The recent rise in ransomware attacks appears to be a mixed blessing for the insurance industry.
Consider the assertion that the number of ransomware events quadrupled between 2015 and 2016, according to a January study from Beazley, paired with Aon Benfield’s findings released earlier this month that the average cyber insurance loss ratio for insurers in 2016 was 57.7 percent, more than 16 percent higher than the previous year.
"For insurers providing cyber insurance, these results illustrate the potential for both extremely good and extremely bad underwriting outcomes, and underscore the importance of managing limits," according to the authors of the Aon report, Jon Laux, head of cyber analytics, and Craig Kerman, the company’s Global Cyber Practice Group director.
Plan for more — much more — of the same
Released just days before WannaCry ransomware virus infected roughly 300,000 computers in more than 150 countries, according to various news reports, Aon Benfield’s Cyber Update: 2016 Cyber Insurance Profits and Performance analizes data from the 138 insurers in the United States that underwrote cyber insurance in 2016, as collated by the National Association of Insurance Commissioners (NAIC).
The WannaCry incident looms large as a sign of where cybersecurity is headed.
"One of the challenges of cyber is that it is a very complex environment," Aon Risk Solutions Senior Vice President Jim Trainor said on the company’s business news website, The One Brief. “Bad actors use and exploit infrastructure both in and out of the United States. A lot of groups who conduct such criminal activity don’t reside in the U.S. This makes it increasingly challenging for both government and companies to protect themselves because those attacking them don’t actually reside in the locations in which they operate.”
The goal of Aon’s report is provide key information for insurers by surveying business performance and "illuminating both the profitability and volatility of cyber underwriting results."
Among the key takeaways from the report: The increasing severity of cybersecurity breaches is driving cyber insurance loss ratios.
"These results again emphasize the importance for insurers to manage their limits carefully as they grow in the cyber line," Aon researchers write in the report. "Larger portfolios are, on the whole, less swayed by large severity events, but offering larger limits is often a necessary step for growth."
On the upside for insurers, Aon determined that cyber insurance premiums grew roughly 30 percent between 2015 and 2016, to $1.34 billion.
Aon Benfield has determined that cyber insurance premiums grew roughly 30 percent between 2015 and 2016, to $1.34 billion. (Photo: iStock)
WannaCry: The real takeaway
By several accounts, the WannaCry cyber attack had more bark than bite. One statement from the international cyber security company CYBERSCOUT (formerly IDT911) said that as it tracked the malware event, which unfolded between May 12 and May 17, 2017, analysts began to see how the impact would be less severe than they originally anticipated. According to a statement from the company: "Our response team quickly realized that a couple factors would minimize the damage."
Why? According to CYBERSCOUT:
- The hardest hit regions were using pirated or out of date Microsoft software. Most organizations in North America have kept up to date and were protected by the latest software patches.
- Most cyber underwriting won’t cover attacks to systems running unsupported, out of date, or not upgraded software, so the exposure was minimal in this case.
In the wake of this particular cyber attack, The Council of Insurance Agents & Brokers’ Cyber Insurance Market Watch Survey arrived with the finding that cyber insurance clients are becoming more savvy about exactly the kind of protection they need. These survey results determined that cyber insurance carriers can anticipate “a steady increase” in policy purchases.
The survey found that:
- 32 percent of respondents’ clients purchased at least some form of cyber coverage.
- 27 percent of respondents’ clients purchased cyber insurance for the first time in the past 6 months.
- 44 percent of respondents’ clients increased their coverage in the past 6 months.
- 76 percent of those with cyber insurance have standalone policies.
"As brokers become more experienced with cyber exposures, they are growing their knowledge of this new breed of risk," Ken A. Crerar, president and chief executive officer of The Council, said in a prepared statement. "This is a good sign, as brokers play an increasingly crucial role in both cyber risk mitigation and post-event response. The globally-launched WannaCry/WannaCrypt ransomware file encryption exploit is a prime example. Brokers are actively advising clients on the preventative steps to take now to increase the chance of escaping the virus, which has infected hundreds of thousands of systems."