Filed Under:Risk Management, Cybersecurity

Ransomware’s good, bad and ugly impact on insurers

As cyber security breaches grow, so too do insurance industry loss ratios

By several accounts, the WannaCry ransomware attack had more bark than bite. But it still served as a stark warning of the potential global destruction that malware can unleash. (Photo: iStock)
By several accounts, the WannaCry ransomware attack had more bark than bite. But it still served as a stark warning of the potential global destruction that malware can unleash. (Photo: iStock)

The recent rise in ransomware attacks appears to be a mixed blessing for the insurance industry.

Consider the assertion that the number of ransomware events quadrupled between 2015 and 2016, according to a January study from Beazley, paired with Aon Benfield’s findings released earlier this month that the average cyber insurance loss ratio for insurers in 2016 was 57.7 percent, more than 16 percent higher than the previous year.

Related: Ransomware attacks leave businesses and insurers exposed

"For insurers providing cyber insurance, these results illustrate the potential for both extremely good and extremely bad underwriting outcomes, and underscore the importance of managing limits," according to the authors of the Aon report, Jon Laux, head of cyber analytics, and Craig Kerman, the company’s Global Cyber Practice Group director.

Plan for more — much more — of the same

Released just days before WannaCry ransomware virus infected roughly 300,000 computers in more than 150 countries, according to various news reports, Aon Benfield’s Cyber Update: 2016 Cyber Insurance Profits and Performance analizes data from the 138 insurers in the United States that underwrote cyber insurance in 2016, as collated by the National Association of Insurance Commissioners (NAIC).

The WannaCry incident looms large as a sign of where cybersecurity is headed.

"One of the challenges of cyber is that it is a very complex environment," Aon Risk Solutions Senior Vice President Jim Trainor said on the company’s business news website, The One Brief. “Bad actors use and exploit infrastructure both in and out of the United States. A lot of groups who conduct such criminal activity don’t reside in the U.S. This makes it increasingly challenging for both government and companies to protect themselves because those attacking them don’t actually reside in the locations in which they operate.”

Related: Insurance experts: WannaCry calls for tougher cyber security

The goal of Aon’s report is provide key information for insurers by surveying business performance and "illuminating both the profitability and volatility of cyber underwriting results."

Among the key takeaways from the report: The increasing severity of cybersecurity breaches is driving cyber insurance loss ratios.

"These results again emphasize the importance for insurers to manage their limits carefully as they grow in the cyber line," Aon researchers write in the report. "Larger portfolios are, on the whole, less swayed by large severity events, but offering larger limits is often a necessary step for growth."

On the upside for insurers, Aon determined that cyber insurance premiums grew roughly 30 percent between 2015 and 2016, to $1.34 billion.

Continue on...

Aon Benfield has determined that cyber insurance premiums grew roughly 30% between 2015 and 2016, to $1.34 billion. (Photo: iStock)

Aon Benfield has determined that cyber insurance premiums grew roughly 30 percent between 2015 and 2016, to $1.34 billion. (Photo: iStock)

WannaCry: The real takeaway

By several accounts, the WannaCry cyber attack had more bark than bite. One statement from the international cyber security company CYBERSCOUT (formerly IDT911) said that as it tracked the malware event, which unfolded between May 12 and May 17, 2017, analysts began to see how the impact would be less severe than they originally anticipated. According to a statement from the company: "Our response team quickly realized that a couple factors would minimize the damage."

Why? According to CYBERSCOUT:

  1. The hardest hit regions were using pirated or out of date Microsoft software. Most organizations in North America have kept up to date and were protected by the latest software patches.
  2. Most cyber underwriting won’t cover attacks to systems running unsupported, out of date, or not upgraded software, so the exposure was minimal in this case.

In the wake of this particular cyber attack, The Council of Insurance Agents & Brokers’ Cyber Insurance Market Watch Survey arrived with the finding that cyber insurance clients are becoming more savvy about exactly the kind of protection they need. These survey results determined that cyber insurance carriers can anticipate “a steady increase” in policy purchases.

The survey found that:

        • 32 percent of respondents’ clients purchased at least some form of cyber coverage.
        • 27 percent of respondents’ clients purchased cyber insurance for the first time in the past 6 months.
        • 44 percent of respondents’ clients increased their coverage in the past 6 months.
        • 76 percent of those with cyber insurance have standalone policies.

"As brokers become more experienced with cyber exposures, they are growing their knowledge of this new breed of risk," Ken A. Crerar, president and chief executive officer of The Council, said in a prepared statement. "This is a good sign, as brokers play an increasingly crucial role in both cyber risk mitigation and post-event response. The globally-launched WannaCry/WannaCrypt ransomware file encryption exploit is a prime example. Brokers are actively advising clients on the preventative steps to take now to increase the chance of escaping the virus, which has infected hundreds of thousands of systems."

See also:

7 challenges insurers face in the cyber insurance market

How risk modeling propels the cyber insurance market forward

6 tips for selling cyber insurance


WannaCry means gotta act: Lessons in ransomware’s wake

Ransomware and other evolving threats will increase in frequency and sophistication. Firms need a comprehensive cyber risk management strategy.

Featured Video

Most Recent Videos

Video Library ››

Top Story

5 things to know about the NAIC's new cybersecurity model law

The NAIC's newly-adopted Insurance Data Security Model Law provides guidance for carriers, agents, brokers and their business partners.

Top Story

5 insurance advisor marketing mistakes to avoid

The right marketing tactics can help insurance agents and brokers reach their goals.

More Resources


eNewsletter Sign Up

PropertyCasualty360 Daily eNews

Get P&C insurance news to stay ahead of the competition in one concise format - FREE. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.