isn’t set for easy adoption of cover. According to Marsh’s Q3 Pricing index, cyber insurance pricing increased 66% in the third quarter, following a peak increase of 102% year-over-year in the first quarter of 2022, rising faster in the UK than any other regional market.
The findings of the report are particularly troubling at a time of rising premiums for cyber insurance and falling confidence that insurers would pay out in the event of an attack, with a quarter (25%) of all businesses surveyed stating they didn’t think their insurer would pay out on a cyber claim. The survey found that the main blockers for adoption are the cost of insurance (56%), inadequacy of cover (30%) and distrust into claim pay-outs (25%), which could account for the 23% of companies who are still without cyber cover in 2022.
Looking at the previous twelve months, 79% of respondents revealed that they have experienced a cyber-attack, with 50% of those attacks resulting in a loss of data or revenue. When compared to Mactavish’s 2018 report on the same subject, businesses are 84% more likely to suffer a cyber-attack than they were four years ago.
Bruce Hepburn, CEO of Mactavish states: “It would be ignorant to disregard the turbulent landscape the business world is confronted with in the face of the longest hard market on record with insurers pumping up premiums and creating long lasting hard conditions for policyholders. However, corporates must ensure they are protected against potential risks. The reality is that cyber-attacks are on the rise – 79% of respondents have been victim to one in the past 12 months – and they can truly devastate a company who do not have adequate, reliable protection.
The impact of global crises, the war in Ukraine and the sustained impact of the pandemic mean that company risk profiles have changed and it’s important that businesses adjust their insurance policies to reflect this, or they’ll fall foul to a lack of protection at a time of increased vulnerability.”
The survey also reveals the war in Ukraine has led to a surge in UK businesses fearing major disruption as a result of a cyber-attack. The research found that 70% of UK businesses described the potential for a cyber-attack in the next 12 months as ‘considerable’ or ‘highly significant’, while nearly all (98%) of respondents admitted to feeling vulnerable to a cyber-attack as a direct impact of the war.
IT systems interruptions, data breaches and ransomware or cyber extortion were ranked respectively as the most pressing concerns.
Be the first to comment