latest-news-headlines Market Intelligence /marketintelligence/en/news-insights/latest-news-headlines/insurers-unfazed-by-downward-cyber-price-pressure-even-as-attacks-rise-82090969 content esgSubNav
Discover more about S&P Global’s offerings
In This List

Insurers unfazed by downward cyber price pressure even as attacks rise
Blog

Banking Essentials Newsletter: September 18th Edition

Loan Platforms: Securing settlement instructions and prioritising the user experience

Blog

Navigating the New Canadian Derivatives Landscape: Key Changes and Compliance Steps for 2025

Blog

Major Copper Discoveries


Insurers unfazed by downward cyber price pressure even as attacks rise

Despite recent declines, prices for cyber insurance remain sufficient to cover the risks insurers are assuming as the world faces a resurgence in ransomware attacks.

Cyber insurance rates in the first quarter fell 12% on average for UK clients of insurance broker Marsh LLC that have annual revenues of more than £200 million. That marked the fourth-consecutive quarter of rate declines, according to the broker's report on first-quarter cyber insurance trends. The drop is being driven by a combination of rising competition from new entrants and improved cybersecurity at the companies insurers cover.

There has been some concern that the price reductions are unjustified, given the heightened risk environment, but insurers remain confident premiums can still cover claims.

"We have seen rates decreasing, but they're definitely not at the same level as they were before 2020 and the rate decreases [are] also very much on the good risks and where there's a lot of competition," Vanessa Leemans, head of cyber for UK & Lloyd's at AXA XL, said in an interview during UK risk manager association Airmic's annual conference.

Risk and reward

Following a spike in ransomware attacks that began in 2020, insurers sharply increased prices and demanded customers bolster their cyber defenses as a condition of coverage. Some insurers now think that those cyber resilience efforts should be rewarded.

"It's right that where our clients are investing heavily in their IT security, the pricing reflects that increased investment they've made," said David Warr, cyber portfolio manager at QBE European Operations PLC.

Thanks to that push for resiliency, a recent rise in ransomware claims, following a lull in 2022, is not necessarily translating into more insurance claims. There has been a "significant surge" in the number of cyberattacks against a backdrop of global geopolitical instability, with one in five UK companies suffering attacks in the past year, said Emma Drouineau, sales manager at cyberrisk analytics firm CyberCube Analytics Inc. Claims from UK companies actually appeared to decrease, showing that UK firms "are starting to be increasingly vigilant when it comes to their cybersecurity measures," she said in an interview at the Airmic conference.

Leemans said AXA XL has not experienced a rise in cyber losses despite the uptick in attacks, indicating that clients have been successfully fending them off.

Insurers are also now more familiar with the cyberrisks they are taking on. They have done "a huge amount of work" to get a better handle on their exposures, and particularly how exposures could aggregate into a larger risk, according to Kelly Butler, Marsh's UK cyber leader.

"We've seen that the insurers are in a much better position to really understand their portfolio aggregation risk," she said.

Having asked for more in-depth risk information from clients in response to the 2020–2021 ransomware wave, confidence has increased.

"We've got more confidence in the data that we've got, as we've been able to gather more data around claims causation [and] which risk controls we should focus on with clients," Warr said.

Staying vigilant

Insurers still need to keep a close eye on claims and pricing in what is a rapidly changing risk environment.

"It's really something we've got to be vigilant on and make sure that we're continuing to provide a stable and sustainable product not just for this year but actually for the next five to 10 years," Warr said.

There is no shortage of triggers for cyberattacks and thus potential insurance claims. In addition to the continuing wars in Russia and Gaza, 2024 is a big election year, with more than half the world's population heading to the polls. CyberCube is expecting an increase in state-sponsored attacks on critical infrastructure, Drouineau said.

"The main concern is the potential for systemic attacks, targeting directly the public sector, government agencies, local governments and, more specifically, critical infrastructures globally," she said.

The cyberattack on Change Healthcare Inc., widely used in the US healthcare industry for functions such as billing, showed the potential for exposure to emanate from an insured company's suppliers. In general, cyberrisk from clients' supply chains is a trend, Butler said.

"We're certainly seeing a lot more [claims] notifications come into the market," she said. "Whether they develop into claims, time will tell."

In addition, the tools used by cybercriminals are evolving, not least because of the advent of generative artificial intelligence. Perpetrators of cyberattacks are "as intrigued around AI and its opportunities for them as we are from a business point of view," Butler said.