Cyber models falling behind risk curve, but carriers remain committed
Cyber insurance models may be ever less capable of handling rising security risks, enough to trigger widespread calls for change, but insufficient to chase many players from the field, a survey of US and UK insurers by security firm Panaseer has indicated.
Less than half of surveyed insurers claimed to be "very confident" in their cyber underwriting processes and 44% are only "somewhat confident," the survey showed. Some 9.5% are either "not that confident t" or "not at all confident," a figure that rises to 15% among UK respondents.
A full 74% of respondents across the two countries admit that their own "inability to accurately understand a customer’s security posture” is impacting price increases.
For a minority of respondence, the lack of confidence in risk modelling could eventual merit a backdown from the business line. Some 11% of UK respondents said they wouldn’t continue to offer cyber insurance in three years if their method of assessing risk did make a leap forward.
But a full 84% of survey respondents say they will hold the course, despite the palpable run-up in claims and the volatility in pricing and conditions that the rough and tumble market forces on players.
That market won't calm soon: 82% of insurers across the UK and US are expecting the rise in premiums to continue. Beyond their own doubts on underwriting, 78% of insurers blame the increasing cost of ransomware as a leading factor. The "increasing sophistication of cyber threat actors" is also at play, cited by 73% of participants, as are increased threats to software supply chains, named by 79%.
“The old way of doing cyber insurance is coming under pressure,” Panaseer security and risk expert Andreas Wuchner (pictured) said. “The industry needs a more mature approach to oversight, otherwise premiums will just continue to increase.”
Many of the insurer demands for change are focused on metrics. Some 87% or respondents seek a consistent industry-wide approach to analysing a customer's cyber risk using accurate security metrics and measures. This rises to 95% among US respondents. Similarly, 89% of insurers believe it would be valuable to have direct access to customer metrics and measures proving the status of their security controls.
Did you get value from this story? Sign up to our free daily newsletters and get stories like this sent straight to your inbox.
Already registered?
Login to your account
If you don't have a login or your access has expired, you will need to purchase a subscription to gain access to this article, including all our online content.
For more information on individual annual subscriptions for full paid access and corporate subscription options please contact us.
To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.
For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk
Editor's picks
Editor's picks
More articles
Copyright © intelligentinsurer.com 2024 | Headless Content Management with Blaze