Cyber Liability Insurance Evolves as Risks Escalate

With cybercrime constantly on the rise, cyber liability insurance carriers face severe concerns about handling the onslaught. For example, ransomware attacks in the U.S. cost an estimated $623.7 million last year (Emisoft).

Moreover, last year’s costs to remediate those attacks rose to $1.5 million, double the previous year’s cost. Plus, 20 percent of small businesses fell victim to a ransomware attack.

In one year (March 2021 to February 2022), 153 million new malware samples hit the cyber landscape. So it’s little surprise that cyber-attacks compromised more than 86% of organizations in 2021.

And this kind of data, and the associated fallout, hasn’t gone unnoticed by cyber liability insurance carriers.

Cyber Liability Premiums Double

Not surprisingly, insurers have met the challenge with increased premiums. Many insurers doubled annual premiums to corporate clients, even without filing a claim. In addition, those increased premiums typically come with less coverage attached.

For instance, a small business might have paid $10,000 annually for $5 million of cyber liability coverage last year. Today, that same business likely pays nearly $20,000 for just $1 million of coverage.

Industry-wide, more than 80% of carriers reported increases in cyber claims in Q4 2021, with many of those claims ransomware-based. According to the Council of Insurance Agents and Brokers, that led to a premium increase of 34%. In addition, those increases reflected the 17^th straight quarter in which premiums rose.

The net impact is that loss ratios for cyber liability insurers jumped to nearly 70% over the last two years. That ratio offers little opportunity for profit, causing some insurers to pull out of the market altogether.

Indeed, concerns have increased so dramatically that many insurance providers fear “catastrophic risk.” In that event, a single incident affects systems globally because so many entities are attached to a handful of large providers.

For example, the NotPetya virus impacted the Microsoft Windows system, leading to $10 billion in global damage. In addition, last year’s supply chain attacks increased systemic risks. However, both pale compared to the potential and impact of a catastrophic risk event.

Carriers Take Additional Steps to Improve Loss Ratios

With such concerns on the rise, underwriters have apprehensions about policyholder exposure to networks and systems they can’t underwrite. So, they’re now inspecting vendor management, single-source suppliers, business continuity and disaster recovery, and cloud-based infrastructures.

It’s also led to carriers shuttering grants for business interruption coverage. At the very least, those coverages now see significant limitations. In addition, expanded business interruption coverage that handles IT vendors has also seen coverage retractions.

Other measures taken by cyber liability insurance providers include:

• Premium Increases: We’ve already mentioned the increases, but it bears repeating. Premium increases range from 30% to 150% and higher. But, again, industry, loss history, and security controls impact their magnitude.
• Retentions and Deductibles: Ten-fold increases are not unheard of, especially for middle-market and risk management organizations in specific industries. Small and medium-sized businesses have been spared the increases to an extent.
• Exclusions: Carriers have begun introducing event- and exploit-specific exclusions to their policies.
• MFA: Underwriters require that insureds have multi-factor authentication for coverage.
• Scans: Many providers now want network scans to ensure insureds have proper configurations for Remote Desktop Protocols (RDP) and secure email gateways.
• Capacity Constriction: Carriers now limit their exposure to large-scale events. For example, try finding a policy with $10 million coverage limits. Policy limits have typically been cut in half.

Some Industries Face the Risk of No Cyber Liability Coverage

It doesn’t end, however, with the restrictions just mentioned. Specific industries also face coverage changes. For example, companies with annual operating budgets of $100 million or more face significantly higher premiums but with half the previous limits. In addition, they’ll see higher retentions and more restrictive coverage grants.

Other industries may find obtaining coverage impossible. For instance, industries like manufacturing, construction, and wholesale distribution may not be able to acquire coverage regardless of premium, as they’ve encountered the most damage from ransomware losses and its associated business interruption costs.

Low-performing industry classes like municipalities, technology, utilities, education, manufacturing, and construction face non-renewals or no coverage options.

Underwriters Pay Attention to These Risk Factors

Apart from multi-factor authentication, underwriters focus on these concerns when pricing cyber liability insurance policies:

1. Closed RDP Ports:  RDP ports present significant vulnerabilities. Indeed, 50% or more of ransomware attacks stem from open RDP ports, according to CFC Underwriting. Therefore, unused ports must be closed. Those in use require a VPN and MFA.
2. Data Management: Underwriters look for segmentation, where data gets stored separately across multiple servers. As a result, if data becomes compromised, it’s limited to the data stored on a single server and not the entire system. That reduces your chances of a catastrophic loss. If you’re using a cloud services provider, it’s wise to ensure they have access controls in place.
3. Endpoint Detection & Response: With security concerns attached to remote workers, underwriters look for organizations that use EDR tools. These tools continuously monitor any device connected to your network to ensure they remain secure.
4. Data Backup: Data storage should be outside your primary network, preferably offline and off-site.
5. Risk Management: Underwriters want to know that you’ve prioritized risk management. What policies and procedures do you have in place? Who is in charge of your policies? Do you have a culture focused on security?

Ultimately, cyber liability insurance carriers now elect to scrutinize businesses more intensely to determine operational security.

Limiting Your Cyber Risk Exposure

Apart from how underwriters approach determining premiums and cyber liability insurance policies, you can take some critical steps to substantially reduce your exposure to cybercriminals. In particular, these steps will serve you well in the battle against cyber-attacks:

• MFA: Multi-factor authentication delivers a foundational component to any cybersecurity plan. You’ll see it mentioned time and time again. Why? It works.
• EDR: Another stalwart in the battle against cybercrime, EDR helps deflect attacks. Equally important, it enables faster and more efficient responses.
• Backups: Even if you can’t stop a cyber-attack, you can mitigate your response. Having proper backup helps you recover data in the event of a compromise, but it also helps avoid paying ransom demands.
• Privileged Access Management: The less access to sensitive data, the greater your protection. Least privilege access allows workers to access only what’s required to do their job – no more.
• Email Filtering: Email filtering identifies and blocks malicious emails and attachments. You should also use web filtering to block malicious websites. Both measures block the spread of malware.

Ultimately, the more layers of security you deploy, the better. In addition to the ones just mentioned, you can include cyber awareness training, incident response plans, vulnerability management, etc. Above all else, keep this in mind – the best security plan starts with a company culture focused on security.

IT Solutions for Small Business

Cybersecurity requires your utmost attention regardless of your organization’s size. But small businesses often face more substantial risks due to a lack of expertise or resources.

It pays to work with a managed IT provider that helps deliver various IT services while controlling your budget.

We work with SMBs throughout Pennsylvania as an IT company, focusing on Harrisburg, Lancaster, York, Carlisle, and surrounding areas. We can shore up your IT operations, especially security concerns, to reduce your cyber liability insurance premiums and ensure you get the coverage you need.