Filed Under:Risk Management, Cybersecurity

7 challenges insurers face in the cyber insurance market

Why isn’t the sale of cyber insurance gaining momentum more quickly given the rising profile of the risk?

Cyber insurance remains a work in progress. Insurers need to overcome several obstacles to fully realize the upside potential of this problematic, yet promising market. (Photo: Shutterstock)
Cyber insurance remains a work in progress. Insurers need to overcome several obstacles to fully realize the upside potential of this problematic, yet promising market. (Photo: Shutterstock)

Conditions seem ripe for cyber insurance sales to take off given recent high-profile breaches and as more individuals fall victim to identity theft.

In fact, a recent international survey found the threat of cyberattacks is the biggest fear for businesses. Also, identity theft has become easier and more profitable for fraudsters. According to the Javelin 2016 Identity Fraud Study, fraudsters stole the identities of 13.1 million victims in 2015 and used them to spend $15 billion in fraudulent expenditures.

So, why have insurers generally remained cautious about writing cyber coverage, and why are potential buyer still hesitant to add the coverage to their insurance portfolios?

Obstacles and potential solutions

Cyber insurance remains a work in progress when it comes to assessing the risks carriers face and providing a clear and comprehensive set of products and services to attract more buyers, according to the new Deloitte report, "Demystifying cyber insurance coverage: Clearing obstacles in a problematic but promising growth market."

The Deloitte Center for Financial Services reviewed secondary research and spoke with a variety of insurance industry players to find out what steps the industry can take to help prospective buyers to understand their cyber risks and the role insurance could play in protecting consumers.  

Related: Cyber (in)security: Can insurance solutions keep pace with threats?

Deloitte's research revealed a number of challenges carriers face when undertaking the sale of cyber insurance. Here are seven obstacles and potential solutions that could lead to significant growth in the cyber insurance marketplace:

cyber insurance on screen with man and book

The insurance industry faces a reporting bias that is hard to translate into policies. (Photo: Shutterstock)

1. Lack of sufficient cyber data to enable accurate underwriting.

Most companies aren’t required by law to disclose breaches outside of those related to consumer data, so many hacks go unreported. As a result the insurance industry faces a rampant reporting bias that is hard to translate into policies.

Solution: To overcome this, insurers can implement risk-informed models as opposed to definitive predictive models and break down data silos across the industry to better pool underwriting resources.

Related: 5 essentials of a cyber liability insurance policy

man with umbrella fighting cyber risks

Insurers are wary of being overwhelmed by a large-scale cyber loss event. (Photo: Shutterstock)

2. Catastrophic accumulation of cyber exposures.

Some insurers may fear being overwhelmed by a sudden aggregation of losses, in which a third-party service that works with a wide swath of businesses gets hacked and leads to service failures for all of its users. This sort of systemic event could spell chaos for the insurance industry.

Solution: Insurers should consider implementing more rigorous underwriting policies to start minimizing aggregation risk.

Related: Do recent events foreshadow a large-scale cyber aggregated loss?

cyber insurance crystal ball

Cyber exposures continuously shift and grow. (Photo: Shutterstock)

3. Continuous evolution of risks that undermine exposures' predictability.

As underlying exposures continuously shift, insurers adapt to one type of attack only to face a new threat technique. This makes risk management an ongoing predicament. Operationally, innovations in business — like IoT and autonomous vehicles — also pose new cyber-attack possibilities that need to be assessed and insured.

Solution: The key to getting past this could lie in becoming a client’s full-service cyber risk manager as well as their chief risk-transfer vehicle. 

Related: Top cyber threats can shift by industry, but risk is universal

cyber insurance graphs

Many insurers have tunnel vision when it comes to writing cyber policies. (Photo: Shutterstock)

4. A narrow view of what constitutes cyber risk that limits the appeal of cyber insurance products.

Many insurers have tunnel vision when it comes to writing cyber policies, focusing primarily on marketing cyber products for personally identifiable data hacks and ignoring the many other cyber risks that company's face. This coverage is rapidly becoming commoditized and price-sensitive, limiting long-term insurer growth and profit potential.

Solution: To counteract this, insurers can differentiate products while raising risk awareness among buyers.

Related: Navigating the cyber insurance maze: Inside the obligations and caveats

risk mitigation

Cyber coverage is currently often written via customized policies, resulting in a lack of standarized policy terminology. (Photo: iStock)

5. Lack of standardization in defining and underwriting cyber risks.

Cyber coverage is often written via customized policies, resulting in different terminology from carrier to carrier. Concern over potential coverage gaps seems to be a major reason why many businesses that want and need cyber insurance are passing for now.

Solution: Insurers can overcome this by working together to create a standardized policy language.

Related: How carriers can unlock the multi-billion dollar cyber marketplace

Risk word on a tablet

Many consuners aren't even aware of the cyber risks they face. (Photo: Shutterstock)

6. Buyers often don't understand cyber risks or their insurance options.

Many consumers — and not just unsophisticated buyers running small businesses — often aren’t even aware of the cyber risks confronting them, let alone the insurance coverage options available.

Solution: The insurance industry should be more proactive in creating better-educated consumers and thereby encourage more businesses to implement risk-management programs and buy coverage. One way to accomplish this is by enhancing direct outreach efforts via marketing and advertising.

Cyber insurers can help support agents and brokers by providing risk awareness and loss control materials. These may include tip sheets, websites and podcasts, as well as referrals to cybersecurity specialists.

Related: More cyber liability education needed industrywide

Legal cyber folders

 Cyber coverage disputes haven't yet make their way through the court system. (Photo: Shutterstock)

7. The legal and regulatory landscapes remain in flux.

Cyber coverage case law isn't yet clear. Because cyber coverage disputes haven't made their way through the court system, buyers fear having to litigate a disputed claim due to differences over which policy applies or whether policy language indicates coverage. 

In addition, state regulations are often redundant or conflicting, resulting in potential exposures and coverage gaps. 

Solution: ISO noted that standardization in terminology could help avoid the potential for coverage disputes along with the lengthy and costly litigation that might result. In the long run, standardization should lower the chances for potential coverage disputes that raise claims management costs for insurers, undermine consumer confidence in the certainty of their coverage and hinder efforts to increase sales.

Related: 11 things to consider when crafting a cyber insurance policy

Featured Video

Most Recent Videos

Video Library ››

Top Story

Mitigating against the No. 1 natural disaster in the U.S.

Be proactive in mitigating losses from winter flooding by understanding the risk and types of coverage to protect against it.

Top Story

Cyber insurance soaring as risks rise

Insurance and financial services buy the most cyber insurance — but as the cost goes up, will that dampen desires to ease risk?

More Resources


eNewsletter Sign Up

PropertyCasualty360 Daily eNews

Get P&C insurance news to stay ahead of the competition in one concise format - FREE. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.