CyberCrimeSecuritySecurity Management

Hacking Insurance ‘Surges’ Amid Cyber Crime Fears

Tom Jowitt is a leading British tech freelance and long standing contributor to TechWeek Europe

Company fears over cybercrime stokes rise in cyber insurance policies, as European hack reporting rules loom

Fears about hacking and data breaches are contributing to the growing market for cyber insurance policies.

Indeed, such is the concern about online crime among organisations that the insurance market for cyber protection could triple to $10bn (£7.7bn) by 2020, according to figures from reinsurer Munich Re.

And a big driver on this side of the pond for cyber protection insurance policies is the new EU legislation called the Network and Information Security Directive, set to be introduced in 2018.

HSBC, security

Cyber Insurance

These new European Union laws will require companies to report cyber breaches to regulators and affected individuals.

This is because the new law requires “operators of essential services in the energy, transport, banking and healthcare sectors, and providers of key digital services like search engines and cloud computing, to take appropriate security measures and report incidents to the national authorities.”

This means that firms such as Google, Amazon and Microsoft have been classified as an essential service provider, alongside the likes of energy, banking, healthcare and transport companies, and will be required to report any attacks or breaches.

And it is laws like this that is helping reinforce the need for protection against cyber threats, which has mean that firms such as Allianz SE and Beazley Plc are now offering cyber protection policies.

Indeed, according to Bloomberg, insurers see coverage against hackers as one of their most promising markets, and they estimate that premiums will triple over the next four years.

“We are optimistic that it can develop into Allianz’s and the industry’s next blockbuster,” Hartmut Mai, chief underwriting officer for corporate lines at Allianz’s industrial insurance arm, told Bloomberg. “Cyber insurance is our key growth area at the moment.”

It seems that the need for cyber insurance policies are good news for the insurance industry, which is reportedly struggling to grow its established markets amid slow economic growth. Indeed, according to Bloomberg, insurance premium income stagnated in Europe last year and is expected to grow 1.3 percent next year, according to reinsurer Munich Re.

The company estimates that cyber insurance premiums could rise to between $8.5bn (£6.6bn) and $10bn (£7.7bn) by 2020 from about $3.4bn (£2.6bn) currently.

Allianz’s Mai reportedly said that his firm “currently writes a double-digit million-euro amount of cyber insurance premiums and recorded 28 percent growth last year.” He also predicted that cyber insurance policies could evolve into an industry bestseller.

“Cyber risk has become a boardroom issue over the past years, following some high profile hacker attacks,” Paul Bantick, head of cyber insurance at Beazley, was reported as saying. “We haven’t seen the big breaches at the retailers such as in 2015 or the large health-care breaches that occurred in 2016. Yet, there’s still a high frequency of smaller losses.”

Ransomware Threat

And it is not just cyber attacks and data breaches that firms have to contend with. Ransomware is one of the top threats keeping many IT managers awake at night.

Earlier this year for example a Freedom of Information (FOI) request revealed that 87 NHS Trusts in England, Scotland and Wales – just under 34 percent of the total – have been targeted by ransomware attacks within the last 18 months.

And IBM research last year found 70 percent of businesses infected with ransomware paid the ransom to regain access to data and systems.

Interestingly, the research found that over half of those paid over $10,000 (£8,000) and 20 percent paid over $40,000 (£32,000), showing that ransomware is a lucrative business indeed.

Read our guide here on avoiding ransomware and staying safe