As more and more high-profile cyber attacks are identified, businesses are increasing their investment in cyber insurance to help mitigate their risk exposure in the event their data is hacked. According to U.S.-based insurance broker Marsh in its latest report, Benchmarking Trends: Cyber Attacks Drive Insurance Purchases for New and Existing Buyers, client spending on standalone cyber insurance increased 32 percent for the first half of 2015. Pricing for cyber insurance also increased — especially for industries that have experienced significant cyber losses.
Across specific business lines, spending grew significantly. Power and utility companies increased their growth rate 100 percent, nearly doubling their take-up rates for the same period in 2014. Universities and other education-based institutions saw a growth rate of 155 percent — a 90 percent change in their cyber insurance take-up rates over the previous year. Marsh notes that "school settings are ripe for cyber attacks due to the hefty amount of student and staff personnel information that is stored in a variety of places."
Following the Anthem hack earlier this year, spending by healthcare organizations increased to 41 percent in 2015, up from 37 percent in 2014. Based on the type of information health care providers hold, they are prime targets for cyber criminals who understand the opportunities shared data exposures present. There are also threats that exist because of individuals filing false healthcare claims with stolen data.
The hospitality and gaming industries, as well as the financial sectors experienced a 5-8 percent increase in cyber purchases for the first half of 2015 too. While financial institutions are already targets of cyber attacks, a new warning from Standard & Poor's stated that banks could run the risk of having credit ratings downgraded if an organization is unprepared for a cyber incident.
In the communications, media and technology (CMT) sector, companies with revenues over $1 billion purchased 50 percent more cyber coverage for the first six months of 2015 ($55.8 million) than during the same period in 2014 ($38 million). More sophisticated attacks have prompted companies in the CMT sector to escalate cyber spending, with companies purchasing an average of $18.1 million in cyber limits.
The retail sector, which has already seen a number of high-profile cyber attacks at Home Depot, Target, Michaels, and Lord & Taylor, experienced a 32 percent rise in the cost of cyber insurance. The average price increase was 19 percent for other business sectors. Healthcare firms experienced rate increases similar to the retail sector because of changes in the program structure, especially in the area of managed care.
The high-profile cyber breaches have gotten the attention of businesses, which are now being far more proactive in their risk management strategies. Corporate leaders recognize that it is no longer just an IT problem and that the most effective programs are implemented enterprise-wide.
According to Marsh, it is vital for organizations to assess their vulnerabilities, determine how they would respond in an actual cyber breach, and be proactive in preparing for this eventuality. Network security firm, FireEye, says attackers are quick to adapt as businesses change their cyber strategies. Companies are learning sooner if there has been a breach, but FireEye says hackers continue to utilize new techniques for each phase of an attack.
While overall capacity in the market is abundant at $500 million per risk, on average, large companies purchased only $30.4 million in coverage limits during the first half of 2015.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.